Cisco 1921 no username password commad
Hi,
I ahve countered an issue today. I was working on 1921 which is used as test router in ISP. I have loaded a router with test config with username & password in running config. After a while i have removed the username & password with no username---password---- command, then i logged out of router. But now its not allowing me to login as its asking username & password while its not taking any username/password not even cisco/cisco, admin/administrator.
Is this a behaviour of 1921 as i have not copied the runn to start but i disconneced from secure putty session when router was in running config mode. Kindly help.
Regards,
Vishal
You have the router configured to use the local user database, but you have removed all the accounts. Doing that will not disable the configuration for using the local database. What you are experiencing is "normal". Menaing that the router is configured for authentication but there are no valid accounts. Like Reza stated, reboot the router and you'll get the startup config. If the config was saved, you'll have to do a password recovery on it.
Similar Messages
-
Cisco Jabber Invalid Username/Password
Hello All,
I am currently deploying CUCM 8.6 with CUP 8.6. The end users of CUP are synced to CUCM, which in turn synced to an OpenLDAP server. The synchronization is working properly i.e. users in CUCM also exist in CUP. However, when I tried to login into Jabber, it keeps giving me "Invalid Username/Password" error. I tried logging into Cisco Unified CM User Options (<ip address>/ccmuser) using the same credentials and succeeded. However, I failed to login to Cisco Unified Presence User Options (<ip address>/cupuser).
Any help?
Thank youI had this exact same issue. Mine was due to a failover. Users were all moved to one server so about half were not working. In CUPS go to System -> Cluster Topology and expand the cluster. Look for Red Xs indicating an issue. Click one where it gives the number of assigned users. Do any say "Failed Over" and have that check box? The ones that do not likely are getting this message of invalid UN/PW. You can test this by pointing the jabber client directly at the working server (the server their name is not under in Cluster Topology). If this is your scenario look for errors and then try clicking the cluster to get "Subcluster Detail" page and click the "Failover" button on the server that has that option. The red X should disappear and the users should be on their subsequent server again and thus should be able to log in.
-
Cisco 3560-G Username/password recovery
Evening all,
whilst configuring a 3560-G i was interupted whilst setting a username and password, unfortantly when i turned back around I was kicked out. it is now asking for a username even though i havent set one fully. i was vty into the device and am unable console in at the moment is there anything I can do to get past this except get physical access and reboot the device. I havent saved the config at any point so if I reset i assume the username/password mistake wouldnt exist any more. Any help is greatly appriecated.
Cheers
Neil,I havent saved the config at any point so if I reset i assume the username/password mistake wouldnt exist any more.
Reboot the switch is one option. You can have physical access to the appliance or you can use SNMP to remotely reboot the appliance. For this method to work, the command "snmp-server system-shutdown" needs to be enabled.
Another option is to pull down or upload the config using SNMP. This method is dependent on SNMP RW community string is disabled or not. -
Cisco 1921 Router default password invalid
Hi All,
I am facing a weird issue where after resetting the Cisco router 1921, i am trying to login using default username "cisco" and password "cisco"
and i am getting password invalid error.
I have hard resetted the router using the the key in the back.
Can someone help me in resolving this error. Its frustrating when you cant even login to a new router
Thanks!!Some devices are configured with onetime password. If you log on with these credentials and save the configuration, the default password is erased. If you don't have set a new password, you'll end up with an inaccessible box. This avoids production devices with the default manufacture password and being exposed.
You need to do a password recovery procedure.
1) connect via console to the device
2)power on the device
3)hit ctrl+break until you are in rommon mode
Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash.
This step bypasses the startup configuration where the passwords are stored.
Type reset at the rommon 2> prompt.
The router reboots, but ignores the saved configuration.
Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure.
Type enable at the Router> prompt.
You are in enable mode and should see the Router# prompt.
As it's a new router without previous configuration it's not really required to restore the previous saved configuration. But if you would do: copy start run
Warning: Do not enter copy running-config startup-config or write. These commands erase your startup configuration.
Type configure terminal.
The hostname(config)# prompt appears.
