Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

aaa new-model - Urgent

One of my colleague accidently entered "aaa new-model" in device and the device got locked since no username/password was configured on the device. Now the device is locked and we can't login. Its a core device. Please let me know how to resolve this issue without a reboot.

5 REPLIES
Bronze

Re: aaa new-model - Urgent

Telnet might be inaccessible , but have you tried the console and the aux port ?

If SNMP is configured and you have SNMP read-write access, you will be able to change it with CiscWorks RME's netconfig. Depending on the device model, you might also have access via CiscoView to change it.

Hope this helps.

New Member

Re: aaa new-model - Urgent

Console and aux also locked.

We have snmp read-write strings configured on the device and we have Infovista installed.

any idea how we change device configuration using Infovista?

Thanks in advance

AneesH

Bronze

Re: aaa new-model - Urgent

I asked someone who knows Infovista, and they don't think Infovista can help you there. But you might have better luck with the Cisco SNMP tool. (http://www.download.com/3001-2085_4-10766976.html?spi=693070cc3af80f0d848188bfff95254b)

It allows you upload a new config, which is something you can do.

Cheers

New Member

Re: aaa new-model - Urgent

guys, a good news. It worked finally from TFTP server. But we had to get the help of Cisco TAC. Will share the detailed commands and details later. Thank you very much JANSEN..

You've been really helpful.

New Member

Re: aaa new-model - Urgent

To summarise what I did for everyone, I attempted to unset 'aaa new-model' from the config via SNMP.

First, I created a new file in /var/tftp/ called 'no_aaa'. The contents of this file were :

--

no aaa new-model

user test pass 0 test

--

Once this was done, we then issued the following command:

snmpset -t 60 -c RW_STRING ROUTER_NAME .1.3.6.1.4.1.9.2.1.53.X.X.X.X s no_aaa

Where

RW_STRING - Read/Write SNMP community string ROUTER_NAME - The hostname or IP of the router X.X.X.X - The IP address of the TFTP Server.

222
Views
3
Helpful
5
Replies
CreatePlease login to create content