Thursday, June 28, 2012

Password recovery on a Cisco ME3400 Switch

Continuing my notes on password recovery on various bits of kit. Today's task was an ME3400 Switch.

Perform the following steps to regain access to your switch:
  1. Power up the switch and send the Break sequence (dependant on the system you are working from) to access Password Recovery
  2. Load the helper files:                                         switch#load_helper
  3. Next, verify the name of your config file:            switch#dir
  4. Rename said config file:                                     switch#rename flash:config.txt flash:config.txt.old
  5. Reboot the system:                                           switch#boot
  6. Next you'll be prompt to enter the auto config process. Enter No
  7. Enter the PRIV EXEC mode:                           switch>en
  8. Rename your config file:                                   switch#rename flash:config.txt.old flash:config.txt
  9. Copy the config in the Memory:                       switch#copy flash:config.txt system:running-config
  10. Next change your passwords as you see fit
  11. Last part is to check the state of your interfaces. You may need to #no shut your appropriate ports.
     Finally apply your changes via switch#wr mem and reboot.

Monday, June 25, 2012

CCNP - SWITCH - Duplex Mismatch

Right, not done any posts for a while so here we go with a note on Duplex Mismatches...

A Duplex Mismatch occurs when 2 devices are directly connected with different duplex modes. One end might be set to auto whilst the other could be set mannually to Full Duplex.

The situation is usually the result of manual configuration of an interface and the result can cause a number of effects on the network.

The most common situation for a duplex mismatch is the example above, one end set to auto (negotiate) and the other set to Full Duplex. With one end trying to negotiate whilst the other end is not the result is that the negotiation fails and the interface fails back to Ethernet standards and sets it's self to half duplex. This default action when negotiation fails allows for older hubs to be in operation in the network.

With one end now automatically set to Half Duplex and the other end manually set to Full Duplex you get the duplex mismatch.

The activity observed on the network can be varied. For example a duplex mismatch will not affect PING as the single packets are sent at 1 second intervals and therefore the link can process the traffic with out any issue being observed. Telnet will be seen as slow but you should still be able to run your session.

The main issue you will see is when both ends of the link attempt to send traffic at the same time. The end set Full Duplex can sendand receive data at the same time. No problems there, however, the end set to Half Duplex will not receive any data because it is busy sending first. The combination will result in packets from the Full Duplex end being lost whilst packets from the Half Duplex end will be slow or lost as that end perceives a collision is occurring and will run CSMA/CD.

As packets are now being lost TCP attempts to perform error recovery and retransmit the packets. This will fail as well due to the mismatch in place.

In the Full Duplex end you will see Frame Check Sequence errors and/or runt frames as packets are lost in transit.

The key to the operation to configure both ends the same. Use only Auto OR Full.

Simply change the setting on one end of the link to match the configuration of the other end.

Tuesday, March 13, 2012

Off topic - HR: The Spark Way

Have you got to perform a company restructure? need reduce head count? not sure where to start in your vast empire? Never fear the patented Spark method is here to help!

Step one : Obtain a list of all employees in the company and make sure their Job title is included.
Step two : Tell an educated but uninformed individual the job title of the first employee in the list and ask them to describe what that person does
Step three : If the first word out of the individual's mouth is 'Err???....???' then that person can be chopped :o)
Step four : Repeat for all employees and you'll have your list of jobs that can be culled.

Marvellous! :o)

Monday, February 20, 2012

Banish 'DropInSavings'

For some time now I've been battling Google Chrome and an add-on called DropInSavings. It's a very irritating drop down menu that appears in the top right of your browser window which 'helpfully' suggests discounts and offers relating to the site you're looking at.

Today I decided to banish it for good. To remove it open Chrome and go to chrome://extensions

Disable all your active extensions and then re-enable them one at a time and then retest on a site you know you get the drop down on. In my case I used

Work through each of your Chrome extensions until you isolate the extension that includes the DropInSavings add-on. Then simply remove the extension from the chrome://extensions page.

I found that the culprit was Google+Tweet extension by, once deleted my problem ceased.

Monday, January 23, 2012

Upgrade IOS on an ASR-1002F

Steps to upgrade IOS on an ARS-1002F are as follows:
  1. Copy your IOS .bin file to a USB stick and connect it to USB0 on the front of the ASR
  2.  Connect the power and press 'Escape' on startup to access ROMMON
  3. At the prompt do > boot usb0:
  4. The router will boot using the ASR image you have on the USB
  5. Once booted do #copy usb0:asr10~7q.bin bootflash:
  6. Confirm the location and the .bin file will transfer
  7. Next, set the system to boot from bootflash - #boot system flash bootflash:asr10~7q.bin
  8. Next set the config-register to ensure it boots properly - (config)#config-register 0x2102
  9. Write this - #wr mem
  10. Finally reload the asr and ensure it boots correctly - #reload

Friday, January 20, 2012

Password Recovery on a Catalyst 3750-E

Password recovery on a Catalyst 3750-E

  • Press and hold the Mode button on the front of the system then connect the power
  • Continue holding until the SYS LED blinks from green, to amber, to green, then turns solid green.
  • Release Mode and you should have a prompt for – switch:
  • Do – switch: flash_init
  • Next do – switch: dir flash:
  • Next do - switch:  rename flash:config.text flash:config.old
  • Next do – switch: boot
  • Once the system reboots you can either save the blank config and work from a clean install                   #wr mem
  • Or, recover the old config and reset the password:   
                       #rename flash:config.old flash:config.text
  • Then do - #copy flash:config.text system:running-config
  • Change all the passwords and apply an appropriate user account:
          (config)#enable secret [password]
          (config)#username Trevor password [password]
          (config)#line con 0
                        password [password]
          (config)#line vty 0 4
                       password [password]
  • Finally save the config and reload -
                     #wr mem

Password Recovery on a Cisco 5580

 Steps to reset a password on a Cisco ASA 5580
  • Boot the system and press escape as the system loads
  • At ROMMON set confreg to 0x41 - >confreg 0x41
  • then reload >boot
  • When prompted type 'No' to by pass the auto configuration steps.
  • Once at the command prompt copy the start-up config to running config:
           #conf t
          (config)#copy start run
  • Next change the password to on of your choice:
         (config)#password [password]
         (config)#enable password [password]
  • Add a user account with priv 15 access:
         (config)#username Trevor password [password] priv 15
  • Change the configuration register back to the correct one:
         (config)#config-register 0x1
  • Finally write this and then reload:
          #wr mem
  •  Test and you should be good.