Guest

Cisco 1400 Series Routers

Product Installation Guide

 Feedback

Table of Contents

Use the information in this chapter to help isolate problems you might encounter with the Cisco 1400 series router or to rule out the router as the source of the problem. This appendix contains the following sections:

Before Contacting Cisco or Your Reseller

If you cannot locate the source of a problem, contact your local reseller for advice. Before you call, you should have the following information ready:

  • Chassis type and serial number

  • Maintenance agreement or warranty information

  • Type of software and version number

  • Date you received the hardware

  • Brief description of the problem

  • Brief description of the steps you have taken to isolate the problem

ATM-25 Internal Loopback Testing

If you cannot make calls over the ATM-25 or the ADSL interface, you can determine whether or not the problem originates on the router or with the ADSL service provider by performing a loopback test. If the loopback test shows that the router interface is functioning correctly, the source of the problem might be with the cable between the router and the service provider's DSLAM or with the DSLAM configuration.


Note This procedure requires that you change command modes. If you are unfamiliar with Cisco IOS command modes and how to change them, you should read the section "Understanding Command Modes" in the chapter "Software Configuration" before performing this procedure.

Starting a Loopback Test

Take the following steps to perform an ATM-25 internal loopback test:

  • If you are testing a Cisco 1401 router, start with Step 1.

  • If you are testing a Cisco 1407 router or a Cisco 1417 router, start with Step 3.


Step 1   Disconnect the ATM-25 cable from the ATM-25 port on the router rear panel.

The loopback tests the internal connection between the ATM-25 or ADSL port and the router. When you disconnect the cable, you can do a baseline test to which you can compare the loopback test results.

Step 2   Insert an ATM loopback plug (described in the "Cabling Specifications" appendix) in the ATM-25 port on the router rear panel.

Step 3   Enter the show interface atm0 privileged EXEC command:

C1400# show interface atm0

ATM0 is down, line protocol is down

  Hardware is IDTATM25
  Internet address is 10.0.0.1/8
 

Step 4   Confirm that the message "ATM is down, line protocol is down" (shown in bold in the example output) is displayed. The interface is down because the ATM-25 cable is disconnected from the router.

Step 5   Enter configuration mode for the ATM-25 interface, and enter the loopback command:

C1400(config-if)# loopback

 

Check the following two conditions, which show that the router is operating in loopback mode:

  • The front-panel LP LED is on and yellow.

  • The following message appears on the terminal or PC console:

    Line protocol on Interface ATM0 changed state to up
     
    

Step 6   Enter the show interface atm0 privileged EXEC command again (shown in Step 3):

C1400# show interface atm0

 

The following message indicates that the loopback test was successful. The router can successfully perform loopback in the ATM-25 interface.

ATM0 is up, line protocol is up
 

If this message does not appear on the console, the loopback test failed. The ATM-25 interface is not communicating with the router. Contact Cisco or your reseller.

Step 7   To end the loopback test, enter configuration mode for the ATM-25, and enter the no loopback command:

C1400(config-if)# no loopback

 

Check the following two conditions, which indicate that the router is operating in loopback mode:

  • The front-panel LP LED is off.

  • The following message appears on the terminal or PC console (if the logging console feature is enabled):

    Interface ATM0, changed state to down
     
    

Step 8   You can either end the loopback test now by following the steps in the "Ending a Loopback Test" or you can further confirm that your ATM interface is operating correctly by following the steps in the "Pinging to Confirm Loopback Test" section.

Ending a Loopback Test


Step 1   If you are testing a Cisco 1401 router, remove the loopback plug.

Step 2   Reconnect the ATM-25 or ADSL cable to the router.

Pinging to Confirm Loopback Test


Step 1   Follow the steps in the "Starting a Loopback Test" section.

Step 2   Configure the ATM0 interface with a PVC that goes back to itself. Following is an example of an interface configured in this way. Note that you can enter any PVC (shown in bold) and enter the same IP address (shown in bold) for both the ATM interface and the PVC.

interface ATM0
   ip address 1.2.3.1 255.255.255.0
   no ip directed-broadcast
   no ip route-cache
   no ip mroute-cache
   atm vc-per-vp 4096
   pvc 0/10

    protocol ip 1.2.3.1 broadcast
 

Step 3   At the privileged EXEC prompt, enter the ping command with IP address that you used in Step 2:

C1400# ping 1.2.3.1
 

Step 4   Note the output from the ping command. If this success rate (shown in bold) is 3/5 or higher, your ping was successful:

Type escape sequence to abort.
Sending 5 100-byte ICMP Echoes to 1.2.3.1, timeout is 2 seconds:
!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max=4/4/4 ms
 

If your ping is successful, the source of a problem on the ATM interface might be with the cable between the router and the service provider's DSLAM or with the DSLAM configuration.

