Cisco 1921 no username password commad

Similar Messages

• Cisco Jabber Invalid Username/Password

  Hello All,
  I am currently deploying CUCM 8.6 with CUP 8.6. The end users of CUP are synced to CUCM, which in turn synced to an OpenLDAP server. The synchronization is working properly i.e. users in CUCM also exist in CUP. However, when I tried to login into Jabber, it keeps giving me "Invalid Username/Password" error. I tried logging into Cisco Unified CM User Options (<ip address>/ccmuser) using the same credentials and succeeded. However, I failed to login to Cisco Unified Presence User Options (<ip address>/cupuser).
  Any help?
  Thank you

  I had this exact same issue. Mine was due to a failover. Users were all moved to one server so about half were not working. In CUPS go to System -> Cluster Topology and expand the cluster. Look for Red Xs indicating an issue. Click one where it gives the number of assigned users. Do any say "Failed Over" and have that check box? The ones that do not likely are getting this message of invalid UN/PW. You can test this by pointing the jabber client directly at the working server (the server their name is not under in Cluster Topology). If this is your scenario look for errors and then try clicking the cluster to get "Subcluster Detail" page and click the "Failover" button on the server that has that option. The red X should disappear and the users should be on their subsequent server again and thus should be able to log in.

• Cisco 3560-G Username/password recovery

  Evening all,
  whilst configuring a 3560-G i was interupted whilst setting a username and password, unfortantly when i turned back around I was kicked out. it is now asking for a username even though i havent set one fully. i was vty into the device and am unable console in at the moment is there anything I can do to get past this except get physical access and reboot the device. I havent saved the config at any point so if I reset i assume the username/password mistake wouldnt exist any more.  Any help is greatly appriecated.
  Cheers
  Neil,

  I havent saved the config at any point so if I reset i assume the username/password mistake wouldnt exist any more.
  Reboot the switch is one option.   You can have physical access to the appliance or you can use SNMP to remotely reboot the appliance.  For this method to work, the command "snmp-server system-shutdown" needs to be enabled.
  Another option is to pull down or upload the config using SNMP.  This method is dependent on SNMP RW community string is disabled or not.  

• Cisco 1921 Router default password invalid

  Hi All,
  I am facing a weird issue where after resetting the Cisco router 1921, i am trying to login using default username "cisco" and password "cisco"
  and i am getting password invalid error.
  I have hard resetted the router using the the key in the back.
  Can someone help me in resolving this error. Its frustrating when you cant even login to a new router
  Thanks!!

  Some devices are configured with onetime password. If you log on with these credentials and save the configuration, the default password is erased. If you don't have set a new password, you'll end up with an inaccessible box. This avoids production devices with the default manufacture password and being exposed.
  You need to do a password recovery procedure.
  1) connect via console to the device
  2)power on the device
  3)hit ctrl+break until you are in rommon mode
  Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash.
  This step bypasses the startup configuration where the passwords are stored.
  Type reset at the rommon 2> prompt.
  The router reboots, but ignores the saved configuration.
  Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure.
  Type enable at the Router> prompt.
  You are in enable mode and should see the Router# prompt.
  As it's a new router without previous configuration it's not really required to restore the previous saved configuration. But if you would do: copy start run
  Warning: Do not enter copy running-config startup-config or write. These commands erase your startup configuration.
  Type configure terminal.
  The hostname(config)# prompt appears.
  Type enable secret in order to change the enable secret password. For example:
  hostname(config)#enable secret YourPassword
  Restore the previous conf-reg value:
  hostname(config)#config-register 0x2102
  If you did a copy start run, you must also configure a new user:
  Username youruser secret yourpassword
  And of course: save your configuration
  Don't forget to rate useful posts ;)
  Sent from Cisco Technical Support iPad App

• Cisco 1921 CCP discovery error username/password

  Hi,
  I have some servers here that needed a more stable router than my WNDR3700 with dd-wrt could offer. I have never used the Cisco IOS before and am a gui lover by nature. After reading about the new CCP and its flexability I made the plunge. I have done the initial configuration via a serial connection. I gave the router its basic information and figured out how to turn on HTTP/HTTPS via the IOS. CCP pro is unable to discover the router due to a bad username or password. I entered in 3 different passwords during setup but never a username and password. I thought all I needed to do was to create a new level 15 username and password.
  I found this command
  Router(config)# username name privilege 15 secret 0 password
  I tried to use the new user but I still couldnt discover the router when I use "show users all" I do not see the created user.
  I have been at it for several hours now. I had hoped that with these new ISR gen2 routers I wouldnt need to learn to much of the IOS at once. Is this not the case?