Type enable secret in order to change the enable secret password. For example:
hostname(config)#enable secret YourPassword
Restore the previous conf-reg value:
hostname(config)#config-register 0x2102
If you did a copy start run, you must also configure a new user:
Username youruser secret yourpassword
And of course: save your configuration
Don't forget to rate useful posts ;)
Sent from Cisco Technical Support iPad App -
Cisco 1921 CCP discovery error username/password
Hi,
I have some servers here that needed a more stable router than my WNDR3700 with dd-wrt could offer. I have never used the Cisco IOS before and am a gui lover by nature. After reading about the new CCP and its flexability I made the plunge. I have done the initial configuration via a serial connection. I gave the router its basic information and figured out how to turn on HTTP/HTTPS via the IOS. CCP pro is unable to discover the router due to a bad username or password. I entered in 3 different passwords during setup but never a username and password. I thought all I needed to do was to create a new level 15 username and password.
I found this command
Router(config)# username name privilege 15 secret 0 password
I tried to use the new user but I still couldnt discover the router when I use "show users all" I do not see the created user.
I have been at it for several hours now. I had hoped that with these new ISR gen2 routers I wouldnt need to learn to much of the IOS at once. Is this not the case?Hi Dave,
Cisco 1900 Router should be shipped with a default configuration for you to able to discover the router with the IP address 10.10.10.1. However, if you have already changed the default config, the command you are using to configure a username is correct.
Router(config)# username name privilege 15 secret 0 password
You could be seeing an incorrect username password error on Cisco CP if you are missing the below command:
Router(config)# ip http authentication local
I have just mentioned the mandatory configuration on the router to be able to discover the router on CCP:
Router(config)# username name privilege 15 secret password
Router(config)# ip http server
Router(config)# ip http authentication local
Router(config)# ip http secure-server <-- for secure connection
Router(config)# line vty 0 4
Router(config-line)# login local
Router(config-line)# transport input telnet ssh
Router(config-line)# line vty 5 15
Router(config-line)# login local
Router(config-line)# transport input all
Thanks
Chaitra -
What's the username & password when i connect device from cisco network assistant
what's the username & password when i connect device from cisco network assistant?
http://i200.photobucket.com/albums/aa273/wallfire02/Capture_zpsa8f5fd2b.jpgAlthough that may be true...
If I click the "Connect As..." button it asks for a username and password.
I've experienced connecting to other user's computers on a network. To gain access to their computer, I just use their username and password. I've done this before to transfer files without using a flash drive or burned disk.
I'm trying to find out what I'm supposed to log on as to gain access to this device...
My point is that yes, I'm connected to it by wifi. Otherwise it wouldn't show up; ha-ha!
Is my point really that hard to grasp? -
Cisco aironet access-point keep asking username/password
Hi all,
Some of my access-points (Light Weight) just keep asking username/passwords when accessed through web and clicked on any option available there. Any idea why that happens?
Thanks in advance!
GauravSome of my access-points (Light Weight) just keep asking username/passwords when accessed through web and clicked on any option available there.You sure it's LWAP? The reason why I'm asking because you would NOT be able to access an LWAP over HTML because it's LWAP.
-
New Cisco 1921 doesn't display running configuration
Hi All,
I've recently received this new Cisco 1921 routers with Cisco CP loaded, so it comes up with the annoying change username and password at first access. I've removed all of those files from the flash memory, and rebooted it, and it came up with the proper initial configuration dialog, which is what I wanted.
But, whenever I configure the router with a set of basic configuration, like interface, routing, and snmp loggings, and hit wr mem, it doesn't display at all when I do "sh run". It's weird cause when I do sh run | sec rip or any other stuff that I have configured, it shows up , but not in sh run at all.
What's the deal with the new routers??? Even sh version doesn't show the config-register or memory allocation details. Which is weird!
xxxxx#sh ver
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 20-Mar-12 17:58 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
xxxxxx uptime is 6 minutes
System returned to ROM by reload at 06:39:25 UTC Mon Apr 29 2013
System restarted at 06:40:59 UTC Mon Apr 29 2013
System image file is "usbflash0:c1900-universalk9-mz.SPA.151-4.M4.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
==================================================================
xxxxx#sh run
Building configuration...
Current configuration : 1930 bytes
! Last configuration change at 06:42:46 UTC Mon Apr 29 2013
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname xxxxxx
boot-start-marker
boot-end-marker
logging userinfo
logging buffered 4096
no aaa new-model
no ipv6 cef
ip source-route
ip cef
xxxxxxx #sh run | sec rip
router rip
version 2
network 172.17.0.0
network 192.168.10.0
network 192.168.13.0
no auto-summary
xxxxxxx#sh license feature
Feature name Enforcement Evaluation Subscription Enabled RightToUse
ipbasek9 no no no yes no
securityk9 yes yes no no yes
datak9 yes yes no no yes
SSL_VPN yes yes no no yes
ios-ips-update yes yes yes no yes
WAAS_Express yes yes no no yesSame stuff, but I do have another router that's working fine when I do a sh run.
Problematic router:
xxxxxx#sh hardware
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 20-Mar-12 17:58 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
xxxxx uptime is 1 hour, 35 minutes
System returned to ROM by reload at 06:39:25 UTC Mon Apr 29 2013
System restarted at 06:40:59 UTC Mon Apr 29 2013
System image file is "usbflash0:c1900-universalk9-mz.SPA.151-4.M4.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
Working router:
yyyyyyy#sh ver
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 20-Mar-12 17:58 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
yyyyyyy uptime is 1 week, 3 days, 10 hours, 19 minutes
System returned to ROM by power-on
System restarted at 06:19:19 est Fri Apr 19 2013
System image file is "usbflash0:c1900-universalk9-mz.SPA.151-4.M4.bin"
Last reload type: Normal Reload
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO1921/K9 (revision 1.0) with 491520K/32768K bytes of memory.
Processor board ID FGLxxxxxx
2 Gigabit Ethernet interfaces
1 terminal line
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
249840K bytes of USB Flash usbflash0 (Read/Write)
License Info:
License UDI:
Device# PID SN
*0 CISCO1921/K9 FGLxxxxxx
Technology Package License Information for Module:'c1900'
Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security None None None
data None None None
Configuration register is 0x2102 -
Cisco 1921 Dual ADSL Load Balancing/Failover?
Hello,
We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
I had a look at ppp multilink but I am unsure our ISP (BT) support this?
This is my current config which I think only one ADSL line is being used. Some input would be appreciated
Robbie
! Last configuration change at 13:18:34 UTC Tue Mar 29 2011
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname xxxxxx
boot-start-marker
boot-end-marker
no logging buffered
enable secret 5 xxxxx
enable password xxxx
no aaa new-model
no ipv6 cef
ip source-route
ip cef
ip name-server 194.74.65.68
ip name-server 194.72.0.114
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-xxxxxx
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-xxxxx0
revocation-check none
rsakeypair TP-self-signed-xxxxx!
crypto pki certificate chain TP-self-signed-xxxxxx
certificate self-signed 02 nvram:IOS-Self-Sig#4.cer
license udi pid CISCO1921/K9 xxxxx
username admin privilege 15 secret 5 xxxxxxxxxx/
interface GigabitEthernet0/0
description lan$ETH-LAN$
ip address 10.0.8.1 255.255.248.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/0/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
dsl operating-mode adsl2
interface ATM0/1/0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
ip flow ingress
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dialer0
mtu 1483
ip address negotiated
ip access-group spalding in
ip access-group spalding out
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
interface Dialer1
mtu 1483
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname xxxxx
ppp chap password 0 xxxxx
ppp link reorders
ppp multilink
ppp multilink links minimum 2
ppp multilink fragment disable
ppp timeout multilink link add 2
no cdp enable
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.0.15.201 3389 interface Dialer0 3389
ip nat outside source static tcp 195.194.75.218 3389 10.0.15.200 3389 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0
access-list 1 remark INSIDE_IF=GigabitEthernet0/0
access-list 1 permit 10.0.0.0 0.254.255.255
dialer-list 1 protocol ip permit
control-plane
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
scheduler allocate 20000 1000
endHi,
Can anyone help me with this config? not very reliable.
Building configuration...
Current configuration : 17349 bytes
! Last configuration change at 06:08:06 UTC Sun Apr 5 2015 by Shawn
version 15.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname Router
boot-start-marker
boot system flash0:c2900-universalk9-mz.SPA.154-3.M2.bin
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$sNeA$GB6.SMrcsxPf51tK2Eo9Z.
aaa new-model
aaa authentication login local_authen local
aaa authorization exec local_author local
aaa session-id common
no ip source-route
ip port-map user-protocol--8 port udp 3392
ip port-map user-protocol--9 port tcp 3397
ip port-map user-protocol--2 port udp 3391
ip port-map user-protocol--3 port tcp 14000
ip port-map user-protocol--1 port tcp 3391
ip port-map user-protocol--6 port udp 3394
ip port-map user-protocol--7 port tcp 3392
ip port-map user-protocol--4 port udp 14100
ip port-map user-protocol--5 port tcp 3394
ip port-map user-protocol--10 port udp 3397
ip dhcp excluded-address 192.168.1.1 192.168.1.49
ip dhcp excluded-address 192.168.10.1 192.168.10.49
ip dhcp pool DHCP_POOL1
import all
network 192.168.1.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.1.1
lease infinite
ip dhcp pool ccp-pool1
import all
network 192.168.10.0 255.255.255.0
dns-server 139.130.4.4 203.50.2.71
default-router 192.168.10.1
lease infinite
no ip bootp server
ip host SHAWN-PC 192.168.1.10
ip host DIAG 192.168.1.5
ip host MSERV 192.168.1.13
ip name-server 139.130.4.4
ip name-server 203.50.2.71
ip cef
ip cef load-sharing algorithm include-ports source destination
no ipv6 cef
multilink bundle-name authenticated
cts logging verbose
crypto pki trustpoint TP-self-signed-1982477479
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1982477479
revocation-check none
rsakeypair TP-self-signed-1982477479
license udi pid
license boot module c2900 technology-package securityk9
license boot module c2900 technology-package datak9
redundancy
controller VDSL 0/0/0
operating mode adsl2+
controller VDSL 0/1/0
operating mode adsl2+
no cdp run
track timer interface 5
track 1 interface Dialer0 ip routing
delay down 15 up 10
track 2 interface Dialer1 ip routing
delay down 15 up 10
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-all sdm-nat-user-protocol--7-1
match access-group 104
match protocol user-protocol--7
match access-group 102
class-map type inspect match-all sdm-nat-user-protocol--4-2
match access-group 101
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--6-1
match access-group 103
match protocol user-protocol--6
class-map type inspect match-all sdm-nat-user-protocol--5-1
match access-group 103
match protocol user-protocol--5
class-map type inspect match-all sdm-nat-user-protocol--4-1
match access-group 102
match protocol user-protocol--4
class-map type inspect match-all sdm-nat-user-protocol--7-2
match access-group 101
match protocol user-protocol--7
class-map type inspect match-all sdm-nat-user-protocol--3-1
match access-group 102
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--2-1
match access-group 101
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--1-2
match access-group 102
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--1-1
match access-group 101
match protocol user-protocol--1
class-map type inspect match-all sdm-nat-user-protocol--2-2
match access-group 102
match protocol user-protocol--2
class-map type inspect match-all sdm-nat-user-protocol--3-2
match access-group 101
match protocol user-protocol--3
class-map type inspect match-all sdm-nat-user-protocol--8-2
match access-group 101
match protocol user-protocol--8
class-map type inspect match-all sdm-nat-user-protocol--9-2
match access-group 104
match protocol user-protocol--9
class-map type inspect match-any ccp-skinny-inspect
match protocol skinny
class-map type inspect match-all sdm-nat-user-protocol--9-1
match access-group 101
match protocol user-protocol--9
match access-group 104
class-map type inspect match-all sdm-nat-user-protocol--8-1
match access-group 104
match protocol user-protocol--8
match access-group 102
class-map type inspect match-any ccp-h323nxg-inspect
match protocol h323-nxg
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all sdm-nat-user-protocol--10-2
match access-group 104
match protocol user-protocol--10
class-map type inspect match-all sdm-nat-user-protocol--10-1
match access-group 101
match protocol user-protocol--10
match access-group 104
class-map type inspect match-any ccp-h225ras-inspect
match protocol h225ras
class-map type inspect match-any ccp-h323annexe-inspect
match protocol h323-annexe
class-map type inspect match-any ccp-cls-insp-traffic
match protocol pptp
match protocol dns
match protocol ftp
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol netshow
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all SDM_GRE
match access-group name SDM_GRE
class-map type inspect match-any ccp-h323-inspect
match protocol h323
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-any ccp-sip-inspect
match protocol sip
class-map type inspect match-all ccp-protocol-http
match protocol http
class-map type inspect match-any CCP_PPTP
match class-map SDM_GRE
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class type inspect ccp-sip-inspect
inspect
class type inspect ccp-h323-inspect
inspect
class type inspect ccp-h323annexe-inspect
inspect
class type inspect ccp-h225ras-inspect
inspect
class type inspect ccp-h323nxg-inspect
inspect
class type inspect ccp-skinny-inspect
inspect
class class-default
drop
policy-map type inspect sdm-pol-NATOutsideToInside-1
class type inspect sdm-nat-user-protocol--1-1
inspect
class type inspect sdm-nat-user-protocol--2-1
inspect
class type inspect sdm-nat-user-protocol--3-1
inspect
class type inspect sdm-nat-user-protocol--4-1
inspect
class type inspect sdm-nat-user-protocol--5-1
inspect
class type inspect sdm-nat-user-protocol--6-1
inspect
class type inspect sdm-nat-user-protocol--7-1
inspect
class type inspect sdm-nat-user-protocol--8-1
inspect
class type inspect sdm-nat-user-protocol--9-1
inspect
class type inspect sdm-nat-user-protocol--10-1
inspect
class type inspect CCP_PPTP
pass
class type inspect sdm-nat-user-protocol--7-2
inspect
class type inspect sdm-nat-user-protocol--8-2
inspect
class type inspect sdm-nat-user-protocol--1-2
inspect
class type inspect sdm-nat-user-protocol--2-2
inspect
class type inspect sdm-nat-user-protocol--9-2
inspect
class type inspect sdm-nat-user-protocol--10-2
inspect
class type inspect sdm-nat-user-protocol--3-2
inspect
class type inspect sdm-nat-user-protocol--4-2
inspect
class class-default
drop log
policy-map type inspect ccp-permit
class class-default
drop
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
pass
zone security in-zone
zone security out-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
zone-pair security sdm-zp-NATOutsideToInside-1 source out-zone destination in-zone
service-policy type inspect sdm-pol-NATOutsideToInside-1
interface Null0
no ip unreachables
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 192.168.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
no mop enabled
interface GigabitEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
duplex auto
speed auto
no mop enabled
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/0/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface ATM0/0/0.2 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
interface Ethernet0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
no atm ilmi-keepalive
interface ATM0/1/0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 2
interface Ethernet0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no mop enabled
interface GigabitEthernet0/3/0
no ip address
interface GigabitEthernet0/3/1
no ip address
interface GigabitEthernet0/3/2
no ip address
interface GigabitEthernet0/3/3
no ip address
interface GigabitEthernet0/3/4
no ip address
interface GigabitEthernet0/3/5
no ip address
interface GigabitEthernet0/3/6
no ip address
interface GigabitEthernet0/3/7
no ip address
interface Vlan1
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 1444405858557A
ppp pap sent-username [email protected] password 7 135645415F5D54
ppp multilink
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip nat outside
ip virtual-reassembly in
zone-member security out-zone
encapsulation ppp
dialer pool 2
dialer-group 2
ppp authentication chap pap callin
ppp chap hostname [email protected]
ppp chap password 7 01475E540E5D55
ppp pap sent-username [email protected] password 7 055F5E5F741A1D
ppp multilink
router eigrp as#
router eigrp 10
network 192.168.1.1 0.0.0.0
router rip
version 2
network 192.168.1.0
no auto-summary
ip forward-protocol nd
ip http server
ip http access-class 3
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip dns server
ip nat inside source static tcp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static udp 192.168.1.10 3392 interface Dialer1 3392
ip nat inside source static tcp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static udp 192.168.1.35 3391 interface Dialer0 3391
ip nat inside source static tcp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static udp 192.168.1.5 3394 interface Dialer0 3394
ip nat inside source static tcp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static udp 192.168.1.17 3397 interface Dialer0 3397
ip nat inside source static tcp 192.168.1.10 14000 interface Dialer0 14000
ip nat inside source static udp 192.168.1.10 14100 interface Dialer0 14100
ip nat inside source route-map ADSL0 interface Dialer0 overload
ip nat inside source route-map ADSL1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip access-list extended NAT
remark CCP_ACL Category=18
permit ip 192.0.0.0 0.255.255.255 any
ip access-list extended SDM_GRE
remark CCP_ACL Category=1
permit gre any any
remark CCP_ACL Category=1
ip access-list extended STATIC-NAT-SERVICES
permit ip host 192.168.1.35 any
permit ip host 192.168.1.5 any
permit ip host 192.168.1.10 any
permit ip host 192.168.1.17 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
route-map ADSL0 permit 10
match ip address NAT
match interface Dialer0
route-map ADSL1 permit 10
match ip address NAT
match interface Dialer1
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 192.168.1.0 0.0.0.255
access-list 2 deny any
access-list 2 remark HTTP Access-class list
access-list 2 remark CCP_ACL Category=1
access-list 3 remark HTTP Access-class list
access-list 3 remark CCP_ACL Category=1
access-list 3 permit 192.168.1.0 0.0.0.255
access-list 3 deny any
access-list 10 remark INSIDE_IF=NAT
access-list 10 remark CCP_ACL Category=2
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip 139.130.227.0 0.0.0.255 any
access-list 100 permit ip 203.45.106.0 0.0.0.255 any
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.10
access-list 101 remark CCP_ACL Category=0
access-list 101 permit ip any host 192.168.1.35
access-list 101 permit tcp any any eq www
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.35
access-list 102 remark CCP_ACL Category=0
access-list 102 permit ip any host 192.168.1.10
access-list 103 remark CCP_ACL Category=0
access-list 103 permit ip any host 192.168.1.5
access-list 104 remark CCP_ACL Category=0
access-list 104 permit ip any host 192.168.1.17
control-plane
banner login ^CCE-Rescue Systems^C
line con 0
login authentication local_authen
transport output telnet
line aux 0
login authentication local_authen
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
authorization exec local_author
login authentication local_authen
transport input telnet ssh
line vty 5 15
authorization exec local_author
login authentication local_authen
transport input telnet ssh
scheduler allocate 20000 1000
end
Thanks
Shawn -
ASA 5505 ASDM username / password
Hello everyone,
I completed the PIX 515 to ASA 5505 migration today with no problems - ok one problem with the logon for ASDM.
I'm trying no username and password - then using username and password from the 515 Pix with no success.
Anyone know how to reset the username and password for the ASDM GUI website.
Thank youUmmm,
Did you possibly try the default username/password combination? (cisco/cisco) It should then prompt you to change these settings once you gain access. I'm not familiar with how the migration works, if it transitions the user accounts over or you end up starting from scratch. Give that a try and hopefully it gets you into your new system. -
Is it possible to have an AP that doesn't ask for username & password?
Hi,
I have been asked to take some APs to factory default and leave them without username & password.
I don't have the devices with me at the moment and I don't remember if that is possible, as long as I remember when you take them to factory default the username and passwords are set to Cisco. But actually I need to leave them without username and password.
By the way the APs are AIR-LAP1242!
Any help is much appreciated.So in conclusion it is possible, right?
Yes and no. Yes, it's possible. No, it's not possible just by simply doing a factory default/factory reset. This solution is a two-step process.
After leaving the AP whithout user/pass when I Telnet/SSH the IP address of the AP, I won't be prompt to type username/password, right?
Again, yes and no. Yes, you WON'T be prompted. NO, you CANNOT remote into a Cisco appliance (Telnet or SSH) UNLESS you have a username and password. -
Router No Asking For Username/Password
Having just upgraded from a WRT54G to a E2500 all I can say is that I'm disappointed with Cisco.
Having spent a few hours yesterday trying to resolve issues via Live Chat (ID 130105-001270 & 130105-002081) and spending more time today - I'm truly at wits end. I consider myself pretty knowledgeable with computers and networking.
I'm not sure if anyone from Cisco's Tech staff sees these posts but I don't know where else to "complain" in hopes that the next software/firmware update resolves these problem(s).
The first is my router's setup screens are totally open when using my desktop. The desktop is hardwired to the router and has the Cisco Connect software installed. I open the Cisco software and go to advanced settings. There I'm shown what my router's name is and its password. This is really strange - why would you wish to display this information PRIOR to requesting usename and password? However, once there you can go right into the setup screens by clicking OK.
