Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

command to change p/w in cisco 1700

Posted on 2004-09-24
15
Medium Priority
?
317 Views
Last Modified: 2012-05-05
In my office we are using a router (cisco-1700) to connect to internet(leased line). One day we are upgraded our line speed and our isp changed the internet password. Now my problem is that:
how to configure this new password in our router. I know the telnet password and please let me know the bri commands that I want put to configure this new password.
0
Comment
Question by:tell-me
  • 7
  • 5
  • 3
15 Comments
 
LVL 9

Expert Comment

by:cooledit
ID: 12149883

what kinda connection is it ISDN over that WAN or what ?....
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12149945
Hi tell-me,

You might have to change more than just the password.  For example, if you're running over a channelised service, you might have to tell the router to use additional channels.

Take a look at the router config (with "show run").
Towards the top you're likely to see a line like:
username myisp password 543r3r

That *probably* what you want to change.  You'll do this by:
conf t
username myisp password mynewpassword

Make sure that you save the config first!  If it causes any problems, just restart the router.
You can save the config with "copy run start"

It's a little unusual for a leased-line to use authentication though.

It would help if you could post a copy of the config.  Replace any secure information (IPs, passwords, accesslists) with xxxx.
0
 

Author Comment

by:tell-me
ID: 12150228
When I check the running config, I can see this line:

interface dialer1
.....................
dialer-group 1
ppp authentication chap callin
ppp chap hostname mycompanyname
ppp chap password 7 mypassword
ppp multilink


I applied the same command in dialer interface1 with new password given by our ISP, and copied to startup config (with write command). But nothing happed. Till we can't access net ???
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 15

Expert Comment

by:scampgb
ID: 12150248
tell-me,
What you've done so far looks OK.  Can you please post a copy of the full config?

Also - exactly what did the ISP say you'd need to do once they've upgraded your bandwidth?  Did they mention anything about IP address changes or channel allocations.
0
 

Author Comment

by:tell-me
ID: 12150404
We upgraded our isdn connection 56k to 128k.
They (ISP) are telling there is no change in ip or channel allocation.


This is the running config

mycompany# show run
building confg.......
current config:
!
version 12.0
Service timestamps debug uptime
Service timestamps LOG uptime
sevice password-encryption
!
hostname mycompany
!
enable secret 5 *******
enable password 7 *****
!
username mycompany password ********
!
!
!
!
ip subnet-zero
!
ip name-server ********
ip name-server ********
isdn switch-type basic-net3
isdn voice-cal-failure 0
!
!
!
interface ethernet0
ip address ***********
no ip directed-broadcast
ip nat inside
!
interface BRI0
no ip address
no ip directed-broadcast
encapsulation ppp
dialer pool-member 1
isdn switch-type basic-net3
ppp multilink
!
interface Dialer1
ip address negotiated
no ip directed-broadcast
ip nat outside
encapsulation ppp
dialer idle-timeout 21600
dialer string 4359100
dialer string 4359000
dialer load-threshold 20 either
dialer-group 1
ppp authentication chap callin
ppp chap hostname mycompanyname
ppp chap password 7 mypassword
ppp multilink
!
ip nat inside source list 101 interface Dialer1 overload
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
acccess-list 101 10.0.0.0. 0.255.255.255 any
acccess-list 101 172.16.5.0 0.0.0.255 any
dialer-list protocol ip list 101
!
line con 0
exec-timeout 0 0
loging
transport input none
stopbits 1
line vty 0 4
password 7 ********
login
!
end
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12150452
tell-me:
Makes a bit more sense now, you're using ISDN and not a leased line.

Remove "username mycompany password ********", as it's not needed.
# no username mycompany password ********

Are you sure that you've got correct usernames and passwords?

I can't see anything obviously wrong here, so we'll need to do some more testing with ISDN debugging.
Make sure that the ISDN line is plugged in properly :-)

First step, can you please post the results of "show isdn status"?
0
 
LVL 9

Expert Comment

by:cooledit
ID: 12150456
debug ppp authentication

try make a new connection post details here
0
 

Author Comment

by:tell-me
ID: 12150656
First I admit my big mistake, we have isdn not leased line. But we can't understand your logic to remove the user name
and password. Since our isp says the changes in password (and there is no other changes) I want to make this changes in my router and performed the tasks(in interface dialer1) that I mentioned early time. What I want to do next ?

This is the out put of sh isdn status:

global isdn swtich type = basic-net3
isdn bri0 interface
ds1=0,interface isdn switch type=basic net3
layer1 status:
active
layer2 status:
TEI=101 CES=1,SAPI=0,State=multipile_frame_established
layer3 status:
0 active layer 3 call(s)
Active ds1 0 ccbs=0
the channel mask:0*80000003
Number of L2 discards=1, L2 sessionid=57
Total allocated isdn ccbs=0
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12150725
I suggested removing the "username mycompany password ********" command as this isn't used by the dialer.
The username and password details used by the dialer are specified in the lines:
ppp authentication chap callin
ppp chap hostname mycompanyname
ppp chap password 7 mypassword

The results of "show isdn status" show that your ISDN line is plugged in correctly.

Just to check that you've got the right password (I'm assuming the word "tablelamp" specified, do this:
conf t
int dialer 1
no ppp chap password
ppp chap password tablelamp


Then try to connect again.
If that doesn't work, we need to do the PPP debug that cooledit mentioned.  At the enable prompt:
terminal monitor
undebug all
debug ppp authent

... then force the router to dial (browse to a web page for example).
You'll get a load of debug information from the router.  Post that info here.
0
 

Author Comment

by:tell-me
ID: 12154511
Thank you for your effort to solve our problem. But debugging commands did not helped to solve. Any way some other professional solved the issue and our net connection is fine now. I would like to know about the commands they applied to resolve this issue, but unfortunately they are not willing to share it (as they are professionals from a different company)

Anyway I have some other questions related to this:

1.      Can you assume what they had done to solve the issue?
2.      By reviewing “sh isdn” output, you said that our isdn plugged in correctly. How you take this opinions?
3.      If the ppp authentication is the problem, how I can troubleshoot this?
4.      Last one is a general question. Can you recommend a hand book and some online resources(last time it is very difficult to use online resources) to assist me when I face similar situation in Cisco network.

If you want to analyze our current run config to answer my questions I will send to your email.


Thank you,


0
 
LVL 9

Expert Comment

by:cooledit
ID: 12154518
hi, Tel-me

Could you poste the Running config here just to let us know what have been happening.
Just remove IP addresses, passwords and more
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12154898
cooledit's right - we'll need a copy of the running config to see what they've done.

On another note, I'd be very concerned about any "professionals" who will modify your router config and not let you know what they've done.

On the point "2":
layer1 status:
active                                                      <== The cable is plugged in
layer2 status:
TEI=101 CES=1,SAPI=0,State=multipile_frame_established      <== It can see the ISDN signal from your ISDN provider

4: experts-exchange is a good place to ask for help ;-)
Troubleshooting is a difficult thing to do if you don't understand how it's meant to to work in the first place....
0
 

Author Comment

by:tell-me
ID: 12158832
This is the run config:


#show run

Building configuration...


Current configuration : 991 bytes

!

version 12.2

service timestamps
debug uptime

service timestamps log uptime

no service password-encryption

!

hostname ********
!

enable secret 5 ******************
enable password ******
!

ip subnet-zero
no
ip domain-lookup

ip name-server *******
ip name-server *******
!

isdn switch-type basic-net3

!

!

!

interface BRI0
ip address negotiated

ip nat outside
 encapsulation
ppp
dialer idle-timeout 2147483

dialer string *******
dialer load-threshold 1 either
dialer-group 1

isdn switch-type basic-net3

ppp authentication pap callin

ppp pap sent-username ******* password 7 *******!
interface FastEthernet0

ip address ****** ********
ip nat inside
speed 100
full-duplex

!
ip nat inside source list 10
interface BRI0 overload
ip classless
ip route 0.0.0.0 0.0.0.0
BRI0
no ip http server

!

!

access-list 10 permit any
dialer-list 1 protocol ip permit

!

line con 0
line aux 0
line vty 0
password *******
login
line vty 1 4
login

!

end


I know this site is good place to ask, but could you recommend some books that may enhance my skills, pls ?
0
 
LVL 15

Accepted Solution

by:
scampgb earned 375 total points
ID: 12181788
tell-me,
> ppp authentication pap callin

> ppp pap sent-username ******* password 7 *******!

I think this is what they've changed.  They've reconfigured it to use PAP rather than CHAP authentication.
PAP authentication is less secure, so I'd avoid using it wherever possible.

As for learning, this tutorial looks a good start http://www.swcp.com/~jgentry/topo/cisco.htm

Book options are:
Managing IP Networks with Cisco Routers
http://www.amazon.com/exec/obidos/tg/detail/-/1565923200/102-1435749-3466563?v=glance

Cisco Cookbook
http://www.amazon.com/exec/obidos/ASIN/0596003676/qid=1096476273/sr=ka-3/ref=pd_ka_3/102-1435749-3466563

I suggest that you visit a good bookseller and browse what they have available.  I'm personally a fan of the "nutshell" series of books.
0
 
LVL 15

Expert Comment

by:scampgb
ID: 12191333
Glad I could help :-)

0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question