07-03-2009 03:39 AM - edited 03-11-2019 08:50 AM
Hi!
I need to gain access to admin context which is located on FWSM module. I don't know it IP-addresses, because other man performed configuration before me. The command "session slot" didn't help me:
session slot 3 processor 1
The default escape character is Ctrl-^, then x.
You can also type 'exit' at the remote prompt to end the session
Trying 127.0.0.31 ...
% Connection refused by remote host
There are two other contexts on it (not admin). I can log to this contexts. But I can't âchangetoâ admin context because of privileges absence.
My question is the next. Is it possible to log to admin context in my situation without resetting the module? How?
Solved! Go to Solution.
07-06-2009 03:25 AM
0x105A978 10.X.1.Y:23 10.X.28.Y:22498 ESTAB
0x105B53C 10.X.0.Z:23 10.X.48.Z:1121 ESTAB
You would see 127.0.0.31 as the IP address for the module in slot 3. But, I do not see that in the output.
If you reload the blade I am sure you will be able to session in after which you can upgrade.
If you are not sure of the password to session in the only way is to do password recovery.
You can read here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/troubl_f.html#wp1049302
07-03-2009 05:50 AM
Are you sure the module is in slot 3? Could you check on the switch config if telnet is not an allowed transport input under the line vty 0 4 config?
From the swtich you can try to do
#sh tcp brief all
and then
#clear tcp tcb
and then try to session in. This is the only way to get to the admin context if you do not remember the IP add to the admin context.
You are right, you cannot change to from other context if it is not designated as the admin context.
I am not sure what code you are running in the FWSM but, read up this defect
CSCsj82547 Management sessions to the FWSM are refused but should be allowed
fixed in 3.2.2
07-05-2009 11:08 PM
Hi!
I am sure that the module is in the slot 3. There are no idle connection on the switch. FWSM code is 3.2.1. But I can't upgrade to 3.2.2 because I don't have access to system context.
mvz-rd-csw1-b1a#sh tcp brief all
TCB Local Address Foreign Address (state)
0x105A2A8 0.0.0.0:23 0.0.0.0:0 LISTEN
0x1090B40 0.0.0.0:80 0.0.0.0:0 LISTEN
0x1059420 0.0.0.0:113 0.0.0.0:0 LISTEN
0x1078C38 0.0.0.0:544 0.0.0.0:0 LISTEN
0x1058F48 0.0.0.0:1979 0.0.0.0:0 LISTEN
0x1098E10 0.0.0.0:1989 0.0.0.0:0 LISTEN
0x1098938 0.0.0.0:1992 0.0.0.0:0 LISTEN
0x105A978 10.X.1.Y:23 10.X.28.Y:22498 ESTAB
0x105B53C 10.X.0.Z:23 10.X.48.Z:1121 ESTAB
0x105A780 ????:23 ????:0 LISTEN
07-06-2009 03:25 AM
0x105A978 10.X.1.Y:23 10.X.28.Y:22498 ESTAB
0x105B53C 10.X.0.Z:23 10.X.48.Z:1121 ESTAB
You would see 127.0.0.31 as the IP address for the module in slot 3. But, I do not see that in the output.
If you reload the blade I am sure you will be able to session in after which you can upgrade.
If you are not sure of the password to session in the only way is to do password recovery.
You can read here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/troubl_f.html#wp1049302
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide