It is currently Sun Feb 23, 2020 9:10 am


All times are UTC




Post new topic Reply to topic  [ 11 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: IOS issues or config issues?
PostPosted: Sun Sep 29, 2013 5:07 am 
Offline

Joined: Sun Sep 29, 2013 4:49 am
Posts: 7
I have been trying to use some different IOS but everytime I open the console to configure the routers, it starts with Privileged mode, I don't know why It does not open normally. This is what I see:
Quote:
Connected to Dynamips VM "R1" (ID 2, type c3600) - Console port
Press ENTER to get the prompt.

R1#



And this is what I should see (or similar):
Quote:
System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
Copyright (c) 2000 by cisco Systems, Inc.
cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory

Self decompressing the image :
########################################################################## [OK]
Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 06:21 by pt_rel_team
Image text-base: 0x400A925C, data-base: 0x4372CE20

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
[email protected].
cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory
Processor board ID JAD05190MTZ (4292891495)
M860 processor: part number 0, mask 49
2 FastEthernet/IEEE 802.3 interface(s)
239K bytes of non-volatile configuration memory.
62720K bytes of ATA CompactFlash (Read/Write)
Cisco IOS Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 06:21 by pt_rel_team

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: n

Press RETURN to get started!

Router>





what should I do? Some screenshots of the configuration are attached.

I have 0.8.5 GNS3 version




Attachments:
config dynamips.jpg
config dynamips.jpg [ 93.05 KiB | Viewed 7027 times ]
config general.jpg
config general.jpg [ 107.53 KiB | Viewed 7027 times ]
Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Sun Sep 29, 2013 10:37 am 
Offline

Joined: Sun Sep 16, 2012 9:55 pm
Posts: 541
Location: England
GNS3 applies a baseconfig (baseconfig.txt), part of this baseconfig specifies the following
Code:
line con 0
exec-timeout 0 0
logging synchronous
privilege level 15
no login
line aux 0
exec-timeout 0 0
logging synchronous
privilege level 15
no login

In particular the line "privilege level 15", this mean the router starts in privileged exec mode. To disable this on a specific router type the following in to the router console:
Code:
R1#config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#line console 0
R1(config-line)#no privilege level 15
R1(config-line)#exit
R1(config)#line aux 0
R1(config-line)#no privilege level 15
R1(config-line)#end
R1#logout

Then when you'll be given the standard prompt.
Code:
R1>

To make this change apply to all FUTURE routers, you will need to edit the baseconfig.txt file, which is normally found in (HOME DIRECTORY)/GNS3/Images

_________________
Daniel
Forum Moderator & Debian Package Maintainer for GNS3, Dynamips & VPCS.
Standalone DEB Packages are available from http://gns3.serverb.co.uk - To be updated!


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Mon Sep 30, 2013 9:51 pm 
Offline

Joined: Sun Sep 29, 2013 4:49 am
Posts: 7
I don't get it, It is suppossed that as I have a brand new IOS, it should start normally.

You tell me it is related to the privilege line, but according to the literature, Privileges are the restriction level given to a certain user or users, being level 0 the most restricted and level 15 the less restricted, if I deny privilege 15 in the baseconfig.txt then I wouln'd have total control of the device... but by default!


Source:
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html
http://www.techrepublic.com/article/understand-the-levels-of-privilege-in-the-cisco-ios/


In fact, I already don't have total control of the device because it starts in privilege mode (I mean about Base commands modes), another thing that happens is that when I try to check flash with: Show flash, there should appear the information about the IOS, and it seems like there is no IOS at all, like the entire flash is available because it's empty.

So, there is something wrong and I really don't think it is related to the IOS, because I have tried with several and still the same problem. Should it be something about GNS3 configuration then?


Source:
Code:
http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf019.html#wp1000889




I hope my English is good so that you understand what I mean.


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Mon Sep 30, 2013 10:49 pm 
Offline

Joined: Sun Sep 29, 2013 4:49 am
Posts: 7
claydon_dan wrote:
In particular the line "privilege level 15", this mean the router starts in privileged exec mode. To disable this on a specific router type the following in to the router console:



Still doesn't work


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Tue Oct 01, 2013 7:50 am 
Offline

Joined: Sat Aug 17, 2013 7:59 pm
Posts: 123
Location: Upper Silesia, Poland
So try to create an EMPTY file (with size=0 bytes), name that file, for example, "empty.txt" and:
1. from "IOS Images and hypervisors" select image you want to use (just click it)
2. below the image list you have default settings - in "Base config" select freshly created "empty.txt" file as base config

After that, ad new router to your topology and start it - newly started youter should have no configuration at all.

abcdgb wrote:
another thing that happens is that when I try to check flash with: Show flash, there should appear the information about the IOS, and it seems like there is no IOS at all, like the entire flash is available because it's empty.

It is not bug - it is a feature. Feature caused by virtualisation. You can do nothing about it.
If you want to test things like uploading image(s) via tftp, playing with rommon, selecting image from flash to start (from list of images uploaded to flash) or doing password recovery, you should have a real router - you can't do it with gns3 (as far as I know, but maybe I'm wrong).

_________________
If you can see any inaccuracies or other language-related mistakes in my post(s), please forgive me - English is not my native language


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Tue Oct 01, 2013 9:59 am 
Offline

Joined: Sun Sep 16, 2012 9:55 pm
Posts: 541
Location: England
abcdgb wrote:
I don't get it, It is suppossed that as I have a brand new IOS, it should start normally.

GNS3 applies a base configuration, to avoid the user having to enter the enable command every time.

abcdgb wrote:
You tell me it is related to the privilege line, but according to the literature, Privileges are the restriction level given to a certain user or users, being level 0 the most restricted and level 15 the less restricted, if I deny privilege 15 in the baseconfig.txt then I wouln'd have total control of the device... but by default!

Source:
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html
http://www.techrepublic.com/article/understand-the-levels-of-privilege-in-the-cisco-ios/

The privilege level in this case isn't related to a user. When it is configured for a particular line, it sets the default privilege mode for that line
http://www.cisco.com/en/US/docs/ios/12_2/security/command/reference/srfpass.html#wp1017782
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfpass.html#wp1001061

abcdgb wrote:
In fact, I already don't have total control of the device because it starts in privilege mode (I mean about Base commands modes), another thing that happens is that when I try to check flash with: Show flash, there should appear the information about the IOS, and it seems like there is no IOS at all, like the entire flash is available because it's empty.

So, there is something wrong and I really don't think it is related to the IOS, because I have tried with several and still the same problem. Should it be something about GNS3 configuration then?


Source:
Code:
http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf019.html#wp1000889


As abort stated this is not a bug at all, you will not see the IOS file on the router.

_________________
Daniel
Forum Moderator & Debian Package Maintainer for GNS3, Dynamips & VPCS.
Standalone DEB Packages are available from http://gns3.serverb.co.uk - To be updated!


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Tue Oct 01, 2013 2:34 pm 
Offline

Joined: Sun Sep 29, 2013 4:49 am
Posts: 7
claydon_dan wrote:
As abort stated this is not a bug at all, you will not see the IOS file on the router.


What do you mean? I did what you said and still doesn't work, I guess is not related to the problem. Is any solution?


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Tue Oct 01, 2013 7:38 pm 
Offline

Joined: Sun Sep 16, 2012 9:55 pm
Posts: 541
Location: England
abcdgb wrote:
claydon_dan wrote:
As abort stated this is not a bug at all, you will not see the IOS file on the router.

What do you mean?

GNS3 (or more specifically Dynamips) does not place the IOS .bin file within the routers flash. This is one of the limitations of using an emulation. But this does not stop you from configuring the router to do it's job. You just can't load/remove an IOS Image via TFTP etc.

abcdgb wrote:
I did what you said and still doesn't work, I guess is not related to the problem. Is any solution?

I've double-checked my instructions above on GNS3 and can confirm they do indeed work. Try copying the ouput of show running-config here, after you've followed the instructions above.

_________________
Daniel
Forum Moderator & Debian Package Maintainer for GNS3, Dynamips & VPCS.
Standalone DEB Packages are available from http://gns3.serverb.co.uk - To be updated!