I have also entered these screens directly without being prompted for username/password by using 192.168.1.1 or myrouter.local via Internet Explorer 8 or Google Chrome. At other times I am denied access because IE cannot display page.
I'm concerned because I can hide the Cisco Connect software however, anyone that uses my desktop has full access to my router via the web or Cisco Connect.
The second issue is that the password to enter the router and allow access to the internet IS THE SAME! When I had my WRT54G running I had one password (8 alpha characters) to enter setup screens. There was a router generated, 16 alpha/numeric character, password to allow outside devices such as laptops, TVs and game consoles access to the internet. When I set this router up I installed the 16 character password originally used so my laptop and Wii could connect without having to fool around with their settings. Everything was fine until I went into administration and changed the password to my old 8 character one. That is when I found out that the router uses this password setting under administration to control access to the internet AND access to the router settings!
I have uninstalled and reinstalled IE 8. I have ensured that my browser's history and caches are clear which they do when I shut IE down. I'm running Windows XP service pack 3 with the "proper" anti-virus and anti-malware software. My system is up-to-date.
I have ensured that the router is running the latest firmware 1.0.05 build 2 and software 1.4.11299.0.
I have seen other posts suggesting the removal of Cisco Connect however, I feel that this is a bandaid solution.
I'm not professing to be a router technician however, I "feel" the problem might be the fact that the password issue is the problem. Since the same one is being used for both accessing the router and having the router grant access to the net, my desktop is allowed to access the setup screens without being prompted for username and password.
Again I hope SOMEONE from Cisco sees this and investigates.
Thanks for allowing me to "rant".
DaveThank you zee29 for the reply however, when I change the router password under administration I'm presented with a screen that says the router's password has been changed on my next Cisco Connect startup. I click OK and then I'm presented with a screen that says BOTH passwords must be the same. This is crazy. My router is not secure on my desktop. Anyone who uses my desktop and wants to "fish" around can enter my router's settings without being presented with a password prompt.
And I'm still presented with the problem of connecting via 192.168.1.1. or myrouter.local using IE 8 in which a "page cannot be displayed" message appears. I can log in via Google Chrome however, once I enter the username and password once I'm able to access router without being prompted. The network isn't totally secure.
I have seen other posts where these Cisco routers are having "problems" when using IE. It would seem to me that Cisco would want to rectify this situation. Its not like I'm running a beta operating system that Cisco is not aware of. I'm running an XP system that is totally updated.
I've been running Linksys/Cisco routers for years and have never had these problems. If these "problems" continues I will have no choice but to purchase a router from another company such as Netgear and say goodbye to Cisco.
I want and need a SECURE network.
Dave -
ORA-01017: invalid username/password; logon denied. but SQLPLUS works
"ORA-01017: invalid username/password; logon denied" when attempting to log on to db, in three different applications. Error is observed in Toad, Crystal Reports, and MS ODBC Administrator connect test. However, same db credentials work in SQLPLUS.
Customer is attempting to log into reporting database hosted by my company, and using Cisco VPN client.
I am unable to reproduce this at this time, on my machine, using same credentials and VPN profile.
Here is what we know/tried:
1. PING HOSTNAME is successful on CUSTOMER’S machine
2. TNSPING HOSTNAME is successful on CUSTOMER’S machine
3. SQLPLUS is successful with USER2/(pw)@HOSTNAME.int on CUSTOMER’S machine
4. We corrected timeout error on CUSTOMER’S side, by adding TCP.CONNECT_TIMEOUT=1000 in SQLNET.ORA (Also observed extremely slow performance on CUSTOMER SIDE)
5. We corrected dns suffix problem on CUSTOMER’S side, observed in NSLOOKUP by
adding: IP ADDRESS AND HOSTNAME to Windows HOSTS file
and commenting out default suffix COMPANY.com from SQLNET.ORA file
6. VPN configuration and VPN credentials are good.
We tested CUSTOMER’S VPN profle, CUSTOMER’S VPN credentials, and user USER2/(pw)@HOSTNAME on my machine (WIN7). I am able to maintain persistant connection to HOSTNAME for hours
7. TNSNames entries are good. Able to connect to db in Toad, and Crystal, on CUSTOMER’S machine using different Oracle user, USER3 (only has grant connect). Unable to logon to db, with Oracle user USER1, or USER2. (USER2 was created to try to resolve login problem w USER1, but issue still exists.)