ATM Troubleshooting Commands

This section describes some Cisco IOS software commands that might help you troubleshoot the router.

Show Interface Command

Use the show interface command to display the status of all physical ports (Ethernet and ATM-25) and logical interfaces (Virtual-Access interfaces) on the router. Significant messages in the command output are shown in bold. Significant messages are described in Table 4-1.

c1401# show interface

ATM0 is up, line protocol is up 

    Hardware is IDTATM25
    Internet address is 62.1.1.3/8
    MTU 4470 bytes, sub MTU 4470, BW 25600 Kbit, DLY 80 usec, 
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ATM, loopback set, keepalive not supported 
    Encapsulation(s):AAL5, PVC mode
    2048 maximum active VCs, 3 current VCCs
    VC idle disconnect time:300 seconds
    Last input 00:21:40, output 00:00:02, output hang never
    Last clearing of "show interface" counters never
    Queueing strategy:fifo
    Output queue 0/40, 0 drops; input queue 0/75, 0 drops
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
       39841 packets input, 862642 bytes, 0 no buffer
       Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
       99401 packets output, 3958356 bytes, 0 underruns
       0 output errors, 0 collisions, 4 interface resets
       0 output buffer failures, 0 output buffers swapped out
ATM0.1 is up, line protocol is up 

    Hardware is IDTATM25
    MTU 4470 bytes, BW 25600 Kbit, DLY 80 usec, 
       reliability 255/255, txload 1/255, rxload 0/255
    Encapsulation ATM
Ethernet0 is up, line protocol is up 

    Hardware is QUICC Ethernet, address is 0010.7b7e.b92b (bia
    0010.7b7e.b92b)
    Internet address is 1.5.40.11/16
    MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, 
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA, loopback not set, keepalive set (10 sec)
    ARP type:ARPA, ARP Timeout 04:00:00
    Last input 00:00:00, output 00:00:09, output hang never
    Last clearing of "show interface" counters never
    Queueing strategy:fifo
    Output queue 0/40, 0 drops; input queue 0/75, 0 drops
    5 minute input rate 2000 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
       127729 packets input, 35251914 bytes, 0 no buffer
       Received 121840 broadcasts, 0 runts, 0 giants, 0 throttles
       2 input errors, 0 CRC, 2 frame, 0 overrun, 0 ignored, 0 abort
       0 input packets with dribble condition detected
       28793 packets output, 2593956 bytes, 0 underruns
       0 output errors, 4082 collisions, 1 interface resets
       0 babbles, 0 late collision, 211 deferred
       0 lost carrier, 0 no carrier
       0 output buffer failures, 0 output buffers swapped out
Virtual-Access1 is up, line protocol is up

    Hardware is Virtual Access interface
    Internet address is 63.1.1.3/8
    MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec, 
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation PPP, loopback not set, keepalive set (10 sec)
    DTR is pulsed for 5 seconds on reset
    LCP Listen
    Closed:IPCP
    Bound to ATM0.1 VCD:3, VPI:0, VCI:75
    Cloned from virtual-template:1
    Last input 00:00:19, output never, output hang never
    Last clearing of "show interface" counters 2d01h
    Queueing strategy:fifo
    Output queue 0/40, 0 drops; input queue 0/75, 0 drops
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
       37696 packets input, 601724 bytes, 0 no buffer
       Received 35535 broadcasts, 0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
       37739 packets output, 602382 bytes, 0 underruns
       0 output errors, 0 collisions, 0 interface resets
       0 output buffer failures, 0 output buffers swapped out
Virtual-Template1 is down, line protocol is down 

    Hardware is Virtual Template interface
    Internet address is 63.1.1.3/8
    MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec, 
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation PPP, loopback not set, keepalive set (10 sec)
    DTR is pulsed for 5 seconds on reset
    LCP Closed
    Closed:IPCP
    Last input never, output never, output hang never
    Last clearing of "show interface" counters 2d01h
    Queueing strategy:fifo
    Output queue 0/40, 0 drops; input queue 0/75, 0 drops
    5 minute input rate 0 bits/sec, 0 packets/sec
    5 minute output rate 0 bits/sec, 0 packets/sec
       0 packets input, 0 bytes, 0 no buffer
       Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

Table 4-1 describes possible command output for the show interface command. Each arrow in the show interface command output example corresponds to a row in this table.


Table 4-1: Show Interface Command Output Description
Output Description
  • ATM0 is up, line protocol is up

Other possible messages:
  • ATM0 is down, line protocol is down


  • ATM0 is down, line protocol is down

  • The ATM line is up and operating correctly.

  • The ATM interface has been disabled with the shutdown command.

  • The ATM line is down, possibly because the ATM-25 or ADSL cable is disconnected or because the wrong type of cable is connected to the ATM-25 port.

  • ATM0.1 is up, line protocol is up

Other possible messages:
  • ATM0.1 is administratively down, line protocol is down

  • ATM0.1 is down, line protocol is down

  • The first ATM subinterface is up and operating correctly.

