Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
449
Views
8
Helpful
5
Replies

Wrong AAA

yamaan
Level 1
Level 1

‎06-15-2004 02:55 AM - edited ‎03-02-2019 04:23 PM

This might not seem to be a smart question but "wrong" aa commands commands were pushed to 100`s of devices using RME Netconfig. The result was that no user is able to login to any of the devices.

The aaa commands were not saved but the command snmp-server system-shutdown is not there.

Any solution that spare visting each single device physically?

Labels:
0 Helpful
5 Replies 5

walderhaug
Level 1
Level 1

‎06-15-2004 04:34 AM

If you have a MIB browser you can manually access the device via snmp and trigger the device to copy the startup-config to the running config. (or the corrected cfg from a tftp server).

Unfortenately I don't remember the OID's to do so. (It's in the private MIB)

You have to do this one by one or make a script that do the job for you.

Depending on your AAA configuration it may also be an alternative to shutdown the tacacs server.

Tommy

steve.busby
Level 5
Level 5

‎06-15-2004 06:40 AM

Just went through something similiar, here's a link that gives the right OID:

http://www.cisco.com/cgi-bin/ViewFAQ.cgi?f=5806&1

And here's the steps to use if using CW2K

Server Configuration> Diagnostics> Connectivity Tools> SNMP Set>

and simply fill in the blanks.

Device Name = ip address

Your RW Community String

OID from above

Object Type: "String"

new value is the text.file you created

SNMP Version 2c

hth

yamaan
Level 1
Level 1
In response to steve.busby

‎06-15-2004 10:19 PM

I- When trying the command snmpset -t 10 -r 5 -c communityname hostname .1.3.6.1.4.1.9.2.1.53.10.

28.5.111 \octetstring configfile.txt

I recieve the following message

snmpset: Agent reported error with variable #1.

.iso.org.dod.internet.private.enterprises.cisco.local.lsystem.hostConfigSet.10.

28.5.111: SNMPv2: Commit failed.

II- There is no under Server Configuration> Diagnostics> Connectivity Tools

0 Helpful

steve.busby
Level 5
Level 5
In response to yamaan

‎06-16-2004 06:41 AM

Some things to look for or try:

- for "-c communityname" you did replace "communityname" with your actual read-write snmp community string?

- verify your tftp server is up and running, with the "configfile.txt" file in tftproot.

- Do you have ACLs on your device(s) that would prevent you from making the changes?

Can you provide your CW2K version & updates installed? I think you'll need to upgrade your CW Common Services to SP2.

0 Helpful

yamaan
Level 1
Level 1
In response to steve.busby

‎06-21-2004 03:54 AM

Thanks Steve.

I have already solved the problem using some 3rd party software (called SolarWinds) which uses CISCO-CONFIG-COPY MIB to download the congiuration edit it then upload it.

Since I know the rw community string and have SNMP access to the devices I was able to work it our easily

0 Helpful
Customers Also Viewed These Support Documents