Being trying to make a backup of a switch/router/ap I'm often getting stuck as archive tar /create ... fall on me with the Permission-denied error. Usually, this error caused by the private-config.text and multiple-fs which are mapped to virtual NVRAM (as well as config.text) and contain sensitive information about crypto keys and some other objects mapped to virtual NVRAM. Perhaps, these files considered as highly confidential, that's why even a user with L15 privileges have no access to simply read/copy or archive a file.
The issue relates to a bunch of devices such as Catalyst 2950, 2960, 3550, 3560, 3650, 3750, 3850, where the NVRAM is not truly physically present.
My question generally about access to the files and CLI syntax. I want to get the whole flash archived at the time without questions with one command to be able to deploy it later if needed with another one command.
Is there any way to exclude the problematic files from a target archive in order to avoid errors and interruption? Or instead, include particular files, e.g. encounter them in one string?
So far only the archive command lets to copy an accessible folder from a device to a TFTP-server without interruption due to the need for a parameter confirmation. It works satisfactorily with Ansible module RAW but only for a firmware which resides in a folder as the last parameter of the archive command is PATH_TO_DIRECTORY.
Any suggestions on appropriate methods to exclude the troublesome file from the archiving process?
Good day,I have a windows domain controller that has the DHCP role installed. The DHCP role issues out IP addresses,. I would now like like the cisco router to issue out IP addresses to clients within my domain. What is the process of setting this up ?Rou...
Hey, I need a bit of help. I need to set up a remote access port forward to a machine existing in a vrf. Because it's in a vrf I cannot use the interface command, I can only specify the wan IP. I have no option for a static IP so i ne...
Hello Team, We are configuring dot1x on ASR1001-x, the configuration is detailed below: Router(config)# dot1x system-auth-control
Router(config)# aaa new-model
Router(config)# aaa authentication dot1x default group radius
Currently have a nm-4g, 4 port sfp card installed in my C9300-24P, using g1/1 as my trunk uplink. I have the need for my fiber trunks leaving the switch than the nm-4g card can accommodate and have purchased the nm-8x, 8 port SFP card. This is...
Hello all... I have (20 9300's in a switch stack. They are in INSTALL mode with version cat9k_iosxe.17.03.04.SPA.bin I ran the following command: Switch# install add file flash:cat9k_iosxe.17.03.04.SPA.bin activate commit. I need ...