Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
32178
Views
5
Helpful
13
Replies

Why i can not command show run on cisco switch

Go to solution
jeerapotb
Level 1
Level 1

‎10-27-2016 08:53 PM - edited ‎03-10-2019 12:44 AM

 On one switch i found that  some command as these show run or copy running-config tftp: on cisco switch WS-C2960X-24TS-L not work it show follow below. How I can use the command then show as generally.Thank  you.

Building1_FAA_6F_SW3#sh run
Building configuration...

Current configuration : 100 bytes
!
! No configuration change since last restart
!
boot-start-marker
boot-end-marker
!
!
!
!
!
!
end

---------------------------------------------------

Building1_FAA_6F_SW3#copy running-config tftp:
                                               ^  
% Invalid input detected at '^' marker.

4 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to jeerapotb

‎11-04-2016 05:55 PM

OK, so the information that you provided in your last posts confirms that the privilege level that you get via telnet/vty is different than the one that you get via console. This is due to the AAA configuration which is applied to the vty ports but not on the console port. 

So if you want the same rules to apply to the console port then you need to configure the console port for AAA as well. 

If you don't want these rules to apply then you need to remove the AAA configurations. The quickest way to remove these is by typing "no aaa new-model" However, be very careful not to lock yourself out of the device. Make sure that you have local accounts with privilege level 15 and that you also know the enabled password/secret. 

I hope this helps!

Thank you for rating helpful posts!

View solution in original post

0 Helpful
13 Replies 13

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎10-27-2016 09:10 PM

If on the command line you type "?"  what have you got available?

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

Go to solution
jeerapotb
Level 1
Level 1
In response to Dennis Mink

‎10-27-2016 09:17 PM

Building1_FAA_6F_SW3#?
Exec commands:
<1-99> Session number to resume
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
clear Reset functions
connect Open a terminal connection
crypto Encryption related commands.
disable Turn off privileged commands
disconnect Disconnect an existing network connection
do-exec Mode-independent "do-exec" prefix support
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
name-connection Name an existing network connection
ping Send echo messages
rcommand Run command on remote switch
release Release a resource
renew Renew a resource
resume Resume an active network connection
set Set system parameter (not config)
show Show running system information
ssh Open a secure shell client connection
systat Display information about terminal lines
tclquit Quit Tool Command Language shell
telnet Open a telnet connection
terminal Set terminal line parameters
traceroute Trace route to destination
tunnel Open a tunnel connection
where List active connections

0 Helpful

Go to solution
jeerapotb
Level 1
Level 1
In response to jeerapotb

‎10-27-2016 11:47 PM

edited.

0 Helpful

Go to solution
jeerapotb
Level 1
Level 1

‎10-27-2016 11:46 PM

Sorry,I forget to say that if i connect via console the command can show as normal. this problem occur when i telnet to the switch.

0 Helpful

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to jeerapotb

‎10-31-2016 07:32 PM

It looks like AAA is configured for the VTY lines on this device but not the console port. Thus, when you connect via the console you have full access/privilege while via telnet/vty your access is limited. We can confirm this by doing the following:

1. Login to the device via console

2. Issue "show run | i aaa" and post the output here

Thank you for rating helpful posts!

Go to solution
jeerapotb
Level 1
Level 1
In response to nspasov

‎11-01-2016 11:35 PM

This is the output

#sh run | i aaa
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa authorization commands 7 default local
aaa session-id common

0 Helpful

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to jeerapotb

‎11-02-2016 09:47 AM

OK so AAA is definitely configured on the device. Can you also post the following:

show run | sec line

show run | sec radius

show run | sec tacacs

if the above commands do not work then try

show run | b line 

show run | i radius

show run | i tacacs

Also:

show privilege while you are using telnet

show privilege while you are using console

Thank you for rating helpful posts!

0 Helpful

Go to solution
jeerapotb
Level 1
Level 1
In response to nspasov

‎11-03-2016 02:45 AM

the output via console

#sh run | b line
line con 0
password 7 071878184B0310530349582C5D7E7E77
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password xxxxxxx
line vty 5 15
password xxxxxxx
!
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
!
wsma agent notify
profile httplistener
profile httpslistener
!
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
ap group default-group
end

#sh run | i radius
#sh run | i tacacs

#sh privilege
Current privilege level is 15

the output via telnet

#sh privilege
Current privilege level is 7

0 Helpful

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to jeerapotb

‎11-04-2016 05:55 PM

OK, so the information that you provided in your last posts confirms that the privilege level that you get via telnet/vty is different than the one that you get via console. This is due to the AAA configuration which is applied to the vty ports but not on the console port. 

So if you want the same rules to apply to the console port then you need to configure the console port for AAA as well. 

If you don't want these rules to apply then you need to remove the AAA configurations. The quickest way to remove these is by typing "no aaa new-model" However, be very careful not to lock yourself out of the device. Make sure that you have local accounts with privilege level 15 and that you also know the enabled password/secret. 

I hope this helps!

Thank you for rating helpful posts!

0 Helpful

Go to solution
jeerapotb
Level 1
Level 1
In response to nspasov

‎11-06-2016 05:23 PM

I get it and thank you I really appreciate your help.

0 Helpful

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to jeerapotb

‎11-06-2016 05:39 PM

No problem! Let us know if you have any other questions with this. If not, you should mark the thread as "answered" :)

0 Helpful

Go to solution
Antonio Rodriguez
Level 1
Level 1
In response to nspasov

‎08-29-2022 02:37 PM - edited ‎08-29-2022 02:41 PM

i do have the same issue while connected via console but still not working and aaa is not activated, and show run command displays partially and workaround is by using ter len 0 but not pretty helpful when trying to display portions of config too often.... any idea?

 

AntonioRodriguez_0-1661809040892.png

 

0 Helpful

Go to solution
ItachiUchiha
Level 1
Level 1

‎12-01-2021 07:49 AM - edited ‎12-01-2021 07:50 AM

For anyone still getting this problem or a similar issue, I just did the enable command and that worked perfectly.

Have a great day!

0 Helpful
Customers Also Viewed These Support Documents