  Hi Dave,
       Cisco 1900 Router should be shipped with a default configuration for you to able to discover the router with the IP address 10.10.10.1. However, if you have already changed the default config, the command you are using to configure a username is correct.
  Router(config)# username name privilege 15 secret 0 password
  You could be seeing an incorrect username password error on Cisco CP if you are missing the below command:
  Router(config)# ip http authentication local
  I have just mentioned the mandatory configuration on the router to be able to discover the router on CCP:
  Router(config)# username name privilege 15 secret  password
  Router(config)# ip http server
  Router(config)# ip http authentication local
  Router(config)# ip http secure-server               <-- for secure connection
  Router(config)# line vty 0 4
  Router(config-line)# login local
  Router(config-line)# transport input telnet ssh
  Router(config-line)# line vty 5 15
  Router(config-line)# login local
  Router(config-line)# transport input all
  Thanks
  Chaitra

• What's the username & password when i connect device from cisco network assistant

  what's the username & password when i connect device from cisco network assistant?
  http://i200.photobucket.com/albums/aa273/wallfire02/Capture_zpsa8f5fd2b.jpg

  Although that may be true...
  If I click the "Connect As..." button it asks for a username and password.
  I've experienced connecting to other user's computers on a network.  To gain access to their computer, I just use their username and password.  I've done this before to transfer files without using a flash drive or burned disk. 
  I'm trying to find out what I'm supposed to log on as to gain access to this device...
       My point is that yes, I'm connected to it by wifi.  Otherwise it wouldn't show up; ha-ha! 
  Is my point really that hard to grasp?

• Cisco aironet access-point keep asking username/password

  Hi all,
  Some of my access-points (Light Weight) just keep asking username/passwords when accessed through web and clicked on any option available there. Any idea why that happens?
  Thanks in advance!
  Gaurav

  Some of my access-points (Light Weight) just keep asking username/passwords when accessed through web and clicked on any option available there.You sure it's LWAP?  The reason why I'm asking because you would NOT be able to access an LWAP over HTML because it's LWAP.

• New Cisco 1921 doesn't display running configuration

  Hi All,
  I've recently received this new Cisco 1921 routers with Cisco CP loaded, so it comes up with the annoying change username and password at first access. I've removed all of those files from the flash memory, and rebooted it, and it came up with the proper initial configuration dialog, which is what I wanted.
  But, whenever I configure the router with a set of basic configuration, like interface, routing, and snmp loggings, and hit wr mem, it doesn't display at all when I do "sh run". It's weird cause when I do sh run | sec rip  or any other stuff that I have configured, it shows up , but not in sh run at all.
  What's the deal with the new routers??? Even sh version doesn't show the config-register or memory allocation details. Which is weird!
  xxxxx#sh ver
  Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2012 by Cisco Systems, Inc.
  Compiled Tue 20-Mar-12 17:58 by prod_rel_team
  ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
  xxxxxx uptime is 6 minutes
  System returned to ROM by reload at 06:39:25 UTC Mon Apr 29 2013
  System restarted at 06:40:59 UTC Mon Apr 29 2013
  System image file is "usbflash0:c1900-universalk9-mz.SPA.151-4.M4.bin"
  Last reload type: Normal Reload
  Last reload reason: Reload Command
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  ==================================================================
  xxxxx#sh run
  Building configuration...
  Current configuration : 1930 bytes
  ! Last configuration change at 06:42:46 UTC Mon Apr 29 2013
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname xxxxxx
  boot-start-marker
  boot-end-marker
  logging userinfo
  logging buffered 4096
  no aaa new-model
  no ipv6 cef
  ip source-route
  ip cef
  xxxxxxx #sh run | sec rip
  router rip
  version 2
  network 172.17.0.0
  network 192.168.10.0
  network 192.168.13.0
  no auto-summary
  xxxxxxx#sh license feature
  Feature name             Enforcement  Evaluation  Subscription   Enabled  RightToUse
  ipbasek9                 no           no          no             yes      no
  securityk9               yes          yes         no             no       yes
  datak9                   yes          yes         no             no       yes
  SSL_VPN                  yes          yes         no             no       yes
  ios-ips-update           yes          yes         yes            no       yes
  WAAS_Express             yes          yes         no             no       yes

  Same stuff, but I do have another router that's working fine when I do a sh run.
  Problematic router:
  xxxxxx#sh hardware
  Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2012 by Cisco Systems, Inc.
  Compiled Tue 20-Mar-12 17:58 by prod_rel_team
  ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
  xxxxx uptime is 1 hour, 35 minutes
  System returned to ROM by reload at 06:39:25 UTC Mon Apr 29 2013
  System restarted at 06:40:59 UTC Mon Apr 29 2013
  System image file is "usbflash0:c1900-universalk9-mz.SPA.151-4.M4.bin"
  Last reload type: Normal Reload
  Last reload reason: Reload Command
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  Working router:
  yyyyyyy#sh ver
  Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2012 by Cisco Systems, Inc.
  Compiled Tue 20-Mar-12 17:58 by prod_rel_team
  ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
  yyyyyyy uptime is 1 week, 3 days, 10 hours, 19 minutes
  System returned to ROM by power-on
  System restarted at 06:19:19 est Fri Apr 19 2013
  System image file is "usbflash0:c1900-universalk9-mz.SPA.151-4.M4.bin"
  Last reload type: Normal Reload
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  Cisco CISCO1921/K9 (revision 1.0) with 491520K/32768K bytes of memory.
  Processor board ID FGLxxxxxx
  2 Gigabit Ethernet interfaces
  1 terminal line
  DRAM configuration is 64 bits wide with parity disabled.
  255K bytes of non-volatile configuration memory.
  249840K bytes of USB Flash usbflash0 (Read/Write)
  License Info:
  License UDI:
  Device#   PID                   SN
  *0        CISCO1921/K9          FGLxxxxxx    
  Technology Package License Information for Module:'c1900'
  Technology    Technology-package           Technology-package
                Current       Type           Next reboot 
  ipbase        ipbasek9      Permanent      ipbasek9
  security      None          None           None
  data          None          None           None
  Configuration register is 0x2102

• Cisco 1921 Dual ADSL Load Balancing/Failover?

  Hello,
  We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
  I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
  I had a look at ppp multilink but I am unsure our ISP (BT) support this?
  This is my current config which I think only one ADSL line is being used. Some input would be appreciated
  Robbie
  ! Last configuration change at 13:18:34 UTC Tue Mar 29 2011
  version 15.0
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname xxxxxx
  boot-start-marker
  boot-end-marker
  no logging buffered
  enable secret 5 xxxxx
  enable password xxxx
  no aaa new-model
  no ipv6 cef
  ip source-route
  ip cef
  ip name-server 194.74.65.68
  ip name-server 194.72.0.114
  multilink bundle-name authenticated
  crypto pki trustpoint TP-self-signed-xxxxxx
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-xxxxx0
  revocation-check none
  rsakeypair TP-self-signed-xxxxx!
  crypto pki certificate chain TP-self-signed-xxxxxx
  certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
  license udi pid CISCO1921/K9 xxxxx
  username admin privilege 15 secret 5 xxxxxxxxxx/
  interface GigabitEthernet0/0
  description lan$ETH-LAN$
  ip address 10.0.8.1 255.255.248.0
  ip nat inside
  ip virtual-reassembly
  duplex auto
  speed auto
  interface GigabitEthernet0/1
  no ip address
  shutdown
  duplex auto
  speed auto
  interface ATM0/0/0
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  no atm ilmi-keepalive
  dsl operating-mode adsl2
  interface ATM0/0/0.1 point-to-point
  description $ES_WAN$$FW_OUTSIDE$
  ip flow ingress
  pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  interface ATM0/1/0
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  no atm ilmi-keepalive
  dsl operating-mode adsl2
  interface ATM0/1/0.1 point-to-point
  description $ES_WAN$$FW_OUTSIDE$
  ip flow ingress
  pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  interface Dialer0
  mtu 1483
  ip address negotiated
  ip access-group spalding in
  ip access-group spalding out
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  ppp authentication chap callin
  ppp chap hostname xxxxx
  ppp chap password 0 xxxxx
  ppp multilink
  ppp multilink links minimum 2
  ppp multilink fragment disable
  ppp timeout multilink link add 2
  no cdp enable
  interface Dialer1
  mtu 1483
  ip address negotiated
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  ppp authentication chap callin
  ppp chap hostname xxxxx
  ppp chap password 0 xxxxx
  ppp link reorders
  ppp multilink
  ppp multilink links minimum 2
  ppp multilink fragment disable
  ppp timeout multilink link add 2
  no cdp enable
  ip forward-protocol nd
  no ip http server
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip nat inside source list 1 interface Dialer0 overload
  ip nat inside source static tcp 10.0.15.201 3389 interface Dialer0 3389
  ip nat outside source static tcp 195.194.75.218 3389 10.0.15.200 3389 extendable
  ip route 0.0.0.0 0.0.0.0 Dialer0
  access-list 1 remark INSIDE_IF=GigabitEthernet0/0
  access-list 1 permit 10.0.0.0 0.254.255.255
  dialer-list 1 protocol ip permit
  control-plane
  line con 0
  line aux 0
  line vty 0 4
  privilege level 15
  login local
  transport input telnet ssh
  line vty 5 15
  privilege level 15
  login local
  transport input telnet ssh
  scheduler allocate 20000 1000
  end

  Hi,
  Can anyone help me with this config?  not very reliable.
  Building configuration...
  Current configuration : 17349 bytes
  ! Last configuration change at 06:08:06 UTC Sun Apr 5 2015 by Shawn
  version 15.4
  no service pad
  service tcp-keepalives-in
  service tcp-keepalives-out
  service timestamps debug datetime msec localtime show-timezone
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  service sequence-numbers
  hostname Router
  boot-start-marker
  boot system flash0:c2900-universalk9-mz.SPA.154-3.M2.bin
  boot-end-marker
  security authentication failure rate 3 log
  security passwords min-length 6
  logging buffered 51200
  logging console critical
  enable secret 5 $1$sNeA$GB6.SMrcsxPf51tK2Eo9Z.
  aaa new-model
  aaa authentication login local_authen local
  aaa authorization exec local_author local
  aaa session-id common
  no ip source-route
  ip port-map user-protocol--8 port udp 3392
  ip port-map user-protocol--9 port tcp 3397
  ip port-map user-protocol--2 port udp 3391
  ip port-map user-protocol--3 port tcp 14000
  ip port-map user-protocol--1 port tcp 3391
  ip port-map user-protocol--6 port udp 3394
  ip port-map user-protocol--7 port tcp 3392
  ip port-map user-protocol--4 port udp 14100
  ip port-map user-protocol--5 port tcp 3394
  ip port-map user-protocol--10 port udp 3397
  ip dhcp excluded-address 192.168.1.1 192.168.1.49
  ip dhcp excluded-address 192.168.10.1 192.168.10.49
  ip dhcp pool DHCP_POOL1
   import all
   network 192.168.1.0 255.255.255.0
   dns-server 139.130.4.4 203.50.2.71
   default-router 192.168.1.1
   lease infinite
  ip dhcp pool ccp-pool1
   import all
   network 192.168.10.0 255.255.255.0
   dns-server 139.130.4.4 203.50.2.71
   default-router 192.168.10.1
   lease infinite
  no ip bootp server
  ip host SHAWN-PC 192.168.1.10
  ip host DIAG 192.168.1.5
  ip host MSERV 192.168.1.13
  ip name-server 139.130.4.4
  ip name-server 203.50.2.71
  ip cef
  ip cef load-sharing algorithm include-ports source destination
  no ipv6 cef
  multilink bundle-name authenticated
  cts logging verbose
  crypto pki trustpoint TP-self-signed-1982477479
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-1982477479
   revocation-check none
   rsakeypair TP-self-signed-1982477479
  license udi pid 
  license boot module c2900 technology-package securityk9
  license boot module c2900 technology-package datak9
  redundancy
  controller VDSL 0/0/0
   operating mode adsl2+
  controller VDSL 0/1/0
   operating mode adsl2+
  no cdp run
  track timer interface 5
  track 1 interface Dialer0 ip routing
   delay down 15 up 10
  track 2 interface Dialer1 ip routing
   delay down 15 up 10
  ip tcp synwait-time 10
  ip ssh time-out 60
  ip ssh authentication-retries 2
  class-map type inspect match-all sdm-nat-user-protocol--7-1
   match access-group 104
   match protocol user-protocol--7
   match access-group 102
  class-map type inspect match-all sdm-nat-user-protocol--4-2
   match access-group 101
   match protocol user-protocol--4
  class-map type inspect match-all sdm-nat-user-protocol--6-1
   match access-group 103
   match protocol user-protocol--6
  class-map type inspect match-all sdm-nat-user-protocol--5-1
   match access-group 103
   match protocol user-protocol--5
  class-map type inspect match-all sdm-nat-user-protocol--4-1
   match access-group 102
   match protocol user-protocol--4
  class-map type inspect match-all sdm-nat-user-protocol--7-2
   match access-group 101
   match protocol user-protocol--7
  class-map type inspect match-all sdm-nat-user-protocol--3-1
   match access-group 102
   match protocol user-protocol--3
  class-map type inspect match-all sdm-nat-user-protocol--2-1
   match access-group 101
   match protocol user-protocol--2
  class-map type inspect match-all sdm-nat-user-protocol--1-2
   match access-group 102
   match protocol user-protocol--1
  class-map type inspect match-all sdm-nat-user-protocol--1-1
   match access-group 101
   match protocol user-protocol--1
  class-map type inspect match-all sdm-nat-user-protocol--2-2
   match access-group 102
   match protocol user-protocol--2
  class-map type inspect match-all sdm-nat-user-protocol--3-2
   match access-group 101
   match protocol user-protocol--3
  class-map type inspect match-all sdm-nat-user-protocol--8-2
   match access-group 101
   match protocol user-protocol--8
  class-map type inspect match-all sdm-nat-user-protocol--9-2
   match access-group 104
   match protocol user-protocol--9
  class-map type inspect match-any ccp-skinny-inspect
   match protocol skinny
  class-map type inspect match-all sdm-nat-user-protocol--9-1
   match access-group 101
   match protocol user-protocol--9
   match access-group 104
  class-map type inspect match-all sdm-nat-user-protocol--8-1
   match access-group 104
   match protocol user-protocol--8
   match access-group 102
  class-map type inspect match-any ccp-h323nxg-inspect
   match protocol h323-nxg
  class-map type inspect match-any ccp-cls-icmp-access
   match protocol icmp
   match protocol tcp
   match protocol udp
  class-map type inspect match-all sdm-nat-user-protocol--10-2
   match access-group 104
   match protocol user-protocol--10
  class-map type inspect match-all sdm-nat-user-protocol--10-1
   match access-group 101
   match protocol user-protocol--10
   match access-group 104
  class-map type inspect match-any ccp-h225ras-inspect
   match protocol h225ras
  class-map type inspect match-any ccp-h323annexe-inspect
   match protocol h323-annexe
  class-map type inspect match-any ccp-cls-insp-traffic
   match protocol pptp
   match protocol dns
   match protocol ftp
   match protocol https
   match protocol icmp
   match protocol imap
   match protocol pop3
   match protocol netshow
   match protocol shell
   match protocol realmedia
   match protocol rtsp
   match protocol smtp
   match protocol sql-net
   match protocol streamworks
   match protocol tftp
   match protocol vdolive
   match protocol tcp
   match protocol udp
  class-map type inspect match-all SDM_GRE
   match access-group name SDM_GRE
  class-map type inspect match-any ccp-h323-inspect
   match protocol h323
  class-map type inspect match-all ccp-invalid-src
   match access-group 100
  class-map type inspect match-any ccp-sip-inspect
   match protocol sip
  class-map type inspect match-all ccp-protocol-http
   match protocol http
  class-map type inspect match-any CCP_PPTP
   match class-map SDM_GRE
  class-map type inspect match-all ccp-insp-traffic
   match class-map ccp-cls-insp-traffic
  class-map type inspect match-all ccp-icmp-access
   match class-map ccp-cls-icmp-access
  policy-map type inspect ccp-inspect
   class type inspect ccp-invalid-src
    drop log
   class type inspect ccp-protocol-http
    inspect
   class type inspect ccp-insp-traffic
    inspect
   class type inspect ccp-sip-inspect
    inspect
   class type inspect ccp-h323-inspect
    inspect
   class type inspect ccp-h323annexe-inspect
    inspect
   class type inspect ccp-h225ras-inspect
    inspect
   class type inspect ccp-h323nxg-inspect
    inspect
   class type inspect ccp-skinny-inspect
    inspect
   class class-default
    drop
  policy-map type inspect sdm-pol-NATOutsideToInside-1
   class type inspect sdm-nat-user-protocol--1-1
    inspect
   class type inspect sdm-nat-user-protocol--2-1
    inspect
   class type inspect sdm-nat-user-protocol--3-1
    inspect
   class type inspect sdm-nat-user-protocol--4-1
    inspect
   class type inspect sdm-nat-user-protocol--5-1
    inspect
   class type inspect sdm-nat-user-protocol--6-1
    inspect
   class type inspect sdm-nat-user-protocol--7-1
    inspect
   class type inspect sdm-nat-user-protocol--8-1
    inspect
   class type inspect sdm-nat-user-protocol--9-1
    inspect
   class type inspect sdm-nat-user-protocol--10-1
    inspect
   class type inspect CCP_PPTP
    pass
   class type inspect sdm-nat-user-protocol--7-2
    inspect
   class type inspect sdm-nat-user-protocol--8-2
    inspect
   class type inspect sdm-nat-user-protocol--1-2
    inspect
   class type inspect sdm-nat-user-protocol--2-2
    inspect
   class type inspect sdm-nat-user-protocol--9-2
    inspect
   class type inspect sdm-nat-user-protocol--10-2
    inspect
   class type inspect sdm-nat-user-protocol--3-2
    inspect
   class type inspect sdm-nat-user-protocol--4-2
    inspect
   class class-default
    drop log
  policy-map type inspect ccp-permit
   class class-default
    drop
  policy-map type inspect ccp-permit-icmpreply
   class type inspect ccp-icmp-access
    inspect
   class class-default
    pass
  zone security in-zone
  zone security out-zone
  zone-pair security ccp-zp-self-out source self destination out-zone
   service-policy type inspect ccp-permit-icmpreply
  zone-pair security ccp-zp-in-out source in-zone destination out-zone
   service-policy type inspect ccp-inspect
  zone-pair security ccp-zp-out-self source out-zone destination self
   service-policy type inspect ccp-permit
  zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
   service-policy type inspect sdm-pol-NATOutsideToInside-1
  interface Null0
   no ip unreachables
  interface Embedded-Service-Engine0/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
  interface GigabitEthernet0/0
   description $ETH-LAN$
   ip address 192.168.10.1 255.255.255.0
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   duplex auto
   speed auto
   no mop enabled
  interface GigabitEthernet0/1
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
   duplex auto
   speed auto
   no mop enabled
  interface ATM0/0/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   no atm ilmi-keepalive
  interface ATM0/0/0.1 point-to-point
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  interface ATM0/0/0.2 point-to-point
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
  interface Ethernet0/0/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
   no mop enabled
  interface ATM0/1/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   no atm ilmi-keepalive
  interface ATM0/1/0.1 point-to-point
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 2
  interface Ethernet0/1/0
   no ip address
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip flow ingress
   shutdown
   no mop enabled
  interface GigabitEthernet0/3/0
   no ip address
  interface GigabitEthernet0/3/1
   no ip address
  interface GigabitEthernet0/3/2
   no ip address
  interface GigabitEthernet0/3/3
   no ip address
  interface GigabitEthernet0/3/4
   no ip address
  interface GigabitEthernet0/3/5
   no ip address
  interface GigabitEthernet0/3/6
   no ip address
  interface GigabitEthernet0/3/7
   no ip address
  interface Vlan1
