backup cisco 2800 router using TFTP
I am trying to backup this router's configuration and thusfar, used TFTPD32/64 and solarwinds tftp in all cases I get a timeout error as follows:
%Error opening tftp://192.168.1.21/config1.txt (Timed out)
I also, tried different machines aside from my workstation.
Can someone help me please!
%Error opening tftp://192.168.1.21/config1.txt (Timed out)
I also, tried different machines aside from my workstation.
Can someone help me please!
ASKER
Hello Don,
Thank you for your help, here's what I type:
Router1#en
Router1#copy system:running-config tftp://192.168.1.21/verizonr1.txt
Address or name of remote host [192.168.1.21]?
Destination filename [verizonr1.txt]?
.....
%Error opening tftp://192.168.1.21/verizonr1.txt (Timed out)
Router1#
Thank you for your help, here's what I type:
Router1#en
Router1#copy system:running-config tftp://192.168.1.21/verizonr1.txt
Address or name of remote host [192.168.1.21]?
Destination filename [verizonr1.txt]?
.....
%Error opening tftp://192.168.1.21/verizonr1.txt (Timed out)
Router1#
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If the goal is to just back up the configuration, and you don't really care about the technology, then you can also:
Set terminal length to 0 (term len 0) and then just do a show run. That will allow you to scrape and paste from the terminal window. You can save the scrape and paste by logging your terminal session to a text file.
Another method is to save the config file onto the local flash, and then use SCP to copy the file. I prefer SCP over TFTP because it's encrypted, and if you're SSH'd into the router you know you don't have any firewall issues to contend with.
Enabling SCP on Cisco routers
Set terminal length to 0 (term len 0) and then just do a show run. That will allow you to scrape and paste from the terminal window. You can save the scrape and paste by logging your terminal session to a text file.
Another method is to save the config file onto the local flash, and then use SCP to copy the file. I prefer SCP over TFTP because it's encrypted, and if you're SSH'd into the router you know you don't have any firewall issues to contend with.
Enabling SCP on Cisco routers
ASKER
yes I am connected using putty. Thank you for your comments. Another item I saw through reading is the router may not be configured for TFTP?
Using the SCP method, can I use a windows client, such as WinSCP to copy the file to the new router?
Using the SCP method, can I use a windows client, such as WinSCP to copy the file to the new router?
I know PSCP works (Putty SCP). (Just make sure you use the -scp switch.)
pscp -scp <source file> <username>@<routerip>:<fil
Can't recall if WinSCP works.
pscp -scp <source file> <username>@<routerip>:<fil
Can't recall if WinSCP works.
ASKER
I have a different question along this issue and can open new thread if needed?
I configured the new router interface G0/0 for IP 10.50.50.86/24. This is connected to the production switch configured for vlan 50. For some reason I cannot putty into the router?
The cable is a regular ethernet cable not crossover.
Here's the output of the switch where the router is connected, followed by router output:
USSW71#show interface Gi4/0/38
GigabitEthernet4/0/38 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 001b.2aaa.1e26 (bia 001b.2aaa.1e26)
Description: DATA SERVICES
MTU 9000 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:28, output 00:00:13, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 0 bits/sec, 0 packets/sec
33726 packets input, 3840361 bytes, 0 no buffer
Received 5338 broadcasts (5308 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 5308 multicast, 0 pause input
0 input packets with dribble condition detected
698269 packets output, 89406342 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
Router output:
router2#show interface g0/0
GigabitEthernet0/0 is up, line protocol is up
Hardware is CN Gigabit Ethernet, address is 74a2.e6e5.2030 (bia 74a2.e6e5.2030)
Description: $ETH-LAN$$ETH-SW-LAUNCH$$I
Internet address is 10.50.50.86/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full Duplex, 1Gbps, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
61886 packets input, 6825031 bytes, 0 no buffer
Received 58572 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 4392 multicast, 0 pause input
31720 packets output, 3550270 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
23 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
1 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Router2#ping 10.50.50.86
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.50.50.86, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
AS you can see I can ping when consoled to router?
I configured the new router interface G0/0 for IP 10.50.50.86/24. This is connected to the production switch configured for vlan 50. For some reason I cannot putty into the router?
The cable is a regular ethernet cable not crossover.
Here's the output of the switch where the router is connected, followed by router output:
USSW71#show interface Gi4/0/38
GigabitEthernet4/0/38 is up, line protocol is up (connected)
Hardware is Gigabit Ethernet, address is 001b.2aaa.1e26 (bia 001b.2aaa.1e26)
Description: DATA SERVICES
MTU 9000 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:28, output 00:00:13, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
30 second input rate 0 bits/sec, 0 packets/sec
30 second output rate 0 bits/sec, 0 packets/sec
33726 packets input, 3840361 bytes, 0 no buffer
Received 5338 broadcasts (5308 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 5308 multicast, 0 pause input
0 input packets with dribble condition detected
698269 packets output, 89406342 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
Router output:
router2#show interface g0/0
GigabitEthernet0/0 is up, line protocol is up
Hardware is CN Gigabit Ethernet, address is 74a2.e6e5.2030 (bia 74a2.e6e5.2030)
Description: $ETH-LAN$$ETH-SW-LAUNCH$$I
Internet address is 10.50.50.86/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full Duplex, 1Gbps, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
61886 packets input, 6825031 bytes, 0 no buffer
Received 58572 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 4392 multicast, 0 pause input
31720 packets output, 3550270 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
23 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
1 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Router2#ping 10.50.50.86
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.50.50.86, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
AS you can see I can ping when consoled to router?
Check the interface config to make sure an access list isn't applied, or that the applied access list allows SSH.
Next, check the config for the VTY lines and see if there's an access list applied there.
Next, check the config for the VTY lines and see if there's an access list applied there.
It is generally best to open new questions, though, in order not to pollute the question/answer stream with conflicting information.
ASKER
Thanks I appreciate the comments. But by default I should be able to telnet to the router. Why can't I get to the router from my desk.
I am on vlan1 which can access vlan 50, therefore should be able to access ip 10.505.50.86, correct?
I am attaching the config below if you could suggest specific commands to fix it so I can get to the router from my desk that would be greatly appreciated.
see config below:
Current configuration : 5089 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router2
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-1069183643
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-1069183643
!
!
crypto pki certificate chain TP-self-signed-1069183643
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303639 31383336 3433301E 170D3135 30313330 30383031
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30363931
38333634 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E7F9 05DF4087 B4633845 52C17796 C5159B22 2F96E09C B1FAA43C 2A3E2DBF
17DE7181 2888515A 610ED11A BA6A3365 5C610EBF B21128D7 3B80CB2C 26A86155
B96435FD E4E30DE7 1D24A7D2 42D34248 3E19E539 444C99BC 02B40037 71BFB5C4
5A7C4A37 60375D35 F731F59E 0100C4E8 DDA02C21 5F224467 397EB7AD 59D095E1
550F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 149D7190 C5ED2909 3B862EEA EAB189EE AB40CD3D 5C301D06
03551D0E 04160414 9D7190C5 ED29093B 862EEAEA B189EEAB 40CD3D5C 300D0609
2A864886 F70D0101 05050003 81810082 B79D1075 B830B2F5 BC673C84 48ACCC19
D0274AE9 F80BD9D8 250898A2 9FFE53DC EC827A0A 510F9C1C 553CC6DC 9A68EBFC
A6027D74 A59535C9 7E8C0F90 207C0B41 EFBF51DE 2963DC5E BD1C6C4A F20794F2
F01A408B 4C27F7DD 98AF9F2C 5F9A82E8 4894EA4E A6DC2C63 81946166 1CE30737
A40A5677 E95E740D 7D0BDE18 61321E
quit
license udi pid CISCO2911/K9 sn FJC1905A2UZ
!
!
username cisco privilege 15 password 0 cisco
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$I
ip address 10.50.50.86 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
--------------------------
^C
banner login ^C
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
--------------------------
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
I am on vlan1 which can access vlan 50, therefore should be able to access ip 10.505.50.86, correct?
I am attaching the config below if you could suggest specific commands to fix it so I can get to the router from my desk that would be greatly appreciated.
see config below:
Current configuration : 5089 bytes
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router2
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-1069183643
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-1069183643
!
!
crypto pki certificate chain TP-self-signed-1069183643
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303639 31383336 3433301E 170D3135 30313330 30383031
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30363931
38333634 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E7F9 05DF4087 B4633845 52C17796 C5159B22 2F96E09C B1FAA43C 2A3E2DBF
17DE7181 2888515A 610ED11A BA6A3365 5C610EBF B21128D7 3B80CB2C 26A86155
B96435FD E4E30DE7 1D24A7D2 42D34248 3E19E539 444C99BC 02B40037 71BFB5C4
5A7C4A37 60375D35 F731F59E 0100C4E8 DDA02C21 5F224467 397EB7AD 59D095E1
550F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 149D7190 C5ED2909 3B862EEA EAB189EE AB40CD3D 5C301D06
03551D0E 04160414 9D7190C5 ED29093B 862EEAEA B189EEAB 40CD3D5C 300D0609
2A864886 F70D0101 05050003 81810082 B79D1075 B830B2F5 BC673C84 48ACCC19
D0274AE9 F80BD9D8 250898A2 9FFE53DC EC827A0A 510F9C1C 553CC6DC 9A68EBFC
A6027D74 A59535C9 7E8C0F90 207C0B41 EFBF51DE 2963DC5E BD1C6C4A F20794F2
F01A408B 4C27F7DD 98AF9F2C 5F9A82E8 4894EA4E A6DC2C63 81946166 1CE30737
A40A5677 E95E740D 7D0BDE18 61321E
quit
license udi pid CISCO2911/K9 sn FJC1905A2UZ
!
!
username cisco privilege 15 password 0 cisco
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$I
ip address 10.50.50.86 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
--------------------------
^C
banner login ^C
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
--------------------------
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for your help. I did make the changes you suggested and did not work.
See attached new config file.
Why can't I ping the interface IP (10.50.50.86) from my desk 192.168.1.140?
Building configuration...
Current configuration : 5233 bytes
!
! Last configuration change at 16:45:07 UTC Tue Jun 30 2015 by haladmin
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname Router2
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-1069183643
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-1069183643
!
!
crypto pki certificate chain TP-self-signed-1069183643
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303639 31383336 3433301E 170D3135 30313330 30383031
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30363931
38333634 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E7F9 05DF4087 B4633845 52C17796 C5159B22 2F96E09C B1FAA43C 2A3E2DBF
17DE7181 2888515A 610ED11A BA6A3365 5C610EBF B21128D7 3B80CB2C 26A86155
B96435FD E4E30DE7 1D24A7D2 42D34248 3E19E539 444C99BC 02B40037 71BFB5C4
5A7C4A37 60375D35 F731F59E 0100C4E8 DDA02C21 5F224467 397EB7AD 59D095E1
550F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 149D7190 C5ED2909 3B862EEA EAB189EE AB40CD3D 5C301D06
03551D0E 04160414 9D7190C5 ED29093B 862EEAEA B189EEAB 40CD3D5C 300D0609
2A864886 F70D0101 05050003 81810082 B79D1075 B830B2F5 BC673C84 48ACCC19
D0274AE9 F80BD9D8 250898A2 9FFE53DC EC827A0A 510F9C1C 553CC6DC 9A68EBFC
A6027D74 A59535C9 7E8C0F90 207C0B41 EFBF51DE 2963DC5E BD1C6C4A F20794F2
F01A408B 4C27F7DD 98AF9F2C 5F9A82E8 4894EA4E A6DC2C63 81946166 1CE30737
A40A5677 E95E740D 7D0BDE18 61321E
quit
license udi pid CISCO2911/K9 sn FJC1905A2UZ
!
!
username cisco privilege 15 password 0 cisco
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$I
ip address 10.50.50.86 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
!
access-list 10 permit any
access-list 23 permit any
access-list 23 permit 10.50.50.0 0.0.0.255
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
--------------------------
^C
banner login ^C
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
--------------------------
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
See attached new config file.
Why can't I ping the interface IP (10.50.50.86) from my desk 192.168.1.140?
Building configuration...
Current configuration : 5233 bytes
!
! Last configuration change at 16:45:07 UTC Tue Jun 30 2015 by haladmin
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname Router2
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
cts logging verbose
!
crypto pki trustpoint TP-self-signed-1069183643
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-1069183643
!
!
crypto pki certificate chain TP-self-signed-1069183643
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303639 31383336 3433301E 170D3135 30313330 30383031
35355A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30363931
38333634 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100E7F9 05DF4087 B4633845 52C17796 C5159B22 2F96E09C B1FAA43C 2A3E2DBF
17DE7181 2888515A 610ED11A BA6A3365 5C610EBF B21128D7 3B80CB2C 26A86155
B96435FD E4E30DE7 1D24A7D2 42D34248 3E19E539 444C99BC 02B40037 71BFB5C4
5A7C4A37 60375D35 F731F59E 0100C4E8 DDA02C21 5F224467 397EB7AD 59D095E1
550F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 149D7190 C5ED2909 3B862EEA EAB189EE AB40CD3D 5C301D06
03551D0E 04160414 9D7190C5 ED29093B 862EEAEA B189EEAB 40CD3D5C 300D0609
2A864886 F70D0101 05050003 81810082 B79D1075 B830B2F5 BC673C84 48ACCC19
D0274AE9 F80BD9D8 250898A2 9FFE53DC EC827A0A 510F9C1C 553CC6DC 9A68EBFC
A6027D74 A59535C9 7E8C0F90 207C0B41 EFBF51DE 2963DC5E BD1C6C4A F20794F2
F01A408B 4C27F7DD 98AF9F2C 5F9A82E8 4894EA4E A6DC2C63 81946166 1CE30737
A40A5677 E95E740D 7D0BDE18 61321E
quit
license udi pid CISCO2911/K9 sn FJC1905A2UZ
!
!
username cisco privilege 15 password 0 cisco
!
redundancy
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$I
ip address 10.50.50.86 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
!
access-list 10 permit any
access-list 23 permit any
access-list 23 permit 10.50.50.0 0.0.0.255
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
--------------------------
^C
banner login ^C
--------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
--------------------------
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
You don't have any routes configured. The router knows how to talk to it's directly-attached interface(s), but it doesn't know anything beyond that.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for all your help
It's likely there's a typo in the input.