Introduction to Cisco IOS CLI (Command-Line Interface)

This topic is to discuss the following lesson:

Hi from Paris,
I’m a Cisco beginner and I tried to modified password on Catalyst 2960S POE
After typing line console 0 I get CiscoPOE(config-line)# password Molenaar
so far so good
But then following your example I type
CiscoPOE(config-line)# login
I get % incomplete command.
Could you explain me why ?
What did I miss ?

Hello Francois

IOS routers use various AAA (Authentication, Authorization, and Accounting) models to implement passwords and other parameters. By default, Cisco IOS devices use an AAA model that allows passwords to simply be defined using the process that Rene describes, and that you have attempted to implement. However, there are other models as well.

If you look in your configuration, you will likely find the following command: aaa new-model. It is this command that is not allowing you to simply enter the command login above. This model requires an AAA database to function.

In order to fix this, type the following command in global configuration mode: no aaa new-model. This disables the “new model” and returns the device to its default AAA model. Then go back and configure the console with the above commands and it should work.

I hope this has been helpful!

Laz

Hello Laz,
Just great, the no aaa new-model worked fine.
After entering
CiscoPOE(config-line)# login
" no error, followed by"
CiscoPOE(config-line)#password Kosmos55+
“But I forgot to write mem and after Ctrl + Z and putty again”
Iogin as : network
" I get a new info"
network@ip's password: Kosmos55+
Access denied
What did I miss or what did I mess should i say ?

Hello Francois

If you made changes to the console and logged out, you should be able to log back in with the new username and password that have been configured. Even if you didn’t save your configuration, since the device is still powered on, the changes you made should be in effect. If you’re not able to log in, then there is an error somewhere. If you reboot the device, then any changes you made will be lost, so you should be able to log in again the same way you did originally.

I hope this has been helpful!

Laz

Hello from Paris,
I just got 2 Cisco 1841 and after successfully turn it to its default factory settings with :slight_smile:

rommon 1>confreg 0x2142
rommon 2> reset
router#>reload

answering no to “do you want to save configuration”
After that I rename the router in Router1 with ip on fa0/1 192.168.1.253 255.255.255.0
As I got a message in loop

*Jan 1 00:26:44.271: %ENVMON-3-FAN_FAILED: Fan 1 is malfunctioning

I got rid of it by Router1(config)#no logging console
And finally saved the config by Router1#write
and Router1# copy running-config startup-config
And guess what happens when I turn power off ?
I get the following message as if nothing was saved

Cisco 1841 (revision 6.0) with 176128K/20480K bytes of memory.
Processor board ID FCZ1023249G
2 FastEthernet interfaces
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)


     --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: no

Press RETURN to get started!
*Jan  1 00:28:14.283: %ENVMON-3-FAN_FAILED: Fan 1 is malfunctioning
*Jan  1 00:28:44.287: %ENVMON-3-FAN_FAILED: Fan 1 is malfunctioning
*Jan  1 00:29:14.291: %ENVMON-3-FAN_FAILED: Fan 1 is malfunctioning
*Jan  1 00:29:44.295: %ENVMON-3-FAN_FAILED: Fan 1 is malfunctioning
**Router>**

Question : do you think the malfunctioning fan could be the cause of the impossibility to copy running config into startup-config ?
Did I miss anything else ?
Kind regards

Hello Francois

The fan should not be affecting the saving of your running configuration to your startup configuration. I suggest you examine the following:

  1. Are you connecting via the console? The no logging console command should eliminate the messages from showing up on the console. If you are connected via telnet, this command will not affect what you see on the screen.
  2. When you save the configuration, do a show running-config and show startup-config and compare the two configurations. Are the changes you made in both the running and startup config?
  3. Test making other changes such as hostname or changing the config of an interface. Are those being saved?

If changes are not being saved generally, then the issue may be with the nvram. Take a look at these and let us know the results.

I hope this has been helpful!

Laz

Hello Laz,
1.Connection throught console using Putty
no logging console is one of the first cli commands that I learned !

2.Before saving, show running-config and show startup-config display exactly the same
Normally since Ram is different from Nvram, it should display different results.
Anyway, afer Router1#copy running-config startup-config and or Router1#write
Naturally nothing’s changed.

3.As you said I changed hostname router to Router1 with no logging console and ip address

Router1#write
Building configuration...
[OK]
Router1#show run
Building configuration...
Current configuration : 589 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Router1
boot-start-marker
boot-end-marker
no logging console
no aaa new-model
resource policy
ip cef
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
interface FastEthernet0/1
 ip address 192.168.1.253 255.255.255.0
 duplex auto
 speed auto
no ip http server
no ip http secure-server
control-plane
line con 0
line aux 0
line vty 0 4
 login
scheduler allocate 20000 1000
end

Now for control this is the startup-config

Router1#show startup-config
Using 589 out of 196600 bytes
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Router1
boot-start-marker
boot-end-marker
no logging console
no aaa new-model
resource policy
ip cef
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
interface FastEthernet0/1
 ip address 192.168.1.253 255.255.255.0
 duplex auto
 speed auto
no ip http server
no ip http secure-server
control-plane
line con 0
line aux 0
line vty 0 4
login
scheduler allocate 20000 1000
end

4.Power off and on and it comes back with the message
Would you like to enter the initial configuration dialog? [yes/no]
with prompt router>

What do you suggest ?

Hello Laz,
I went on Cisco’s forum with keyword nvram issues and I solved it like that

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#config-register 0x2102 
Router(config)#end
Router#show version

At the bottom i got Configuration register is 0x2142 (will be 0x2102 at next reload)
So

Router#reload
System configuration has been modified. Save? [yes/no]: no
Proceed with reload? [confirm]

And…

Router1> enable
Router1# show startup-config

All the data was there !
Thank you Laz for your suggestion.

Hello Francois

Thanks for the update, glad to hear that all is well!

Laz

Hello Laz,
For my lab, last 1841 bought has a problem with CF 64MB memory card.
Would it be possible to format it to make it readable for 1841 IOS and then what file should I copy into it ?
Or you suggest to buy another CF card ?
Thank you in advance
Kind regards from Paris

Hello Francois

It is possible to reformat the flash memory card. Instructions to do this can be found at the following link:


Although this is for the 1900 platform, the same is true for the 1841.

Now when you do this, you will have erased the IOS file from the flash card. That’s OK however, because when the router is running, the IOS is loaded into RAM. When you format it, make sure to transfer the new IOS file to the flash memory BEFORE rebooting or shutting off the device. You can find IOS files available for the router at Cisco’s software download centre.

Now this should only be done in a lab environment, or it should be done during a maintenance window in a production environment in the event that something goes wrong.

I hope this has been helpful!

Laz

Hello,

I hope this is the right place for this. I have recently been trying to use the USB/USB Mini console option as it is more convenient and that cable takes up less space in my bag. I never expected it to be such a head ache.

The switches/routers i am using this on are slightly older and my PC is running windows 7. The problem is that the driver software installs from the cisco website, but i am unable to update the drivers to a usable version due to it being unsigned… i am not sure what else to do so i have given up… wondering if anyone else has encountered this issue.

Austin

Hello Austin

Concerning attempting to install an unsigned version of the console driver, this seems to be more of an OS problem. I haven’t faced it myself, but after a bit of research, there are two ways to get around this.

The first is to download and use various programs that have been created for this purpose. This is not generally recommended, unless you absolutely trust the publishers. I won’t say any more about this option however.

The second (and somewhat more recommended) option is to disable Windows’ requirement for installing signed drivers. You can do this by using the Local Group Policy Editor. You can use your favourite search engine to find out more about how you can do that. Just be sure that the driver is indeed from Cisco before disabling this feature and installing it, and make sure you re-enable the feature once installation is complete.

Beyond that, you can attempt to manually install the most up to date version of the driver rather than having the automatic update attempt to do so.

I hope this has been helpful!

Laz

1 Like

Hi Austin

Connect your USB cable to network device , and go to window update section and update your window , you will get driver from internet. Hope it will solve your problem

Sorry for the late reply. Thanks for your time and assistance!

AAnderson

1 Like

Hello all
when the prompt displays

R1 (config-if) #

You can configure several interfaces successively, by designating them. After a few minutes, do I have a way of knowing which interface I am configuring (by re-reading only the previous commands, I risk missing a line “int fa XXX” and mistaking the interface)

Hello Hugues,

The only way I know is by using the show history command:

SW1(config)#interface vlan 100
SW1(config-if)#do show history
  interface vlan 100
  do show history

This gives me the history of all entered commands, including interface vlan 100.

Hope this helps!

Rene

Hi ,
rene
I would like to know if on the latest routers, such as 4331 for example, we still need to use the login_local command for telnet to use the local database?
If so, I cannot see this option within the VTY line.

Hello Neves

It depends upon the authentication methods that you have configured on your device. If you have enabled aaa new-model, then the result is what you see in your device. If you disable this using no aaa new-model in the global configuration mode, then you have the login local option available to you.

aaa new-model simply enables AAA features on the device, which also disables the use of the local database as an option for this command.

I hope this has been helpful!

Laz