10-25-2010 12:48 AM - edited 03-06-2019 01:42 PM
Hi all,
I have a problem with a network device. A colleague configured the device without "aaa new model" but activated at the vty lines the command "transport input ssh". At this point I have no access to this device. Ma idea is to push the command transport input all at the vty lines, but I don't know how I could realize it. Could anybody give me any support?
Thanks and kind regards
Holger
Solved! Go to Solution.
10-25-2010 05:47 AM
Hi Holger,
HP OpenView is just mentioned as an example, you can use any standard SNMP tools to achieve the same result, eg. Net-SNMP under Windows, OSX or Linux. The only other requirement is a TFTP server that is IP reachable from the device you need to recover.
In this example
$ snmpset -v2c -c
ccCopyProtocol set to TFTP
$ snmpset -v2c -c
ccCopySourceFileType = 1 = networkfile
$ snmpset -v2c -c
ccCopyDestFileType = 4 = running-config
$ snmpset -v2c -c
Set TFTP server address
$ snmpset -v2c -c
Set filename
$ snmpset -v2c -c
Start copy
Once copy is complete, good idea to delete the copy job and verify it no longer exists
$ snmpset -v2c -c
$ snmpget -v2c -c
SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.14.
The file is copied into running-config in the same way as 'copy tftp: run' so will not replace the existing config but merge the entries from your file.
Edit: Also, it'd be a good idea to test this first by reversing ccCopySourceFileType and ccCopyDestFileType to copy the current running to your TFTP server, then you can confirm the process works and see what needs editing in the config!
/Phil
10-25-2010 03:37 AM
Hey Holger,
If you still have access to an SNMP community with write access, the following document gives some steps for using CISCO-CONFIG-COPY-MIB to achieve that:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_configuration_example09186a0080094aa6.shtml
Hope this helps,
/Phil
10-25-2010 05:09 AM
Thanks for the answer,
the problem is that the document explains the solution for the HP Openview software. I don't have this software. So is it possible to push the confoguration by an freeware or an tftp tool?
Regards
Holger
10-25-2010 05:47 AM
Hi Holger,
HP OpenView is just mentioned as an example, you can use any standard SNMP tools to achieve the same result, eg. Net-SNMP under Windows, OSX or Linux. The only other requirement is a TFTP server that is IP reachable from the device you need to recover.
In this example
$ snmpset -v2c -c
ccCopyProtocol set to TFTP
$ snmpset -v2c -c
ccCopySourceFileType = 1 = networkfile
$ snmpset -v2c -c
ccCopyDestFileType = 4 = running-config
$ snmpset -v2c -c
Set TFTP server address
$ snmpset -v2c -c
Set filename
$ snmpset -v2c -c
Start copy
Once copy is complete, good idea to delete the copy job and verify it no longer exists
$ snmpset -v2c -c
$ snmpget -v2c -c
SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.14.
The file is copied into running-config in the same way as 'copy tftp: run' so will not replace the existing config but merge the entries from your file.
Edit: Also, it'd be a good idea to test this first by reversing ccCopySourceFileType and ccCopyDestFileType to copy the current running to your TFTP server, then you can confirm the process works and see what needs editing in the config!
/Phil
10-26-2010 12:33 AM
Hi Phil,
thank you very much for your support. It seems net-snmp is working, but I have a problem with the response time of the network device. snmpget give the failure of a Timeout: No Response from ge31ccm01.ipteurope.org. But with the snmp tool netcrunch I have response from the device without any problems. NetCrunch is possible to display all informations of this cisco router. I don't know anymore .
Kind regards
Holger
10-26-2010 07:48 AM
Hey Holger,
Glad to help! If you have the right SNMP version, community string, and SNMP access isn't restricted on the device by an ACL or view then Net-SNMP should work fine.
You can increase the timeout with the -t parameter, I think the default is just one second.
Do you get a response with 'snmpget -v2c -c
/Phil
07-05-2019 11:53 AM
Thanks Phiharri!
After following multiple incorrect guides I found your post which had a good working example.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide