Solved

Cisco 2801 - Adv Enterprise Software

Posted on 2011-09-16
9
365 Views
Last Modified: 2012-06-27
Have a Cisco 2801 that had an Advanced Enterprise iOS software updated with a VPN tunnel configured on it.
The router was operating perfectly, allowing remote VPN client connections, etc.
Lost power and the Cisco 2801 rebooted and for some reason, the iOS version loaded is NOT the Advanced enterprise version.
I have checked the running config of the 2801 and all VPN related commands are not in the running config.  However, the VPN commands are present in the startup config, meaning the current iOS version is ignoring those commands when it boots because it does not recognize them.

It looks like the Advanced Enterprise firmware is not loaded in flash, nor can I find the bin file anywhere in the file structure.
I am trying to find someone that can help me retrieve the 12.4T bin of the Advanced Enterprise iOS.
I am not able to access it from Cisco simply because I am not registered with them as a partner or reseller.
I am not about to download it from a random Internet download provider.

Anyone out there that can help me get access to this software?

All help would be greatly appreciated.

Thank you....
0
Comment
Question by:tchancev
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 36552859
Could be that it was loaded from a TFTP or FTP server. I would check on any possible servers on your network.
0
 
LVL 17

Expert Comment

by:Garry-G
ID: 36553326
In the meantime, make sure you copy the original startup config to a safe place - once you issue a "write", all the VPN stuff is gone ...
In a pinch, just do a "copy startup flash:original-config" ...
0
 
LVL 36

Expert Comment

by:ArneLovius
ID: 36553820
I would suggest speaking to your reseller and ask if they can provide it, you could try contacting Cisco TAC, but without a smartnet account for the router, they are unlikely to be able to assist you.
0
 
LVL 17

Expert Comment

by:rochey2009
ID: 36553859
please can you post the output of "dir" of the flash:
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 17

Expert Comment

by:rochey2009
ID: 36553863
can you also post,

show boot
0
 

Author Comment

by:tchancev
ID: 36554074
Hi Guys,

Thanks for all the great advice.
Had already checked for TFTP and FTP servers on site and no luck.
And the reseller is no longer helping this client of ours.
And this is a refurbished Cisco 2801.
I already had the presence of mind to back up the current system image to an offsite FTP server.
Also backed up both the running-config and startup-config to the same offsite FTP server.
I am not an expert with Cisco programming but I have managed pretty well with just taking my time and researchiing thoroughly.

Got lucky and found c2801adventerprisek9-mz.124-22.T.bin image from a file sharing service.
I checked with Cisco's feature navigator and see that this image does run on the 2801 platform but its memory specs for DRAM / Min Flash are 192/64.
Have already transferred the image via the offsite FTP server to the 2801 flash.
However, the Cisco 2801 reports only 191K of DRAM available and the specs call for 192K.

So, I have not actually issued the commands to tell the 2801 to boot from this image because I am not 100% certain this file is not virus infected since it came from a file-sharing source, and because I would hate to have it hang during boot because it calls for 192K DRAM and the 2801 only has 191K for use.
I ran the verify /md5 command on it and have the checksum from the image but I do not have the checksum from Cisco so I have no true way of verifying if the file has not been tampered with.

I am looking for a Cisco reseller or partner that can provide me a guaranteed virus-free version of this file.
And obviously, I would like to install the latest version possible for this 2801.
I believe I have that version now based on memory specs.
Cisco Product #S280AESK9-12422T -> c2801-adventerprisek9-mz.124-22.T.bin.
Since I am not Cisco certified, and have no Cisco partner to guide, I am reluctant to make the boot change.

Any suggestions or guys that can help me determine of this version is the best for my solution?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 36554454
Sounds like the previous reseller loaded the IOS from a server and never copied it to flash.

I would contact Cisco and provide documentation that the customer paid for the IOS and see what happens.
0
 

Accepted Solution

by:
tchancev earned 0 total points
ID: 36554523
hi donjohnston:
Yes, I believe you are correct.
I tried very hard to make contact with the original reseller and he must have serious bad blood with our client as he never returned our calls or emails, even just to tell us he had no intention of helping.
Since this was a pressing matter and the weekend is obviously the best time to do what we had to do, I just bit my lip and entered the commands to load the c2801-adventerprisek9-mz.124-22.T.bin as the system image.

100% successful!!!!!!
Advanced Enterprise version is now running, running-config and startup-config are identical, the VPN tunnel is back up, and remote users are happily plugging away.

I would like to thank everyone again for their input.
0
 

Author Closing Comment

by:tchancev
ID: 37052314
Solution was to download iOS version needed from Cisco and copy to flash, then reload router from flash  All is good.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now