08-17-2023 07:22 AM - last edited on 08-17-2023 11:07 AM by Translator
Hi,
have a problem with
C1111-4P.
Installed with
17.11.1a
All RSA Keys are min 2048 bits strong. Anyway, also
crypto
engine complience shield disabled.
But after all reload SSH, and
http secure-server
doesnt works anymore, i need to
zeroize
all keys and re-generate them all. Also the
snmp
user will be removed automatically after the reload.
Because all RSA keys are
2048+ strong
i dont have any warning mesage during the operation. Any idea, why
SSH and https + snmp
user will be destroyed after the reload?
Thank you.
Solved! Go to Solution.
08-17-2023 08:00 AM - edited 08-17-2023 08:00 AM
Looks for me you lost the config due to config registry
can you post show version complete or change the config register as suggested above document.
Also when you reboot, post complete boot log here.
08-17-2023 07:26 AM
i was thinking config may be not saved., check the reg option in show version
08-17-2023 07:29 AM - last edited on 08-17-2023 11:09 AM by Translator
hi it should be okay
Configuration register is
0x102
08-17-2023 07:44 AM
check config regsiter for all routers :
when you write config can you check running and startup comparing ? i am still thining some how config not writing.
Until any bugs reported 17.11 (not that i am aware)
But after all reload SSH, and http secure-server doesnt works anymore, i need to zeroize all keys and re-generate them all
how are you doing this config cosole ? or telnet ?
08-17-2023 07:49 AM - last edited on 08-17-2023 11:11 AM by Translator
ill do it then with console cable. After
zeroize
and re-generating
rsa
keys, and register
snmp
user again, works well, but only until the next reload. (or power loss, etc...)
08-17-2023 08:00 AM - edited 08-17-2023 08:00 AM
Looks for me you lost the config due to config registry
can you post show version complete or change the config register as suggested above document.
Also when you reboot, post complete boot log here.
08-17-2023 08:11 AM - last edited on 08-17-2023 11:11 AM by Translator
thanks. Changing confreg from
0x102 to 0x2102
helped. Now after reload everything fine
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide