02-09-2012 04:36 AM
Hello,
I have secure shell access to all my routers on the network. Often i am making changes remotely and am always worried about locking myself out of the device. It has happened a few times when setting up aaa authenitication on the line tty 0 4
Is it possible to setup each device so i have an alternative way in remotely in case this happens? I.e for the servers we have an iLO IP address on each device. Is it possible to do anything like this on the routers maybe on a different port (aux port maybe).
regards,
Kevin
Solved! Go to Solution.
02-10-2012 12:48 AM
and because your are not the only one facing the problem, here is anther site giving some "Remote (in Band) configuration tips"
02-09-2012 03:22 PM
Most folks use the console port for this along with a console server to aggregate several devices' consoles. Several vendors make console servers - just google the term for a long list. I've had good experience with Avocent (formerly Cyclades) boxes. You can even use a Cisco router with async ports (like a 2800 series) for it.
02-10-2012 12:19 AM
on Cisco devices there are generally 2 methods to accomplish this:
1) if a device reload is acceptable, before doing the changes, issue the command "copy running start", than
"reload at" or "reload in"
make the config changes and if you are good, remove the reload command from the config;
http://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_r1.html#wp1078590
http://www.ieadvisor.com/cisco-ios-command-reload-at.html
2) starting with 12.3 there is the possibility to do a "config rollback", and "configure confirm"
a very good explanation with example is here:
http://www.fryguy.net/2011/06/06/cisco-archive-and-configure/
and the Cisco site about this command:
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtrollbk.html
02-10-2012 12:48 AM
and because your are not the only one facing the problem, here is anther site giving some "Remote (in Band) configuration tips"
03-01-2012 02:19 AM
Martin,
I should have opened two sessions and made the changes and tested as i went along. Too late now though and i am locked out of a few devices so i'll just have to make a site visit and take off the config locally. One piece of software i did use was called packet trap 360
http://download.cnet.com/PacketTrap-pt360-ToolSuite-Pro/3000-2651_4-10769728.html
I was able to write a few changes and push the config onto devices remotely. Worked really well for a few devices if you know the community strings.
regards,
Kevin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide