cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
2887
Views
4
Helpful
3
Replies
omerelrayehrisa
Beginner

default configuration for 2911

i purchased new Cisco router 2911 then i found some configuration in it 

my question: is this configuration made by Cisco company (is this default configuration ?)

yourname#sh running-config
Building configuration...

Current configuration : 5086 bytes
!
! Last configuration change at 12:35:22 UTC Tue May 9 2017 by cisco
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.128
default-router 10.10.10.1
lease 0 2
!
!
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-2970730216
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2970730216
revocation-check none
rsakeypair TP-self-signed-2970730216
!
!
crypto pki certificate chain TP-self-signed-2970730216
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32393730 37333032 3136301E 170D3136 30383035 30393430
32335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39373037
33303231 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810082DB ACEF30ED D8F2A9A7 B44A9DCC 61125A8F A4E53A34 F4C2776D 64DF2B2D
95146F1E 76A9E5DD FEA37224 B904FC32 BAEB91D0 2F72CC7B B1104BEA 35AFFCDE
4C56D014 60CF2DAB DC3C974C 4A98E00F C2E28B40 93729955 B7A94E5B 74449276
95BF79E0 96BEF251 684955FF 8846BA49 55E86123 F35F2FD7 DE82E300 50EEB0AA
634D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14D1C1B9 A4768C91 9FE6FDDD 429C745A 66706154 2C301D06
03551D0E 04160414 D1C1B9A4 768C919F E6FDDD42 9C745A66 7061542C 300D0609
2A864886 F70D0101 05050003 8181004D D57431A5 7837B7CC 7D75AF08 DB6134C3
20197592 67FB27EC 03DD8747 A1330C0B 27D833AC C08B5C5C 4F49649E 656944B5
45557203 B83666B7 490DF94D AFFAD990 64947624 47042776 5E28AB8C A312385B
927C25C9 9BD6B46C 2F02A403 96916C35 C482A6C7 C491B366 394D363D 4B8EFC1E
A77DCEF4 009B019E 6ED285F2 8B0AA1
quit
license udi pid CISCO2911/K9 sn FGL203211FJ
!
!
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address 10.10.10.1 255.255.255.128
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
!
access-list 23 permit 10.10.10.0 0.0.0.127
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you want to
use.

-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.

YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS


Here are the Cisco IOS commands.


username <myuser> privilege 15 secret 0 <mypassword>
no username cisco


Replace <myuser> and <mypassword> with the username and password you want
to use.


IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.

For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end

3 REPLIES 3
Mark Malone
VIP Mentor

Hi

that's default config , its prepped for gui access basically in your config so you can http to it if you want with default ip they always give  , 800 series come like that too right up to 2900s , haven't seen the 38s or 39s set like that or higher models or newer ones actually but that's default alright , your ok , although one thing I never seen yourname as the name of the router but that ay be just ios related

make sure to set the username password when it prompts you as cisco/cisco only works once then it may lock you out then its a security feature on these routers

Is there any documentation in Cisco proving this  

there probably is somewhere if you search for it I don't have it handy I just know from years of installing these routers its only on the smaller enterprise routers , I always boot them then wipe them first and deploy our own configuration especially to remove there default security settings

its called Cisco Router and Security Device Manager (SDM) that's pre-loaded on your router with basic setup cfg files  , check your flash in the router package should be there already if your seeing that default config

run command  

#dir flash:/

should look something like below off one of my 800s that still  has it in flash

   1  -rw-    35914940   Mar 1 1984 00:01:00 +00:00  c880data-universalk9-mz.152-3.T.bin
    2  -rw-        3214  May 28 2012 19:54:14 +00:00  cpconfig-8xx.cfg
    3  -rw-     3000320  May 28 2012 19:54:34 +00:00  cpexpress.tar

from one doc

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_configuration_professional/guides/CiscoCPqsg.html

Copying the Default Configuration File to Router NVRAM

If you want to start with a factory default configuration that is designed to support Cisco CP, you can use the procedure in this section. The factory default configuration includes all the commands necessary to support Cisco CP and configures an Ethernet interface with the IP address 10.10.10.1.

To copy the default configuration file from router Flash memory to NVRAM, complete the following steps.:


Step 1 Log on to the router through the Console port or through an Ethernet port.

Step 2 If you use the Console port, and no running configuration is present in the router, the Setup command Facility starts automatically, and displays the following text:

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]:

Enter no so that you can enter Cisco IOS CLI commands directly.

If the Setup Command Facility does not start automatically, a running configuration is present, and you should go to the next step.

Step 3 When the router displays the user EXEC mode prompt, enter the enable command, and the enable password, if one is configured, as shown below:

Router> enable

password password

Router#