8. CUSTOMER has Windows VISTA, does not have admin privileges, has Oracle 10 installed for client. Using same Cisco VPN client I have installed.
9. Database on our servers is 11g
I suspect a configuration issue with CUSTOMER'S Vista machine, OR network, but not sure what to check.
Help?Oracle is too dumb to lie.
make sure that Java is installed on same system as Crystal Report.
Then modify below to utilized your connection details to independently confirm connectivity independent of all other software.
bcm@bcm-laptop:~$ cat Conn.java
import java.sql.*;
class Conn {
public static void main (String[] args) throws Exception
Class.forName ("oracle.jdbc.OracleDriver");
Connection conn = DriverManager.getConnection
("jdbc:oracle:thin:@//localhost:1521/v112", "scott", "tiger");
// @//machineName:port/SID, userid, password
try {
Statement stmt = conn.createStatement();
try {
ResultSet rset = stmt.executeQuery("select BANNER from SYS.V_$VERSION");
try {
while (rset.next())
System.out.println (rset.getString(1)); // Print col 1
finally {
try { rset.close(); } catch (Exception ignore) {}
finally {
try { stmt.close(); } catch (Exception ignore) {}
finally {
try { conn.close(); } catch (Exception ignore) {}
bcm@bcm-laptop:~$ javac Conn.java
bcm@bcm-laptop:~$ export CLASSPATH=/u01/app/oracle/product/11.2.0/dbhome_1/owb/wf/lib/ojdbc14.jar:.
bcm@bcm-laptop:~$ java Conn
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
PL/SQL Release 11.2.0.1.0 - Production
CORE 11.2.0.1.0 Production
TNS for Linux: Version 11.2.0.1.0 - Production
NLSRTL Version 11.2.0.1.0 - Production
bcm@bcm-laptop:~$ -
Meeting Place Express 2.1.1 CLI Username/Password
Hi All,
I have installed MPE 2.1.1 on VMWare as a linux based application.
After complete installation, when the CLI appears, I am unable to login into it.
During installation of OS, it does not asked me any username/password for this.
When I was configuring system on VMWare, it asked me username and password, and said that same password will be used for root user.
but nothing is working now.
I have tried same password for both, root and mpxadmin also admin/cisco.
Regards,
Hasnain NaqviHello Hasnain,
Have you tried the recovery procedures below:
http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Express%2C_Release_2.x_--_Troubleshooting_System_Issues#Recovering_the_Password_for_the_root_Account
If that doesnt work, you will need to open a TAC case and TAC will send you a password recovery .iso file to burn on a CD/DVD.
Regards,
Victor Dang. -
Hi all, suppose we have to configure automatic backup
Router(config)#archive
Router(config-archive)#path scp://username:password@hostname
Router(config-archive)#write memory
Is there any way to hide username and password in config?Not sure there is a way to do this as the router is being the client in this scenario. If you can make it the server, then there are some options:
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t2/feature/guide/ftscp.html
Sent from Cisco Technical Support iPad App
Maybe you are looking for
-
Workflow attached to content type shows the status as 'Starting'
Hi, I have developed a workflow to distribute documents from Drop Off library to different SharePoint libraries based on the content type that the document uploaded to. The drop off library has been configured incoming mail settings hence the documen
-
"upadte was terminated " is the error while doing picking and its not saved
hi experts, I have created a sales order. for that i created a deliery.then i created shipment .and i have put pick qty and batch. it gives a message Express document " Updated was terminated "received from author XXXX. and picking is not saved and i
-
Strange :Design Time Bean Customizer does not display
hi,I write a cutomer validator rule and create beaninfo class,bean customizer class. and register as a rule ,it works very well.then I modify customizer class,when I want to add new rule on a entity,neither default define property nor my custormerize
-
Is there a Windows XP version of Lightroom available? Version 4.1 requires W.7.
-
Muliple Accounts, One Library, No Longer Linked
Help!? I'm running iTunes 7.3 on XP. I have three users accounts on the machine, each servicing a different ipod. When I set up the two newest accounts, I pointed them to the music library of the primary user account. For a while, when I bought songs