cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5136
Views
0
Helpful
6
Replies

ssh not support on cat4500e-universalk9.SPA.03.04.01.SG.151-2.SG1.bin

Desong Yang
Level 1
Level 1

cat4500e-universalk9.SPA.03.04.01.SG.151-2.SG1.bin installs on cisco 4500E with SUP7-E, the license level is enterservice, but can't find and use "crypto key generat rsa " to enable ssh in CLI. Who can resolve it? thinks!!!

2 Accepted Solutions

Accepted Solutions

sansarav720e
Level 1
Level 1

Dear Yang ,

               Could you please paste extract of following command from your device ?? . I suspect your switch is running on base license without K9 image .

show version

show bootflash

show bootvar

HTH

Santhosh Saravanan

HTH Regards Santhosh Saravanan

View solution in original post

You have both k9 (supports crypto, including ssh) and non-k9 (no ssh support) images in bootflash. Your running version is NOT the k9 version. If it was, your "show version" output would start like this:

#show ver

Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)

...and include the paragraph about cryptographic features:

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

Additionally you have config-register 0x2101 = boot into bootstrap (rommon). You would normally use 0x2102 = boot into image specified in boot variable.

View solution in original post

6 Replies 6

sansarav720e
Level 1
Level 1

Dear Yang ,

               Could you please paste extract of following command from your device ?? . I suspect your switch is running on base license without K9 image .

show version

show bootflash

show bootvar

HTH

Santhosh Saravanan

HTH Regards Santhosh Saravanan

James Neilson
Level 1
Level 1

Try

set crypto key rsa 1024

glen.grant
VIP Alumni
VIP Alumni

  Follow this link. Do you have the AAA new model command and your passwords  and or tacacs set ?

http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#diagram

Desong Yang
Level 1
Level 1

Switch#sh version
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 05-Dec-12 05:58 by prod_rel_team

Cisco IOS-XE software, Copyright (c) 2005-2010, 2012 by cisco Systems, Inc.
All rights reserved.  Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0.  The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY.  You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0.  For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.

ROM: 15.0(1r)SG5
Switch uptime is 24 minutes
Uptime for this control processor is 26 minutes
System returned to ROM by reload
Running default software
Jawa Revision 7, Snowtrooper Revision 0x0.0x1C

Last reload reason: Admin reload CLI

License Information for 'WS-X45-SUP7-E'
    License Level: entservices   Type: Evaluation
    Next reboot license Level: entservices

cisco WS-C4510R+E (MPC8572) processor (revision 10) with 2097152K/20480K bytes of memory.
Processor board ID FXS1716Q0UM
MPC8572 CPU at 1.5GHz, Supervisor 7
Last reset from Reload
1 Virtual Ethernet interface
276 Gigabit Ethernet interfaces
14 Ten Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.

Configuration register is 0x2101

Directory of bootflash:/

73762  -rw-   119576292  Jul 27 2013 20:04:41 +00:00  cat4500e-universal.SPA.03.04.00.SG.151-2.SG.bin
73763  -rw-   125216116   Sep 4 2013 00:16:48 +00:00  cat4500e-universalk9.SPA.03.04.01.SG.151-2.SG1.bin

831541248 bytes total (586387456 bytes free)

Switch#sh redundancy
Redundant System Information :

------------------------------
       Available system uptime = 24 minutes
Switchovers system experienced = 0
              Standby failures = 0
        Last switchover reason = none

                 Hardware Mode = Duplex
    Configured Redundancy Mode = Stateful Switchover
     Operating Redundancy Mode = Stateful Switchover
              Maintenance Mode = Disabled
                Communications = Up

Current Processor Information :
------------------------------
               Active Location = slot 5
        Current Software state = ACTIVE
       Uptime in current state = 23 minutes
                 Image Version = Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 05-Dec-12 05:58 by prod_r
               BOOT = bootflash:cat4500e-universalk9.SPA.03.04.01.SG.151-2.SG1.bin,12;
        Configuration register = 0x2101

Peer Processor Information :
------------------------------
              Standby Location = slot 6
        Current Software state = STANDBY HOT
       Uptime in current state = 21 minutes
                 Image Version = Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 05-Dec-12 05:58 by prod_
               BOOT = bootflash:cat4500e-universalk9.SPA.03.04.01.SG.151-2.SG1.bin,12;
        Configuration register = 0x2101

You have both k9 (supports crypto, including ssh) and non-k9 (no ssh support) images in bootflash. Your running version is NOT the k9 version. If it was, your "show version" output would start like this:

#show ver

Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)

...and include the paragraph about cryptographic features:

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

Additionally you have config-register 0x2101 = boot into bootstrap (rommon). You would normally use 0x2102 = boot into image specified in boot variable.

thank you very mach!!!  your solution is right.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: