Cisco Firewall :: 3640 - Recovering Deleted IOS
Jun 27, 2011i have a cisco 3640 router that i have deleted the image without saving and the router is in ROMM mode i wish to use tftp to download the image
View 2 Repliesi have a cisco 3640 router that i have deleted the image without saving and the router is in ROMM mode i wish to use tftp to download the image
View 2 RepliesWe have 6509 VSS with FWSM Module and we have created two context on it, one is INTERNALL CONTEXT othe is EXTERNALL Context? We have spanned various VLANS in switches and FWSM context level. All VLAN Gateways are configured in context level.
Activity description : We had planned migration of these devices into a new Datacenter, it was a planned activity. During migration of devices from one Dc to a new DC we broke the VSS and kept the primary running and removed the secondary switch and migrated this secondary to new DC and powered this device ON in the new DC and checked all the config was very much fine but this device was OFF network as secondary was brought to new DC just to limit the downtime during the primary switch movement.
During the activity ( Primary switch movement )We powered off the Primary switch and mean time before shifting into new Data center We had brought up secondary switch which was already existing in the DC was put live in the network and it was working fine without any issues.
Later we had moved Primary into new data center and tried to put into VSS with the secondary , during this period the secondary device into went into RECOVERY MODE and primary device was not responding and devices went off network and immediatly we removed the VSL link and brought up primary into production network without secondary online in the network ( Without VSS just stand alone switch ) network started working, but bringing up the primary we found that some of the VLANS in the FWSM was deleted and some VLAN had misconfiguration ( example : say original VLAN ip 10.200.112.1 has become 10.300.13.1 ) also some of the access list as well as SVI was deleted making configuration mismatch.
Wanted to know while syncronization b/n primary and secondary switch in VSS if we pull out VSL link would create this type of issues.
I cleared the flash (disk0) on my ASA and now I'm unable to restore it with an IOS.
When I attempt to load it with an IOS, it appears to load just fine. It even proceeds to restart, but when it boots back up it displays the error "No images in / Error 15: File not found. unable to boot an image" and goes to ROMMON.
My computer's IP is 10.0.0.1. I'm assigning the ASA 10.0.0.254. The image filename is asa724-k8.bin. Here's the output of the environmental variables and the attempted loading of the IOS:
Here iis a diagram of my current lab where I am using IP SLA to automatically switch from ISP 1 to ISP 2 should the connection go down (and vice versa)
My switches are C3550 Layer 3 switches. Both ISP's do work so connectivity is not the problem.
If I shutdown the fa0/19 port on SW1 the SLA kicks in and changes my defualt route out 10.0.1.0 without a problem. And when I do a no shut it comes back to tge 192.168.10.0 netowrk just as we would expect. No problem there.
When I disconnect the ISP 1 cell phone the SLA does switch the defualt route to the 10.0.1.0 netowrk. Okay, just fine so far. Here isthe problem, when i reconnect the cell phone the SLA does not come back to the 192.168.10.0 netowrk without first having to delete the SLA and then recresting it (both switches).
Recovering the password for a protected network.It can be difficult sometimes to recover a password for a home wireless network or a small to large business. There are several ways to recover such sensitive data and I would trust you to recover in all honesty for the sake and security of the business you work for or even your home network.So how do I recover the key if I don't know the gateway login to my router? the end user will likely default their router to recover the sensitive data but after defaulting they then realize that the SSID key has now been wiped out. The problem now is that all other trusted devices will be disconnected and the set up for the router; well that's just common sense, you would need to set up your static all over again (if applies) and your security as well. Use other devices in your house, trusted devices that have already been able to connect. Windows 7 is the protagonist in this role. Windows 7 enables the use of wireless profiles to be saved for faster connections to be made within the broadcasted range of the SSID. Btw SSID is the network name you see appear in your Wireless Manager. I.e.Bat_Cave; Starbucks; Barnes & Noble Wifi etc.
TIP #!
SSID - service set identification; two categories apply to SSID
SSID - basic service set identification
This applies to ad hoc wireless networks that do not have access points
SSID - extended service set identification
An infrastructure wireless network that has an access point; however this term can be used either SSID or eSSID. You will see eSSID with Point to Point; backhauls, switches, subscriber modules or comtrols; there are tons others but I won't stress other device types. Rarely will you connect to an AP, likely the type of service you receive depends on what you connect to, radio equipment like Canopy, Ubiquiti and Motorola are technologies you will see that are wireless based. What you are seeing is coming from a smaller device within your home or office network. If you use a Verizon air card, it's likely connecting to a nearby AP or a nearby radio which is pointing to an AP.Back to reality now, in order to locate profiles used in Windows 7 we head to the location by two categories of view in the control panel:
Small Icons Start > Control Panel > Network and Sharing > Manage Wireless Networks (This can be found in the left navigation within the vertical blue strip.)
Category Start > Control Panel > Network and Internet > Network and Sharing > Manage Wireless Networks (This can be found in the left navigation within the vertical blue strip.)
What you will see here may be a small list or a large list of every network you have connected to since you purchased the notebook. Now certificate trusted networks will appear here however they may not contain a key. The company I work for requires certificate of authentication and then the use of password linked to Active Directory as long as my computer is on the domain controller. Each wireless profile you see appear here has its own configuration and each configuration is bound to the SSID or network name. It's like the title of a book with its own story. You can have two (2) books with the same name but a different story. When I say different story, I am referring to a different encryption standard; cipher and wireless password. You can see below I have two (2) wireless networks with the same name but notice the different settings.
Bat_Cave
Standard: WPA2 Personal
Cipher: TKIP
Key: -pass51-
Bat_Cave
Standard: WPA Personal
Cipher: AES
Key: #Off5id35!
The reason I am showing you two (2) configurations is because when you are recovering a key for a network, you want to make sure the configuration is the same or else the door will always be locked until you correct your errors. The network name we have is Bat_Cave and we need to recover the key for the SSID that has a Cipher of TKIP.Right click the profile name and click properties. This will allow you to change SSID configuration on the notebook ONLY; in case changes have been made to the router or a buddy changed his encryption standard on his home network. Yeah it's easy enough just to remove the profile and reconnect; but that would be too easy, you wouldn't learn anything.Once you are in the properties of the wireless profile, click the [Security Tab] up top and you will see: encryption standard, cipher and the key; and as a plus, a check box to show you what the key is. Show the hidden contents and copy or write down the key.By using other trusted device on your network or business, you can utilize the resources that you have, to recover a password on your home or business network so long you have the permission from your superior and a good heart for positive intent.
I am trying to recover a corrupted ios, from rommon after configure all steps of IP_ADDRESS, TFTP_SERVER and so on, copy files correctly, but after it need router 5 minutes to erase flash, or something else....after it i can not boot from ios loaded as i show below:
!!!!!!!!!!!!!!!!!!!!!!
File reception completed.
Copying file /c2600-advsecurityk9-mz.123-11.YZ2.bin to flash.
Erasing flash at 0x61fc0000
program flash location 0x60ea0000
[code].....
I simply need to recover an embeded access point password.
I have the passwords to the 881-w router, but passwords to the embedded access point I don't have.
What is the recovery process for it, or the password reset process for the embedded access point.
it seems that i made a mistake when typing the BAUD rate of a 2960-Switch in rommon.I can't start the switch now, because there is no image on it (because I deleted it before) and the baud-rate has wrong settings. When connecting via console cable i can't see anything (except some strange hieroglyphics) when starting. I tried all the speeds in teraterm... without success.what can i do, to recover the switch back?
View 8 Replies View RelatedMy Cisco 2811 router starts to hang & give the following error. "Original nvconfig doesn't have a correct magic number recovering from backup."I need to fix it ASAP.I've already enter common & change confreg to 0x2142 & reset but same problem occur.
View 8 Replies View RelatedI'm trying to access the web setup page and I'm being asked for the user name and password. I have the password from the initial setup written down but apparently didn't also record the (changed) user name. It's not "admin" (tried that - and just leaving it blank - already).
Is there any way to recover the correct user name short of resetting the router and setting it up again from scratch?
I'm looking to upgrade the iOS on a Cisco 3640 to the last supported level, 12.4.25, and then see what I can make it do.
I'm understanding that the only way to acquire a legitimate copy of the appropriate iOS version is to pay for a service contract, even though I won't need any other service provided for it.
when dealing with NATing with port fowarding from a specific IP range on the outside to a inside IP address. Here is what I have now:Cisco 3640 WAN Router: [code]
which ofcouurse did not work and ASA did not respond to 443 on either Anyconnect or HTTPS. Nothing showing in"show ip nat translations" for the incoming traffic from “ip nat outside source static tcp 15.236.10.0 192.168.4.2” and “ip nat inside source static tcp 192.168.4.2 15.236.10.0”
We have a location that currently has one frame T1 and 4 point-to-point T1s. We are looking at adding a second frame T1 to be bonded with the first. Currently, we have an old 3640 router, so I am thinking this would be a good time for an upgrade. Cost is a concern, so I am hoping to buy something refurbished that is newer than what we have now but is not going to cost a ton as buying new would. My thought is either a 2821 or 2921 with 2 HWIC-4T1/E1. I am not familiar with this HWIC just wanting to make sure this a good solution for our situation.
View 8 Replies View RelatedI have two routers I am trying to connect via the WIC-2T port. I can ping from router to router, but not from my PC (192.168.2.122) to the 3745 (10.0.1.3)..
3640:
Current configuration : 1846 bytes
!
version 12.2
[Code].....
how many NM-32A or NM-16A module can be installed on 3745 and 3640 routers?
View 1 Replies View RelatedI'm using 3640 router running on c3640-js-mz.124-25d.bin IOS. I'm using NM-1A-OC3SML= (ATM OC3, long reach single mode) interface card. Now my pc is connected an fast ethernet interface of the router. Need to know the ATM configuration on this cisco 3640 router in order to achieve the ATM over ethernet traffic get success. As of now i've confugred as below but it's not working it seems.
interface ATM2/0
bandwidth 120000
ip address 10.2.2.1 255.255.255.0
no atm ilmi-keepalive
pvc 0/36
protocol ip 10.2.2.10 broadcast
cbr 70000
encapsulation aal5mux ip
let me know the correct encapsulation type for the connectivity.
I have a NM-4A/S serial network module which I suspect is having problem on a Cisco 3640 router. Is there a way which I can test the async ports out without connecting to any other devices? [code]
View 2 Replies View Relatedi have configured a cisco router with the following configuration to practice obtaining certificates from a microsoft 2008 server configured as a stand alone CA.this part works okay but what i am trying to do next is giving me a headachei am trying to delete the identity certificate but am having no luck whatsoever
interface FastEthernet0/0ip address 192.168.2.1 255.255.255.0ip nat outsideno shut
interface FastEthernet0/1ip address 192.168.1.1 255.255.255.0ip nat insideno shut
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255access-list 102 permit ip 192.168.1.0 0.0.0.255 any
[code].....
i entered the following commands on the router to delete the certificatebut as you can see its telling me the certificate dosn't exist(this method of deleting the cert has come from Richard Deals complete cisco vpn configuration guide) 3Purley(config)#crypto ca certificate chain PurleyPurley(config-cert-chain)#no certificate 61E0446A000000000002% Certificate not found.ps the router is a 3640 running c3640-jk9o3s-mz.124-7.bin
I have been confronted with an issue recently with two of my 3640 series router reloading endlessly.Initially i thought it could be a matter of MEM not well seated, but unfortunately it wasn't the problem.i have attached the gibberish produced when these routers are booted up.Be informed as well that these devices are loaded with max MEM.
View 1 Replies View Relatedi have 2 x T1 terminating on border router cisco 3640 route. (configured using multilink interface). Our IP block is routed on this bundled T1 circuits by At&T. I want more internet bandwidth.
1. Can i connect my DSL (on ethernet interface and using static DSL IP) on the same router and confgure two static routes to internet - one to multilink interface and other to ethernet interface (connected to DSL) ?
2. I have many servers using static NAT to external IPs which are routed on T1 circuits. Will it get into issues when communicating to outside? [for example my exchange server, websites etc?
I have a Cisco 3640 router with IOS v.12.3(16) It does not recognize the crypto commands.
#sh version Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3640-I-M), Version 12.3(16), RELEASE SOFTWARE (fc4) Technical Support: [URL] Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Tue 23-Aug-05 20:03 by ssearch Image text-base: 0x60008B00, data-base: 0x60D36000
ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) ROM: 3600 Software (C3640-I-M), Version 12.3(16), RELEASE SOFTWARE (fc4)
router01 uptime is 3 hours, 43 minutes System returned to ROM by power-on System image file is "flash:c3640-i-mz.123-16.bin"
[code]....
The Cisco 3600 series (3640) is hanged during booting proccess, the IOS is decompressed, but after some text it hanges and I even cannot go to user exec. ROMmon and bypassing the config setting, but the result is still the same.
View 5 Replies View RelatedI got this 3640, trying to apply a service-policy (output and input), but seems like I do it something wrong...because he only apply the output policy... here the config, I already try to config the service police inside the fa0/0, but is not showed at all, he only show the output, its like I never apply that
View 1 Replies View RelatedI got some unexpected System crash, and this happens to 2 different routers on the same network.. (We suffer a Crash and change the router, happens the same to the new router after some time, maybe 40 minutes!!)
Here is the last console report for the new router....
%Software-forced reload
Preparing to dump core...
4w1d: %SYS-2-WATCHDOG: Process aborted on watchdog timeout, process = IP NAT Age
[Code]....
We have a Cisco 3640 router running c3640-is-mz.123-3g.bin Switching ports are devided into several VLans. Each VLan has its own IP subnet. We can't ping IP address X in subnet A from subnet B unless we log into the router and ping it from there first. (and then the IP address will show up in "show ip arp" command. Then we can ping X in subnet A from subnet B, and browse web on device X from subnet B, etc. )
View 6 Replies View RelatedSo apparently the 3600 series do not support the tftpdnld to upgrade your ISO when you upgrade your flash. You have to use the Xmodem transfer as described here: Xmodem Console Download Procedure Using ROMmon [URL]. everything is going great but it is going to take another 3 hours.
Now when i installed the new flash at bootup it said the "device does not contain a valid magic number" now that is just because the flash is not formatting correctly and downloading the new flash file automatically formats the flash setup?
i am running c3640-is-mz.124-21.bin on a cisco router 3640. i am trying to create a monitor session in the CLI and everytime i type the command Router(config)#monitor session 1 interface ethernet2/1 % Invalid input detected at '^' marker. Router(config)#monitor session 1 interface ethernet2/1 ^% Invalid input detected at '^' marker. i get the error invalid input ?
View 10 Replies View RelatedI have a 3640 router with 4 Fast Ethernet Network Modules (1fe-tx, 1fe2w & 2fe2w-v2) and a Catalyst 2912 switch. I can not acheive a link between the 2 devices. All four will not get a link light and the interface(s) show no errors. If I plug the Router nic into virtually any other switch or workstation it works flawlessly. I put a switch between the catalyst and the 3640 and it works without error.
Steps I have tried...
1. Configure interfaces on both Switch and Router to Auto Speed, Auto Duplex2. Configure interfaces on both Switch and Router to speed 100, Full Duplex3. Try Both Crossover and Straight-Through verified working cables.4. Tried a second 2912xl-en switch
Both 2912 switches are factory defaulted, other then the changes I made to the speed and duplex to try to get them connected.Both the router and switches have been doing other functions (seperatlly) within our network for years?So my question is...Why is the NICs in the router compatible with every other vendor other than CISCO?
So I have 2 routers (cisco 3640) that each go to their own ISP and then back to the same switch. I have setup ospf and glbp, and now have pretty good redundancy. If either internet connection or routers go down everything is still golden.
So I was thinking that if an interface went down then the router would not be load balanced with glbp which got me thinking whats the best way to get interface redundancy (and I was going to add a 2nd switch with the second interface).
1) Setup BVI on the 2 interfaces.
2) Setup a 2nd interfaces (on each router), I would have to split the subnet, for instance: [code]then the machines could be on the subnet 192.168.0. 0/23 and setup glbp for 1 ip across all 4 interfaces (I'm not even sure if you can do this but think it would work).
3) Is there a way to utilize etherchannel or anything like this
A negative to option 2 would be that if 1 of the interfaces went down, all the sudden 2/3 (or so) of your traffic would be going through 1 router.
How to configure my serial modules on my 2600 and 3640? Each router has the WIC-2T with two cables connecting them. I tried to ping one router from the other, but no luck. Serial IP address I just made up, this is my home lab, so if I messed those up some how,
Here is the running config for each rotuer:
2610:
Current configuration : 1071 bytes
!
version 12.3
[Code]...
WLC 4404 is configured as Anchor controller, the MAC violation are captured by Controller. the Violated MAC are deleted manually through GUI, but when tried deleting through CLI using command
>Config exclusionlist delete <mac address>
we get error message as error deleting user <mac address>
Can I retrieve emails that were deleted in error.
View 1 Replies View RelatedHow do I salvage a deleted file on a Novell 3.12 server (DOS file)
View 3 Replies View Related