   description $FW_INSIDE$
   ip address 192.168.1.1 255.255.255.0
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip nbar protocol-discovery
   ip flow ingress
   ip nat inside
   ip virtual-reassembly in
   zone-member security in-zone
  interface Dialer0
   description $FW_OUTSIDE$
   ip address negotiated
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip nbar protocol-discovery
   ip flow ingress
   ip nat outside
   ip virtual-reassembly in
   zone-member security out-zone
   encapsulation ppp
   dialer pool 1
   dialer-group 1
   ppp authentication chap pap callin
   ppp chap hostname [email protected]
   ppp chap password 7 1444405858557A
   ppp pap sent-username [email protected] password 7 135645415F5D54
   ppp multilink
  interface Dialer1
   description $FW_OUTSIDE$
   ip address negotiated
   no ip redirects
   no ip unreachables
   no ip proxy-arp
   ip nbar protocol-discovery
   ip flow ingress
   ip nat outside
   ip virtual-reassembly in
   zone-member security out-zone
   encapsulation ppp
   dialer pool 2
   dialer-group 2
   ppp authentication chap pap callin
   ppp chap hostname [email protected]
   ppp chap password 7 01475E540E5D55
   ppp pap sent-username [email protected] password 7 055F5E5F741A1D
   ppp multilink
  router eigrp as#
  router eigrp 10
   network 192.168.1.1 0.0.0.0
  router rip
   version 2
   network 192.168.1.0
   no auto-summary
  ip forward-protocol nd
  ip http server
  ip http access-class 3
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip dns server
  ip nat inside source static tcp 192.168.1.10 3392 interface Dialer1 3392
  ip nat inside source static udp 192.168.1.10 3392 interface Dialer1 3392
  ip nat inside source static tcp 192.168.1.35 3391 interface Dialer0 3391
  ip nat inside source static udp 192.168.1.35 3391 interface Dialer0 3391
  ip nat inside source static tcp 192.168.1.5 3394 interface Dialer0 3394
  ip nat inside source static udp 192.168.1.5 3394 interface Dialer0 3394
  ip nat inside source static tcp 192.168.1.17 3397 interface Dialer0 3397
  ip nat inside source static udp 192.168.1.17 3397 interface Dialer0 3397
  ip nat inside source static tcp 192.168.1.10 14000 interface Dialer0 14000
  ip nat inside source static udp 192.168.1.10 14100 interface Dialer0 14100
  ip nat inside source route-map ADSL0 interface Dialer0 overload
  ip nat inside source route-map ADSL1 interface Dialer1 overload
  ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
  ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
  ip access-list extended NAT
   remark CCP_ACL Category=18
   permit ip 192.0.0.0 0.255.255.255 any
  ip access-list extended SDM_GRE
   remark CCP_ACL Category=1
   permit gre any any
   remark CCP_ACL Category=1
  ip access-list extended STATIC-NAT-SERVICES
   permit ip host 192.168.1.35 any
   permit ip host 192.168.1.5 any
   permit ip host 192.168.1.10 any
   permit ip host 192.168.1.17 any
  dialer-list 1 protocol ip permit
  dialer-list 2 protocol ip permit
  route-map ADSL0 permit 10
   match ip address NAT
   match interface Dialer0
  route-map ADSL1 permit 10
   match ip address NAT
   match interface Dialer1
  access-list 1 remark INSIDE_IF=Vlan1
  access-list 1 remark CCP_ACL Category=2
  access-list 1 permit 192.168.1.0 0.0.0.255
  access-list 2 remark HTTP Access-class list
  access-list 2 remark CCP_ACL Category=1
  access-list 2 permit 192.168.1.0 0.0.0.255
  access-list 2 deny   any
  access-list 2 remark HTTP Access-class list
  access-list 2 remark CCP_ACL Category=1
  access-list 3 remark HTTP Access-class list
  access-list 3 remark CCP_ACL Category=1
  access-list 3 permit 192.168.1.0 0.0.0.255
  access-list 3 deny   any
  access-list 10 remark INSIDE_IF=NAT
  access-list 10 remark CCP_ACL Category=2
  access-list 10 permit 192.168.1.0 0.0.0.255
  access-list 100 remark CCP_ACL Category=128
  access-list 100 permit ip host 255.255.255.255 any
  access-list 100 permit ip 127.0.0.0 0.255.255.255 any
  access-list 100 permit ip 139.130.227.0 0.0.0.255 any
  access-list 100 permit ip 203.45.106.0 0.0.0.255 any
  access-list 101 remark CCP_ACL Category=0
  access-list 101 permit ip any host 192.168.1.10
  access-list 101 remark CCP_ACL Category=0
  access-list 101 permit ip any host 192.168.1.35
  access-list 101 permit tcp any any eq www
  access-list 102 remark CCP_ACL Category=0
  access-list 102 permit ip any host 192.168.1.35
  access-list 102 remark CCP_ACL Category=0
  access-list 102 permit ip any host 192.168.1.10
  access-list 103 remark CCP_ACL Category=0
  access-list 103 permit ip any host 192.168.1.5
  access-list 104 remark CCP_ACL Category=0
  access-list 104 permit ip any host 192.168.1.17
  control-plane
  banner login ^CCE-Rescue Systems^C
  line con 0
   login authentication local_authen
   transport output telnet
  line aux 0
   login authentication local_authen
   transport output telnet
  line 2
   no activation-character
   no exec
   transport preferred none
   transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
   stopbits 1
  line vty 0 4
   authorization exec local_author
   login authentication local_authen
   transport input telnet ssh
  line vty 5 15
   authorization exec local_author
   login authentication local_authen
   transport input telnet ssh
  scheduler allocate 20000 1000
  end
  Thanks
  Shawn