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Tue Oct 01, 2013 9:27 pm 
Offline

Joined: Sun Sep 29, 2013 4:49 am
Posts: 7
claydon_dan wrote:
I've double-checked my instructions above on GNS3 and can confirm they do indeed work. Try copying the ouput of show running-config here, after you've followed the instructions above.


I noticed it works when I write the "no" on the console as you said, but even if I change the baseconfig archive it does no make any change, I even reloaded my computer but this is what I see when the console starts:

Code:
Connected to Dynamips VM "R1" (ID 0, type c2691) - Console port
Press ENTER to get the prompt.

Smart Init is disabled. IOMEM set to: 5

                                         Using iomem percentage: 5

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706

Cisco IOS Software, 2600 Software (C2691-ADVIPSERVICESK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Fri 22-Jan-10 01:26 by prod_rel_team
Image text-base: 0x600088E8, data-base: 0x63386000


BIST FAILED...
Unknown file system detected.
Use format command to format the card as DOS File System.
Or use erase command to format the card as Low End File System.

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
[email protected]

Cisco 2691 (R7000) processor (revision 0.1) with 124928K/6144K bytes of memory.
Processor board ID XXXXXXXXXXX
R7000 CPU at 160MHz, Implementation 39, Rev 2.1, 256KB L2, 512KB L3 Cache
2 FastEthernet interfaces
DRAM configuration is 64 bits wide with parity enabled.
55K bytes of NVRAM.
16384K bytes of ATA System CompactFlash (Read/Write)

SETUP: new interface FastEthernet0/0 placed in "shutdown" state
SETUP: new interface FastEthernet0/1 placed in "shutdown" state


Press RETURN to get started!


*Mar  1 00:00:05.075: %LINEPROTO-5-UPDOWN: Line protocol on Interface VoIP-Null0, changed state to up
*Mar  1 00:00:05.079: %LINEPROTO-5-UPDOWN: Line protocol on Interface IPv6-mpls, changed state to up
*Mar  1 00:00:05.279: %SYS-5-CONFIG_I: Configured from memory by console
*Mar  1 00:00:05.747: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
*Mar  1 00:00:05.747: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
*Mar  1 00:00:05.983: %SYS-5-RESTART: System restarted --
Cisco IOS Software, 2600 Software (C2691-ADVIPSERVICESK9-M), Version 12.4(15)T12, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Fri 22-Jan-10 01:26 by prod_rel_team
*Mar  1 00:00:05.995: %SNMP-5-COLDSTART: SNMP agent on host R1 is undergoing a cold start
*Mar  1 00:00:06.051: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is OFF
*Mar  1 00:00:06.055: %CRYPTO-6-GDOI_ON_OFF: GDOI is OFF
*Mar  1 00:00:06.747: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
*Mar  1 00:00:06.747: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
R1#
R1#
R1#



See the running config:
Code:
R1#show run
Building configuration...

Current configuration : 873 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
no ip domain lookup
!
multilink bundle-name authenticated
!
archive
log config
  hidekeys
!
ip tcp synwait-time 5
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end



And this is the baseconfig archive:
Code:
!
hostname %h
!
no ip domain lookup
no ip icmp rate-limit unreachable
ip tcp synwait 5
!
line con 0
exec-timeout 0 0
logging synchronous
no privilege level 15
no login
line aux 0
exec-timeout 0 0
logging synchronous
no privilege level 15
no login
!
!
end


Top
 Profile  
 
 Post subject: Re: IOS issues or config issues?
PostPosted: Tue Oct 01, 2013 9:37 pm 
Offline

Joined: Sun Sep 16, 2012 9:55 pm
Posts: 541
Location: England
The baseconfig.txt will only apply to new routers.

To save the change on an existing router, you need to issue the following:
Code:
R1#copy running-config startup-config

and then save the the project, which will save the configuration for the routers on the workspace



_________________
Daniel
Forum Moderator & Debian Package Maintainer for GNS3, Dynamips & VPCS.
Standalone DEB Packages are available from http://gns3.serverb.co.uk - To be updated!


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ]  Go to page 1, 2  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 6 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO