Solved

Cisco 2801 Router lost its feature sets

Posted on 2006-07-01
9
1,519 Views
Last Modified: 2013-11-29
I need urgent help. I had to install an aditional ADSL WIC to a 2801 router. I turned off the router, installed the WIC and turned the router back on. Everything was fine, WIC detected, no line detected in the ADSL side, but that could be another different problem.

My real problem is that we had to turn off the router again, because we had to change its position in the rack. After all, i have founf that the ROUTER HAS LOST ITS VPN, FIREWALL and IPS capabilities. They were working for sure, i had seen them before, actuallly, there was a VPN connection working perfectly. It only has its asic IP feature set. Where are all the rest gone?

After the WIC was installed, at leas one time, i saw the VPN working, but after that, they disappeared.

Every crypto and IPS command have disappeared from my running-config, and i can´t add them again. SDM tells me that feature sets VPN, IPS and Firewall are not available.

What has happened? How can i get them back?

Please help!
0
Comment
Question by:llandajuela
9 Comments
 

Author Comment

by:llandajuela
ID: 17024248
i forgot to mention, if i issue a "dir" command to see the flash memory contents, i can see two files called "crashinfo" with creation date of today.

I dont know how to extract them.

Probably the router was turned off and on, total, about five times. But that's the only thing i did, and adding the WIC, of course.

What could have happened?

Thanks

0
 
LVL 1

Expert Comment

by:atifawan
ID: 17024289
Can you post an output of the show flash or dir flash command. What I suspect is that you have two IOS images on the router; one is the IP Base and one is probably a crypto image. The reload could have somehow caused the router to boot the IP Base image which does not have the crypto features. It will also be helpful if you post the output of the show version command.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17024641
Can you post result of "show ver" that will tell us that the IOS still has the feature set
Can you post result of "dir flash:"
Delete the crashinfo files. They may be taking up too much space on the flash to fully expand the IOS
router#del flash:crashinfo*


0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 17025205
If the router reset itself for some unknow reason, you probably cannot get them back, you will have to do it all over again.  WHat you need to do, is when the router is set correctly, use a screen capture program like MWSnap 3.0.0.74 -- it is a free program -- you install it, and when the router config is up on your screen, you snap any rectangle, outline the router setup screen, and save it to a JPG file.

Once you do this for all the key router setup screens, it is barely 10 minutes to completely restore the router to its original configuration.  I would not be without this screen capture utility, it is a lifesaver.

Why your router did this?  Possibly defective, need new router?  Maybe just a fluke occurrence, hard to say.  But be prepared with a complete backup of all the router settings in case this happens again in the future.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:llandajuela
ID: 17026921
Thank you experts for your help.

I will post the results "dir flash" and "show ver" tomorrow, since now i dont have access to the router.
What i do have is the "BEFORE" and the "AFTER" configuration.

lrmoore, should i just delete the crash files? or do i have to extract a copy firsrt? through a tftp server, i guess

scartchyboy, sorry, i think i don't understand you, what would i do with the screenshot to recover to the old situation? you mean i lost the ios software, and i will have to re-purchase? i hope not! there has to be a way to re-enable them, right?



BEFORE

!This is the running config of the router: 10.0.0.4
!----------------------------------------------------------------------------
!version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname xxx
!
boot-start-marker
boot system flash c2801-advipservicesk9-mz.123-8.T8.bin
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$hAlq$e6y/Gwlho9Utm00XvMux..
enable password
!
username admin privilege 15 secret 5 $1$N5j2$6F2bvwj7H7NArk98xBQg50
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
!
ip domain name yourdomain.com
ip ips po max-events 100
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
 group 2
crypto isakmp key xxxxx address 2.2.2.2 no-xauth
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
 description
 set peer 2.2.2.2
 set transform-set ESP-3DES-SHA1
 match address 102
!
!
!
!
interface FastEthernet0/0
 description $FW_INSIDE$$ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
 ip address 10.0.0.4 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 speed auto
 half-duplex
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface ATM0/1/0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0/1/0.1 point-to-point
 description $FW_OUTSIDE$
 ip address 1.1.1.1 255.255.255.0
 ip access-group 130 in
 crypto map SDM_CMAP_1
 pvc 8/32
  encapsulation aal5snap
 !
!
interface ATM0/2/0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0/2/0.1 point-to-point
 ip address 3.3.3.3 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 pvc 8/32
  encapsulation aal5snap
 !
!
ip classless
ip route 0.0.0.0 0.0.0.0 1.1.1.2
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface ATM0/2/0.1 overload
!
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 102 remark SDM_ACL Category=4
access-list 102 remark IPSec Rule
access-list 102 permit ip 10.0.0.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 130 permit ip host 2.2.2.2 host 1.1.1.1
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device. This
feature requires the one time use, initial credentials, of username "cisco"
with password "cisco".

Please change these publicly known initial credentials through SDM or IOS CLI.
Here's the Cisco IOS command:

no username cisco

NOTE: Please add a new username to be able to launch SDM for router management.

For more information about SDM please follow the instructions in the QUICK
START GUIDE for your router or at
http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
 login local
line aux 0
line vty 0 4
 privilege level 15
 password
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 password
 login local
 transport input telnet ssh
!
end





AFTER



!This is the running config of the router: 10.0.0.4
!----------------------------------------------------------------------------
!version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname xxx
!
boot-start-marker
boot system flash c2801-advipservicesk9-mz.123-8.T8.bin
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$hAlq$e6y/Gwlho9Utm00XvMux..
enable password xxxx
!
username admin privilege 15 secret 5 $1$N5j2$6F2bvwj7H7NArk98xBQg50
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
!
ip domain name yourdomain.com
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
 description $FW_INSIDE$$ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
 ip address 10.0.0.4 255.255.255.0
 ip nat inside
 speed auto
 half-duplex
 no mop enabled
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface ATM0/1/0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0/1/0.1 point-to-point
 description $FW_OUTSIDE$
 ip address 1.1.1.1 255.255.255.0
 ip access-group 130 in
 pvc 8/32
  encapsulation aal5snap
 !
!
interface ATM0/2/0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0/2/0.1 point-to-point
 ip address 3.3.3.3 255.255.255.0
 ip nat outside
 pvc 8/32
  encapsulation aal5snap
 !
!
ip classless
ip route 0.0.0.0 0.0.0.0 1.1.1.2
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface ATM0/2/0.1 overload
!
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 102 remark SDM_ACL Category=4
access-list 102 remark IPSec Rule
access-list 102 permit ip 10.0.0.0 0.0.0.255 10.0.1.0 0.0.0.255
access-list 130 permit ip host 2.2.2.2 host 1.1.1.1
!
!
!
control-plane
!
!
!
!
!
!
!
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device. This
feature requires the one time use, initial credentials, of username "cisco"
with password "cisco".

Please change these publicly known initial credentials through SDM or IOS CLI.
Here's the Cisco IOS command:

no username cisco

NOTE: Please add a new username to be able to launch SDM for router management.

For more information about SDM please follow the instructions in the QUICK
START GUIDE for your router or at
http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
!
line con 0
 login local
line aux 0
line vty 0 4
 privilege level 15
 password
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 password
 login local
 transport input telnet ssh
!
end



0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17026980
>should i just delete the crash files?
Yes. Just delete them. They can only be decifered by Cisco TAC and unless you really want to get into why the router crashed (you turned it off?) and help Cisco find bugs, they won't do you any good. Delete them and get on with life.

>boot system flash c2801-advipservicesk9-mz.123-8.T8.bin
Both configurations show this line, so as long as result of 'show flash:' shows that exact image file, then you should be fine after you delete the crashinfo files. If there is more than one .bin image on the flash then we have some other options to determine which image file you want to run and you can delete the other one.

"show ver" will also show the actual filename of the system image that actually booted. We need to compare all three to make sure they are identical.
0
 

Author Comment

by:llandajuela
ID: 17029568
After deleting de the crashinfo files, the behaviour was the same, no feature sets!. I reloaded the router, and i got a message telling that there is not enough memory to load IOS image. I post the results of the reload, where the crashinfo files are again generated. I also post the results of the dir flash and show ver commands. Do i have to purchasse more memory? Why was it working before? Is it because of the second WIC?


THE RELOAD

rAlio#reload
Proceed with reload? [confirm]

*Jul  3 09:16:33.441: %SYS-5-RELOAD: Reload requested by admin on console. Reloa
d Reason: Reload command.
*Jul  3 09:16:36.017: %LINK-3-UPDOWN: Interface ATM0/1/0, changed state to down
*Jul  3 09:16:37.017: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0/1/0,
changed state to down
System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2004 by cisco Systems, Inc.
PLD version 0x0f
GIO FPGA version 0x128
c2801 processor with 131072 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled


Upgrade ROMMON initialized
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......

program load complete, entry point: 0x8000f000, size: 0x12aaf7c
Self decompressing the image : #################################################
################################################################################
################################################################################
######## [OK]

IOMEM set to: 10

Using iomem percentage: 10

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.


SYSTEM INIT: INSUFFICIENT MEMORY TO BOOT THE IMAGE!



%Software-forced reload


Unexpected exception, CPU signal 23, PC = 0x6049F960


-Traceback= 6049F960 6049D8AC 60185A14 60188384 6008D1DC 6050BCA4 6050D3C8
$0 : 00000000, AT : 63230000, v0 : 633F0000, v1 : 00000001
a0 : 6345AE70, a1 : 00005098, a2 : 00000000, a3 : 000F4240
t0 : 604A3950, t1 : 3401FF01, t2 : 604A3950, t3 : FFFF00FF
t4 : 604A3950, t5 : 00000004, t6 : 00000000, t7 : 6335ECC0
s0 : 00000000, s1 : 00000000, s2 : 62F80000, s3 : 00000004
s4 : 0004DC74, s5 : 6008D1D4, s6 : 638B168C, s7 : 0004DC74
t8 : 00000006, t9 : 00000002, k0 : 3041E801, k1 : 00100000
gp : 6323B080, sp : 638B1600, s8 : 620D9098, ra : 6049D8AC
EPC  : 6049F960, ErrorEPC : BFCC5F1C, SREG     : 3401FF03
MDLO : 0001E848, MDHI     : 00000000, BadVaddr : F6FAFFFB
Cause 00000024 (Code 0x9): Breakpoint exception

Writing crashinfo to flash:crashinfo_20060703-091743

Unexpected exception, CPU signal 23, PC = 0x6049F960


-Traceback= 6049F960 6049D8AC 60185A14 60188384 6008D1DC 6050BCA4 6050D3C8
$0 : 00000000, AT : 63230000, v0 : 633F0000, v1 : 00000001
a0 : 6345AE70, a1 : 00005098, a2 : 00000000, a3 : 000F4240
t0 : 604A3950, t1 : 3401FF01, t2 : 604A3950, t3 : FFFF00FF
t4 : 604A3950, t5 : 00000004, t6 : 00000000, t7 : 6335ECC0
s0 : 00000000, s1 : 00000000, s2 : 62F80000, s3 : 00000004
s4 : 0004DC74, s5 : 6008D1D4, s6 : 638B168C, s7 : 0004DC74
t8 : 00000006, t9 : 00000002, k0 : 3041E801, k1 : 00100000
gp : 6323B080, sp : 638B1600, s8 : 620D9098, ra : 6049D8AC
EPC  : 6049F960, ErrorEPC : BFCC5F1C, SREG     : 3401FF03
MDLO : 0001E848, MDHI     : 00000000, BadVaddr : F6FAFFFB
Cause 00000024 (Code 0x9): Breakpoint exception

-Traceback= 6049F960 6049D8AC 60185A14 60188384 6008D1DC 6050BCA4 6050D3C8


=== Flushing messages (09:17:43 UTC Mon Jul 3 2006) ===
 mpsc_chr10 24030a30: 0x8080000

*** System received a Software forced crash ***
signal= 0x17, code= 0x24, context= 0x633ee374
PC = 0x604a58a8, Cause = 0x20, Status Reg = 0x34018002

System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2004 by cisco Systems, Inc.
PLD version 0x0f
GIO FPGA version 0x128
c2801 processor with 131072 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled


Upgrade ROMMON initialized
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......

program load complete, entry point: 0x8000f000, size: 0x12aaf7c
Self decompressing the image : #################################################
################################################################################
################################################################################
######## [OK]

IOMEM set to: 10

Using iomem percentage: 10

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706



Cisco IOS Software, 2801 Software (C2801-SPSERVICESK9-M), Version 12.3(8)T4, REL
EASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by Cisco Systems, Inc.
Compiled Fri 03-Sep-04 00:01 by eaarmas
Image text-base: 0x6006B814, data-base: 0x62000000


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco 2801 (revision 4.1) with 118784K/12288K bytes of memory.
Processor board ID FHK084310RG
2 FastEthernet interfaces
2 ATM interfaces
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62592K bytes of ATA CompactFlash (Read/Write)



Press RETURN to get started!




SHOW VER AND DIR FLASH


XXXXXX#dir flash:
Directory of flash:/

    1  -rw-    19575068  Oct 19 2004 23:57:00 +00:00  c2801-spservicesk9-mz.123-
8.T4.bin
    2  -rw-        1536  Oct 20 2004 00:13:34 +00:00  sdmconfig-2801.cfg
    3  -rw-     3883008  Oct 20 2004 00:14:10 +00:00  sdm.tar
    4  -rw-        1463  Oct 20 2004 00:14:28 +00:00  home.html
    5  -rw-      270848  Oct 20 2004 00:14:48 +00:00  home.tar
    6  -rw-       93095  Oct 20 2004 00:15:12 +00:00  attack-drop.sdf
    7  -rw-     1187840  Oct 20 2004 00:15:32 +00:00  ips.tar
    8  -rw-    21637408  May 13 2005 13:57:42 +00:00  c2801-advipservicesk9-mz.1
23-8.T8.bin
    9  -rw-      150105  Jul 01 2006 14:49:20 +00:00  crashinfo_20060701-144921
   10  -rw-      149689  Jul 01 2006 15:04:54 +00:00  crashinfo_20060701-150454

63889408 bytes total (16920576 bytes free)
XXXXXXXX#show ver
Cisco IOS Software, 2801 Software (C2801-SPSERVICESK9-M), Version 12.3(8)T4, REL
EASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2004 by Cisco Systems, Inc.
Compiled Fri 03-Sep-04 00:01 by eaarmas

ROM: System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)

rAlio uptime is 1 day, 18 hours, 6 minutes
System returned to ROM by power-on
System image file is "flash:c2801-spservicesk9-mz.123-8.T4.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco 2801 (revision 4.1) with 118784K/12288K bytes of memory.
Processor board ID FHK084310RG
2 FastEthernet interfaces
2 ATM interfaces
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62592K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

XXXXXX#
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 17031086
Directory of flash:/
1  -rw-    19575068  Oct 19 2004 23:57:00 +00:00  c2801-spservicesk9-mz.123-8.T4.bin
8  -rw-    21637408  May 13 2005 13:57:42 +00:00  c2801-advipservicesk9-mz.123-8.T8.bin

>System image file is "flash:c2801-spservicesk9-mz.123-8.T4.bin"

Config file calls a different image
>boot system flash c2801-advipservicesk9-mz.123-8.T8.bin

What's happening is you don't have enough DRAM memory to run the image called for in the config (advipservices) so the router reboots and loads the first image in the flash (spservices).

Copy the spservicesk9 image to tftp server then delete it from the flash. Also remove boot system command from the config:
 no boot system flash c2801-advipservicesk9-mz.123-8.T8.bin

If advipservicesk9 is the only IOS version on the flash, it will boot it by default. If it loads fine, then you'r all set. If you get the same error messages about not enough memory, then you might want to make sure you DRAM simms are seated well in the router. Cisco's software advisor tool shows minimum 128Mb required for either image so the fact that one boots and the other does not is troublesome.  
0
 

Author Comment

by:llandajuela
ID: 17070768
Thanks lrmoore, your comments are of great help, as usual.

I will try what you tell me to.

Thanks
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now