Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

command to change p/w in cisco 1700

Posted on 2004-09-24
15
Medium Priority
?
314 Views
Last Modified: 2012-05-05
In my office we are using a router (cisco-1700) to connect to internet(leased line). One day we are upgraded our line speed and our isp changed the internet password. Now my problem is that:
how to configure this new password in our router. I know the telnet password and please let me know the bri commands that I want put to configure this new password.
0
Comment
Question by:tell-me
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 3
15 Comments
 
LVL 9

Expert Comment

by:cooledit
ID: 12149883

what kinda connection is it ISDN over that WAN or what ?....
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12149945
Hi tell-me,

You might have to change more than just the password.  For example, if you're running over a channelised service, you might have to tell the router to use additional channels.

Take a look at the router config (with "show run").
Towards the top you're likely to see a line like:
username myisp password 543r3r

That *probably* what you want to change.  You'll do this by:
conf t
username myisp password mynewpassword

Make sure that you save the config first!  If it causes any problems, just restart the router.
You can save the config with "copy run start"

It's a little unusual for a leased-line to use authentication though.

It would help if you could post a copy of the config.  Replace any secure information (IPs, passwords, accesslists) with xxxx.
0
 

Author Comment

by:tell-me
ID: 12150228
When I check the running config, I can see this line:

interface dialer1
.....................
dialer-group 1
ppp authentication chap callin
ppp chap hostname mycompanyname
ppp chap password 7 mypassword
ppp multilink


I applied the same command in dialer interface1 with new password given by our ISP, and copied to startup config (with write command). But nothing happed. Till we can't access net ???
0
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

 
LVL 15

Expert Comment

by:scampgb
ID: 12150248
tell-me,
What you've done so far looks OK.  Can you please post a copy of the full config?

Also - exactly what did the ISP say you'd need to do once they've upgraded your bandwidth?  Did they mention anything about IP address changes or channel allocations.
0
 

Author Comment

by:tell-me
ID: 12150404
We upgraded our isdn connection 56k to 128k.
They (ISP) are telling there is no change in ip or channel allocation.


This is the running config

mycompany# show run
building confg.......
current config:
!
version 12.0
Service timestamps debug uptime
Service timestamps LOG uptime
sevice password-encryption
!
hostname mycompany
!
enable secret 5 *******
enable password 7 *****
!
username mycompany password ********
!
!
!
!
ip subnet-zero
!
ip name-server ********
ip name-server ********
isdn switch-type basic-net3
isdn voice-cal-failure 0
!
!
!
interface ethernet0
ip address ***********
no ip directed-broadcast
ip nat inside
!
interface BRI0
no ip address
no ip directed-broadcast
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-net3
ppp multilink
!
interface Dialer1
ip address negotiated
no ip directed-broadcast
ip nat outside
encapsulation ppp
dialer idle-timeout 21600
dialer string 4359100
dialer string 4359000
dialer load-threshold 20 either
dialer-group 1
ppp authentication chap callin
ppp chap hostname mycompanyname
ppp chap password 7 mypassword
ppp multilink
!
ip nat inside source list 101 interface Dialer1 overload
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
acccess-list 101 10.0.0.0. 0.255.255.255 any
acccess-list 101 172.16.5.0 0.0.0.255 any
dialer-list protocol ip list 101
!
line con 0
exec-timeout 0 0
loging
transport input none
stopbits 1
line vty 0 4
password 7 ********
login
!
end
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12150452
tell-me:
Makes a bit more sense now, you're using ISDN and not a leased line.

Remove "username mycompany password ********", as it's not needed.
# no username mycompany password ********

Are you sure that you've got correct usernames and passwords?

I can't see anything obviously wrong here, so we'll need to do some more testing with ISDN debugging.
Make sure that the ISDN line is plugged in properly :-)

First step, can you please post the results of "show isdn status"?
0
 
LVL 9

Expert Comment

by:cooledit
ID: 12150456
debug ppp authentication

try make a new connection post details here
0
 

Author Comment

by:tell-me
ID: 12150656
First I admit my big mistake, we have isdn not leased line. But we can't understand your logic to remove the user name
and password. Since our isp says the changes in password (and there is no other changes) I want to make this changes in my router and performed the tasks(in interface dialer1) that I mentioned early time. What I want to do next ?

This is the out put of sh isdn status:

global isdn swtich type = basic-net3
isdn bri0 interface
ds1=0,interface isdn switch type=basic net3
layer1 status:
active
layer2 status:
TEI=101 CES=1,SAPI=0,State=multipile_frame_established
layer3 status:
0 active layer 3 call(s)
Active ds1 0 ccbs=0
the channel mask:0*80000003
Number of L2 discards=1, L2 sessionid=57
Total allocated isdn ccbs=0
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12150725
I suggested removing the "username mycompany password ********" command as this isn't used by the dialer.
The username and password details used by the dialer are specified in the lines:
ppp authentication chap callin
ppp chap hostname mycompanyname
ppp chap password 7 mypassword

The results of "show isdn status" show that your ISDN line is plugged in correctly.

Just to check that you've got the right password (I'm assuming the word "tablelamp" specified, do this:
conf t
int dialer 1
no ppp chap password
ppp chap password tablelamp


Then try to connect again.
If that doesn't work, we need to do the PPP debug that cooledit mentioned.  At the enable prompt:
terminal monitor
undebug all
debug ppp authent

... then force the router to dial (browse to a web page for example).
You'll get a load of debug information from the router.  Post that info here.
0
 

Author Comment

by:tell-me
ID: 12154511
Thank you for your effort to solve our problem. But debugging commands did not helped to solve. Any way some other professional solved the issue and our net connection is fine now. I would like to know about the commands they applied to resolve this issue, but unfortunately they are not willing to share it (as they are professionals from a different company)

Anyway I have some other questions related to this:

1.      Can you assume what they had done to solve the issue?
2.      By reviewing “sh isdn” output, you said that our isdn plugged in correctly. How you take this opinions?
3.      If the ppp authentication is the problem, how I can troubleshoot this?
4.      Last one is a general question. Can you recommend a hand book and some online resources(last time it is very difficult to use online resources) to assist me when I face similar situation in Cisco network.

If you want to analyze our current run config to answer my questions I will send to your email.


Thank you,


0
 
LVL 9

Expert Comment

by:cooledit
ID: 12154518
hi, Tel-me

Could you poste the Running config here just to let us know what have been happening.
Just remove IP addresses, passwords and more
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12154898
cooledit's right - we'll need a copy of the running config to see what they've done.

On another note, I'd be very concerned about any "professionals" who will modify your router config and not let you know what they've done.

On the point "2":
layer1 status:
active                                                      <== The cable is plugged in
layer2 status:
TEI=101 CES=1,SAPI=0,State=multipile_frame_established      <== It can see the ISDN signal from your ISDN provider

4: experts-exchange is a good place to ask for help ;-)
Troubleshooting is a difficult thing to do if you don't understand how it's meant to to work in the first place....
0
 

Author Comment

by:tell-me
ID: 12158832
This is the run config:


#show run

Building configuration...


Current configuration : 991 bytes

!

version 12.2

service timestamps
debug uptime

service timestamps log uptime

no service password-encryption

!

hostname ********
!

enable secret 5 ******************
enable password ******
!

ip subnet-zero
no
ip domain-lookup

ip name-server *******
ip name-server *******
!

isdn switch-type basic-net3

!

!

!

interface BRI0
ip address negotiated

ip nat outside
 encapsulation
ppp
dialer idle-timeout 2147483

dialer string *******
dialer load-threshold 1 either
dialer-group 1

isdn switch-type basic-net3

ppp authentication pap callin

ppp pap sent-username ******* password 7 *******!
interface FastEthernet0

ip address ****** ********
ip nat inside
speed 100
full-duplex

!
ip nat inside source list 10
interface BRI0 overload
ip classless
ip route 0.0.0.0 0.0.0.0
BRI0
no ip http server

!

!

access-list 10 permit any
dialer-list 1 protocol ip permit

!

line con 0
line aux 0
line vty 0
password *******
login
line vty 1 4
login

!

end


I know this site is good place to ask, but could you recommend some books that may enhance my skills, pls ?
0
 
LVL 15

Accepted Solution

by:
scampgb earned 375 total points
ID: 12181788
tell-me,
> ppp authentication pap callin

> ppp pap sent-username ******* password 7 *******!

I think this is what they've changed.  They've reconfigured it to use PAP rather than CHAP authentication.
PAP authentication is less secure, so I'd avoid using it wherever possible.

As for learning, this tutorial looks a good start http://www.swcp.com/~jgentry/topo/cisco.htm

Book options are:
Managing IP Networks with Cisco Routers
http://www.amazon.com/exec/obidos/tg/detail/-/1565923200/102-1435749-3466563?v=glance

Cisco Cookbook
http://www.amazon.com/exec/obidos/ASIN/0596003676/qid=1096476273/sr=ka-3/ref=pd_ka_3/102-1435749-3466563

I suggest that you visit a good bookseller and browse what they have available.  I'm personally a fan of the "nutshell" series of books.
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12191333
Glad I could help :-)

0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This program is used to assist in finding and resolving common problems with wireless connections.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question