Re: Cisco Catalyst 3850 Command Deprecation

vondoom2 · ‎08-15-2023

I have test switches at work that are used for Network Connectivity to prove out the cables inside our test enclosures. We have a test script that we run that closes down all the interfaces at once and then opens them one at a time and pings each connected interface. At the end of the test, we perform a 'copy start run' to restore the switch to its initial startup configuration. However, when 'copy start run' is performed the following messages:

Switch# copy start run
WARNING: Command has been added to the configuration using a type 7 password. However, type 0 passwords will soon be deprecated. Migrate to a supported password type.
%AAAA-4-CLI_DEPRECATED: WARNING: Command has been added to the configuration using a type 7 password. However, type 0 passwords will soon be deprecated. Migrate to a supported password type.
%SYS-5-CONFIG_P: Configured programmatically by process Virtual Exec from console as vty0 (XXX.XXX.XXX.XXX)
% Bad IP Address or host name% Unknown command or computer name, or unable to find computer address

I am unsure what password is being referred to as there isn't one set. Also, I can't understand why my 'copy start run' command doesn't appear to working. I will mention that the Switch iOS XE Software Version is 16.12.05b and previously we were using 3850s that were Cisco IOS XE Software Version 16.06.05. Can anyone help me to understand why 'copy start run' is no longer working on our Catalyst 3850 switches. As a work around, we have to telnet in on Gi1/1/2 and do a reload or manually restore each interface. Reload is the easier of the two, for now.

Flavio Miranda · ‎08-15-2023

Hi @vondoom2

It can be related to TACACS keys. If you are using TACACS, take a look on this other thread

https://community.cisco.com/t5/switching/3850-fuji-16-9-code-tacacs-configuration/td-p/3831896

balaji.bandi · ‎08-15-2023

how does your AAA config looks like -

suggest to always read the release notes before upgrading any IOS code

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/16-12/release_notes/ol-16-12-3850.html

If you have access to device - remove the AAA config and re-apply to fix the issue.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

vondoom2 · ‎08-16-2023

The switch wasn't upgraded. This particular switch was given to us as is, pre-installed into the test enclosure, but the higher IOS version was something I noticed right away. I will check out your link and let you know how I make out. Thank you for the help.

vondoom2 · ‎08-16-2023

So I found in the configuration file after reviewing the switch's config log file that we generated that there is a command "vlan internal allocation policy ascending" that the switch was unhappy trying to execute from the configuration file we use and I removed it from the file. Also, I made an update to the configuration where I updated the password and set it to enable secret XXXX and that cleared up all the unhappy messages regarding Type 0 and type 7 encryption. My only problem now is that when I do a "copy start run" to restore the switch to default back to startup-config file saved to flash the command executes, but none of my config file settings restore.

balaji.bandi · ‎08-17-2023

after copy write the config, and compare startup vs running see any difference ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

vondoom2 · ‎08-17-2023

So in my config file we have where all the connected ethernet ports are 'no shut' and up because of the communication with the devices they're connected to. During our test each one of those ports are shut down, so that we can test each port individually, primarily to prove the correct cables are connected and routed correctly. And at the end of the test it's supposed to do a 'copy start run' to restore all those shut down interfaces back to the up state. However, that is not happening now. Now when I use 'copy start run' the command is taken and the bytes are shown at the bottom of the command line, but the interface states are not changing. I was reading that 'configure replace' or 'configure replace flash:XXXX' is what I should be using now. I tried it out and 'configure replace flash:XXXX' did work. I don't quite understand why this change in the Cisco 3850 switch, but when I use a Cisco Catalyst 9300 or a Cisco Nexus switch 'copy start run' still works. Can you perhaps explain why this change was made in the 3850 switch?