• ASA 5505 ASDM username / password

  Hello everyone,
  I completed the PIX 515 to ASA 5505 migration today with no problems - ok one problem with the logon for ASDM.
  I'm trying no username and password - then using username and password from the 515 Pix with no success.
  Anyone know how to reset the username and password for the ASDM GUI website.
  Thank you

  Ummm,
  Did you possibly try the default username/password combination? (cisco/cisco) It should then prompt you to change these settings once you gain access. I'm not familiar with how the migration works, if it transitions the user accounts over or you end up starting from scratch. Give that a try and hopefully it gets you into your new system.

• Is it possible to have an AP that doesn't ask for username & password?

  Hi,
  I have been asked to take some APs to factory default and leave them without username & password.
  I don't have the devices with me at the moment and I don't remember if that is possible, as long as I remember when you take them to factory default the username and passwords are set to Cisco. But actually I need to leave them without username and password.
  By the way the APs are AIR-LAP1242!
  Any help is much appreciated.

  So in conclusion it is possible, right?
  Yes and no.  Yes, it's possible.  No, it's not possible just by simply doing a factory default/factory reset.  This solution is a two-step process.
  After leaving the AP whithout user/pass when I Telnet/SSH the IP address of the AP, I won't be prompt to type username/password, right?
  Again, yes and no.  Yes, you WON'T be prompted.  NO, you CANNOT remote into a Cisco appliance (Telnet or SSH) UNLESS you have a username and password.

• Router No Asking For Username/Password

  Having just upgraded from a WRT54G to a E2500 all I can say is that I'm disappointed with Cisco.
  Having spent a few hours yesterday trying to resolve issues via Live Chat (ID 130105-001270 & 130105-002081) and spending more time today - I'm truly at wits end. I consider myself pretty knowledgeable with computers and networking.
  I'm not sure if anyone from Cisco's Tech staff sees these posts but I don't know where else to "complain" in hopes that the next software/firmware update resolves these problem(s).
  The first is my router's setup screens are totally open when using my desktop. The desktop is hardwired to the router and has the Cisco Connect software installed. I open the Cisco software and go to advanced settings. There I'm shown what my router's name is and its password. This is really strange - why would you wish to display this information PRIOR to requesting usename and password? However, once there you can go right into the setup screens by clicking OK.
  I have also entered these screens directly without being prompted for username/password by using 192.168.1.1 or myrouter.local via Internet Explorer 8 or Google Chrome. At other times I am denied access because IE cannot display page.
  I'm concerned because I can hide the Cisco Connect software however, anyone that uses my desktop has full access to my router via the web or Cisco Connect.
  The second issue is that the password to enter the router and allow access to the internet IS THE SAME! When I had my WRT54G running I had one password (8 alpha characters) to enter setup screens. There was a router generated, 16 alpha/numeric character, password to allow outside devices such as laptops, TVs and game consoles access to the internet. When I set this router up I installed the 16 character password originally used so my laptop and Wii could connect without having to fool around with their settings. Everything was fine until I went into administration and changed the password to my old 8 character one. That is when I found out that the router uses this password setting under administration to control access to the internet AND access to the router settings!
  I have uninstalled and reinstalled IE 8. I have ensured that my browser's history and caches are clear which they do when I shut IE down. I'm running Windows XP service pack 3 with the "proper" anti-virus and anti-malware software. My system is up-to-date.
  I have ensured that the router is running the latest firmware 1.0.05 build 2 and software 1.4.11299.0.
  I have seen other posts suggesting the removal of Cisco Connect however, I feel that this is a bandaid solution.
  I'm not professing  to be a router technician however, I "feel" the problem might be the fact that the password issue is the problem. Since the same one is being used for both accessing the router and having the router grant access to the net, my desktop is allowed to access the setup screens without being prompted for username and password.
  Again I hope SOMEONE from Cisco sees this and investigates.
  Thanks for allowing me to "rant".
  Dave

  Thank you zee29 for the reply however, when I change the router password under administration I'm presented with a screen that says the router's password has been changed on my next Cisco Connect startup. I click OK and then I'm presented with a screen that says BOTH passwords must be the same. This is crazy. My router is not secure on my desktop. Anyone who uses my desktop and wants to "fish" around can enter my router's settings without being presented with a password prompt.
  And I'm still presented with the problem of connecting via 192.168.1.1. or myrouter.local using IE 8 in which a "page cannot be displayed" message appears. I can log in via Google Chrome however, once I enter the username and password once I'm able to access router without being prompted. The network isn't totally secure.
  I have seen other posts where these Cisco routers are having "problems" when using IE. It would seem to me that Cisco would want to rectify this situation. Its not like I'm running a beta operating system that Cisco is not aware of. I'm running an XP system that is totally updated.
  I've been running Linksys/Cisco routers for years and have never had these problems. If these "problems" continues I will have no choice but to purchase a router from another company such as Netgear and say goodbye to Cisco.
  I want and need a SECURE network.
  Dave

