Re: Problem logging on to the router

royalblues · ‎08-17-2006

Hi

I had a 2621XM router running the IOS version 12.2(8)T5. I used to receive lot of CPU hog messages and it was suggested that i upgrade the IOS. I have upgraded the IOS to 12.2(37) GD

all my local usernames were configured with the secret option

eg. username admin privilege 15 secret XXXX

after loading the new IOS, i received errors for the secret option because of which i am unable to log in to the router now. Both my VTY lines and console was configured with login local.

Is there any option available to log on the router. i cannot do a password recovery as this is a production router.

Thanks in advance

Narayan

Richard Burts · ‎08-17-2006

Narayan

Do you have that router configured so that you have SNMP write access to it. If so you may be able to use SNMP to update the router and create userID with valid password.

HTH

Rick

HTH

Rick

royalblues · ‎08-17-2006

Hi rick

Unfortunately our company policy does not allow us to have write community strings configured on the devices.

Any other way you think of. it would be difficult for me to get another downtime for password recovery

Richard Burts · ‎08-17-2006

Narayan

There are perhaps a couple of options to try. Is it possible that the AUX port is active and was not configured with login local? Or is it possible that there are VTY ports that were not configured with login local (some versions of the IOS support more than the standard 5 VTY ports - I have seen some implementations where vty 0 4 were configured one way and vty 5 15 were not configured that way)? Is it possible that any user ID did not error out and might be used to login to the router?

HTH

Rick

HTH

Rick

royalblues · ‎08-17-2006

Rick,

I was also thinking of logging on through the AUX port as it is not configured with login local. i dont have a robotics modem and i dont think any other modem can be used without proper string settings on the Aux port for which i need the login again.

Regarding the no of vty lines, i have tried that already.

i think i have to get a downtime for password recovery. What i dont understand is the fact that the new IOS is not supporting a feature supported by the old IOS.

Narayan

Richard Burts · ‎08-17-2006

Narayan

Your response seems to believe that you need a modem to access the AUX port. While the origional implementation of the AUX was indeed for modem use when Cisco transitioned the connector from the DB25 to the RJ45 it became possible to connect to the AUX port with a normal console cable. I suggest that you try connecting to the AUX port with your console cable and see if it works.

HTH

Rick

HTH

Rick

b-ulrich · ‎08-17-2006

Hi, if vty 5 15 are not specified with a password, you may get 'password required but none set' reply. Also you would need to tie up vty 0 4 by having 5 telnet sessions up to the router, then try to get in on vty 5. I have never tried this but think this is how it would work. You should be able to password recover in less than 5 mintues during some kind of maintenance window as a last resort.

m-haddad · ‎08-17-2006

Hello,

Why don't u reboot the router in ROMMON mode and change the config register to 0x2142 and then load the router. After the router loads just copy start-up config to the running config change the passwords and change the config register to 0x2102 and then reload the router.

Please let me know if this solves the problem and rate,

Thanks,

royalblues · ‎08-17-2006

If you had gone through my previous posts, you would have come to know that the password recovery is my last option as i will have to reboot the router which affects production.

I will try Ricks suggestion of conencting the console cable to the AUX port and see if it works.

Narayan