Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
21274
Views
10
Helpful
6
Replies

Push Configuration by SNMP

Go to solution
holgerseiler
Level 1
Level 1

‎10-25-2010 12:48 AM - edited ‎03-06-2019 01:42 PM

Hi all,

I have a problem with a network device. A colleague configured the device without "aaa new model" but activated at the vty lines the command "transport input ssh". At this point I have no access to this device. Ma idea is to push the command transport input all at the vty lines, but I don't know how I could realize it. Could anybody give me any support?

Thanks and kind regards

Holger

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
phiharri
Level 1
Level 1
In response to holgerseiler

‎10-25-2010 05:47 AM

Hi Holger,

HP OpenView is just mentioned as an example, you can use any standard SNMP tools to achieve the same result, eg. Net-SNMP under Windows, OSX or Linux. The only other requirement is a TFTP server that is IP reachable from the device you need to recover.

In this example is a number chosen for this config-copy request, and remains the same for each command.


$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.2. i 1
ccCopyProtocol set to TFTP

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.3. i 1
ccCopySourceFileType = 1 = networkfile

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.4. i 4
ccCopyDestFileType = 4 = running-config

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.5. a
Set TFTP server address

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.6. s ""
Set filename

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.14. i 1
Start copy

Once copy is complete, good idea to delete the copy job and verify it no longer exists

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.14. i 6
$ snmpget -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.14.
SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.14. = No Such Instance currently exists at this OID

The file is copied into running-config in the same way as 'copy tftp: run' so will not replace the existing config but merge the entries from your file.

Edit: Also, it'd be a good idea to test this first by reversing ccCopySourceFileType and ccCopyDestFileType to copy the current running to your TFTP server, then you can confirm the process works and see what needs editing in the config!

/Phil

View solution in original post

6 Replies 6

Go to solution
phiharri
Level 1
Level 1

‎10-25-2010 03:37 AM

Hey Holger,

If you still have access to an SNMP community with write access, the following document gives some steps for using CISCO-CONFIG-COPY-MIB to achieve that:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_configuration_example09186a0080094aa6.shtml

Hope this helps,

/Phil

0 Helpful

Go to solution
holgerseiler
Level 1
Level 1
In response to phiharri

‎10-25-2010 05:09 AM

Thanks for the answer,

the problem is that the document explains the solution for the HP Openview software. I don't have this software. So is it possible to push the confoguration by an freeware or an tftp tool?

Regards

Holger

0 Helpful

Go to solution
phiharri
Level 1
Level 1
In response to holgerseiler

‎10-25-2010 05:47 AM

Hi Holger,

HP OpenView is just mentioned as an example, you can use any standard SNMP tools to achieve the same result, eg. Net-SNMP under Windows, OSX or Linux. The only other requirement is a TFTP server that is IP reachable from the device you need to recover.

In this example is a number chosen for this config-copy request, and remains the same for each command.


$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.2. i 1
ccCopyProtocol set to TFTP

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.3. i 1
ccCopySourceFileType = 1 = networkfile

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.4. i 4
ccCopyDestFileType = 4 = running-config

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.5. a
Set TFTP server address

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.6. s ""
Set filename

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.14. i 1
Start copy

Once copy is complete, good idea to delete the copy job and verify it no longer exists

$ snmpset -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.14. i 6
$ snmpget -v2c -c 1.3.6.1.4.1.9.9.96.1.1.1.1.14.
SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.14. = No Such Instance currently exists at this OID

The file is copied into running-config in the same way as 'copy tftp: run' so will not replace the existing config but merge the entries from your file.

Edit: Also, it'd be a good idea to test this first by reversing ccCopySourceFileType and ccCopyDestFileType to copy the current running to your TFTP server, then you can confirm the process works and see what needs editing in the config!

/Phil

Go to solution
holgerseiler
Level 1
Level 1
In response to phiharri

‎10-26-2010 12:33 AM

Hi Phil,

thank you very much for your support. It seems net-snmp is working, but I have a problem with the response time of the network device. snmpget give the failure of a Timeout: No Response from ge31ccm01.ipteurope.org. But with the snmp tool netcrunch I have response from the device without any problems. NetCrunch is possible to display all informations of this cisco router. I don't know anymore .

Kind regards

Holger

0 Helpful

Go to solution
phiharri
Level 1
Level 1
In response to holgerseiler

‎10-26-2010 07:48 AM

Hey Holger,

Glad to help! If you have the right SNMP version, community string, and SNMP access isn't restricted on the device by an ACL or view then Net-SNMP should work fine.

You can increase the timeout with the -t parameter, I think the default is just one second.

Do you get a response with 'snmpget -v2c -c -t 10 sysUpTime.0' for example?

/Phil

0 Helpful

Go to solution
Robert Placencia
Level 1
Level 1
In response to phiharri

‎07-05-2019 11:53 AM

Thanks Phiharri!

 

After following multiple incorrect guides I found your post which had a good working example.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card