• ORA-01017: invalid username/password; logon denied. but SQLPLUS works

  "ORA-01017: invalid username/password; logon denied" when attempting to log on to db, in three different applications. Error is observed in Toad, Crystal Reports, and MS ODBC Administrator connect test. However, same db credentials work in SQLPLUS.
  Customer is attempting to log into reporting database hosted by my company, and using Cisco VPN client.
  I am unable to reproduce this at this time, on my machine, using same credentials and VPN profile.
  Here is what we know/tried:
  1. PING HOSTNAME is successful on CUSTOMER’S machine
  2. TNSPING HOSTNAME is successful on CUSTOMER’S machine
  3. SQLPLUS is successful with USER2/(pw)@HOSTNAME.int on CUSTOMER’S machine
  4. We corrected timeout error on CUSTOMER’S side, by adding TCP.CONNECT_TIMEOUT=1000 in SQLNET.ORA (Also observed extremely slow performance on CUSTOMER SIDE)
  5. We corrected dns suffix problem on CUSTOMER’S side, observed in NSLOOKUP by
  adding: IP ADDRESS AND HOSTNAME to Windows HOSTS file
  and commenting out default suffix COMPANY.com from SQLNET.ORA file
  6. VPN configuration and VPN credentials are good.　
  We tested CUSTOMER’S VPN profle, CUSTOMER’S VPN credentials, and user USER2/(pw)@HOSTNAME on my machine (WIN7). I am able to maintain persistant connection to HOSTNAME for hours
  7. TNSNames entries are good. Able to connect to db in Toad, and Crystal, on CUSTOMER’S machine using different Oracle user, USER3 (only has grant connect). Unable to logon to db, with Oracle user USER1, or USER2. (USER2 was created to try to resolve login problem w USER1, but issue still exists.)
  8. CUSTOMER has Windows VISTA, does not have admin privileges, has Oracle 10 installed for client. Using same Cisco VPN client I have installed.
  9. Database on our servers is 11g
  I suspect a configuration issue with CUSTOMER'S Vista machine, OR network, but not sure what to check.
  Help?

  Oracle is too dumb to lie.
  make sure that Java is installed on same system as Crystal Report.
  Then modify below to utilized your connection details to independently confirm connectivity independent of all other software.
  bcm@bcm-laptop:~$ cat Conn.java
  import java.sql.*;
  class Conn {
    public static void main (String[] args) throws Exception
     Class.forName ("oracle.jdbc.OracleDriver");
     Connection conn = DriverManager.getConnection
       ("jdbc:oracle:thin:@//localhost:1521/v112", "scott", "tiger");
                          // @//machineName:port/SID,   userid,  password
     try {
       Statement stmt = conn.createStatement();
       try {
         ResultSet rset = stmt.executeQuery("select BANNER from SYS.V_$VERSION");
         try {
           while (rset.next())
             System.out.println (rset.getString(1));   // Print col 1
         finally {
            try { rset.close(); } catch (Exception ignore) {}
       finally {
         try { stmt.close(); } catch (Exception ignore) {}
     finally {
       try { conn.close(); } catch (Exception ignore) {}
  bcm@bcm-laptop:~$ javac Conn.java
  bcm@bcm-laptop:~$ export CLASSPATH=/u01/app/oracle/product/11.2.0/dbhome_1/owb/wf/lib/ojdbc14.jar:.
  bcm@bcm-laptop:~$ java Conn
  Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
  PL/SQL Release 11.2.0.1.0 - Production
  CORE     11.2.0.1.0     Production
  TNS for Linux: Version 11.2.0.1.0 - Production
  NLSRTL Version 11.2.0.1.0 - Production
  bcm@bcm-laptop:~$

• Meeting Place Express 2.1.1 CLI Username/Password

  Hi All,
  I have installed MPE 2.1.1 on VMWare as a linux based application.
  After complete installation, when the CLI appears, I am unable to login into it.
  During installation of OS, it does not asked me any username/password for this.
  When I was configuring system on VMWare, it asked me username and password, and said that same password will be used for root user.
  but nothing is working now.
  I have tried same password for both, root and mpxadmin also admin/cisco.
  Regards,
  Hasnain Naqvi

  Hello Hasnain,
  Have you tried the recovery procedures below:
  http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Express%2C_Release_2.x_--_Troubleshooting_System_Issues#Recovering_the_Password_for_the_root_Account
  If that doesnt work, you will need to open a TAC case and TAC will send you a password recovery .iso file to burn on a CD/DVD.
  Regards,
  Victor Dang.

• Hide username&password in SCP

  Hi all, suppose we have to configure automatic backup
  Router(config)#archive
  Router(config-archive)#path scp://username:password@hostname
  Router(config-archive)#write memory
  Is there any way to hide username and password in config?

  Not sure there is a way to do this as the router is being the client in this scenario. If you can make it the server, then there are some options:
  http://www.cisco.com/en/US/docs/ios/12_2t/12_2t2/feature/guide/ftscp.html
  Sent from Cisco Technical Support iPad App