  • The ATM subinterface has been disabled with the shutdown command.

  • The ATM subinterface is down, possibly because the ATM line has been disconnected (by the service provider).

  • Ethernet0 is up, line protocol is up


Other possible messages:
  • Ethernet0 is up, line protocol is down



  • Ethernet0 is administratively down, line protocol is down

  • The Ethernet interface is connected to the network and operating correctly.

  • The Ethernet interface has been correctly configured and enabled, but the Ethernet cable might be disconnected from the LAN.

  • The Ethernet interface has been disabled with the shutdown command, and the interface is disconnected.

Virtual-Access1 is up, line protocol is up

Another possible message:

Virtual-Access1 is down, line protocol is down

  • Virtual-Access1 is up and operating correctly.

  • Virtual-Access1 is not operating, possibly because the interface has been brought down with the shutdown command or the ATM-25 or ADSL cable is disconnected.

Virtual-Template1 is down, line protocol is down

  • This is a standard message and does not indicate anything wrong with the configuration.



Show ATM Interface Command

To display ATM-specific information about an ATM interface, use the show atm interface0 atm privileged EXEC command. Following is the command syntax:

show atm interface atm0

Following is sample output from the show atm interface command:

Router# show atm interface atm0

ATM interface ATM0:
   AAL enabled: AAL5, Maximum VCs:2048, Current VCCs:3
 
   Maximum Transmit Channels:0
   Max. Datagram Size:4496
   PLIM Type:INVALID - 25Mbps, Framing is Unknown,
   DS3 lbo:short, TX clocking:LINE
   11405 input, 28480 output, 0 IN fast, 0 OUT fast
   Config. is ACTIVE
 

Table 4-2 describes the fields shown in the command output.


Table 4-2: Show ATM Interface Command Output Description
Field Description

ATM interface

Interface number. Always 0 for the Cisco 1400 series router.

AAL enabled

Type of AAL enabled. The Cisco 1401 supports only AAL5.

Maximum VCs

Maximum number of virtual connections this interface supports.

Current VCCs

Number of active virtual channel connections (VCCs).

Maximum Transmit
Channels

Maximum number of transmit channels.

Max Datagram Size

The configured maximum number of bytes in the largest datagram.

PLIM Type

Physical layer interface module (PLIM) type

Framing

Always displays "Unknown."

DS3 lbo

Cable length supported.

  • Long—Over 225 feet (68.6 meters)

  • Short—Under 225 feet

TX clocking

Clocking on the router. LINE indicates that the ATM switch provides the clocking.

input

Number of packets received and process switched.

output

Number of packets sent from process switch.

IN fast

Number of input packets fast-switched.

OUT fast

Number of output packets fast-switched.

Config. is

ACTIVE or VALID in n SECONDS. ACTIVE indicates that the current AIP or NPM configuration has been loaded into the AIP and is being used. There is a 5-second delay before the configuration is sent to the AIP.



Debug ATM Commands

This section describes how to use the debug atm commands with additional keywords to troubleshoot the router.

Before Using Debug Commands

You can use the debug commands to troubleshoot configuration problems that you might be having on your network. Debug commands provide extensive, informative displays to help you interpret any possible problems. All debug commands are entered in privileged EXEC mode, and most debug commands take no arguments. Read the information in Table 4-3 before using debug commands.

Caution Debugging is assigned a high priority in your router CPU process, and it can render your router unusable. For this reason, use debug commands only to troubleshoot specific problems. The best time to use debug commands is during periods of low network traffic so that other activity on the network is not adversely affected.

Table 4-3:
What Information

Additional documentation

You can find additional information and documentation about the debug commands in the Debug Command Reference document on the Cisco IOS software documentation CD-ROM that came with your router.

If you are not sure where to find this document on the CD-ROM, use the Search function in the Verity Mosaic browser that comes with the CD-ROM.

Disabling debugging

To turn off any debugging, enter the undebug all command.

Viewing debug message

To view debug messages on the console, enter the logging console debug command.

Telnet sessions

If you want to use debug commands during a Telnet session with your router, you must first enter the terminal monitor command.

Important Information About Debug Commands

Debug ATM Errors Command

Use the debug atm errors command to display ATM errors. The no form of this command disables debugging output. Following is the command syntax:

[no] debug atm errors

Following is sample debug atm errors output.

router# debug atm errors

ATM(ATM2/0): Encapsulation error, link=7, host=836CA86D.
ATM(ATM4/0): VCD#7 failed to echo OAM. 4 tries
 

The first line of output indicates that a packet was routed to the ATM interface, but no static map was set up to route that packet to the proper virtual circuit.

The second line of output shows that an OAM F5 (virtual circuit) cell error occurred.

Debug ATM Events Command

Use the debug atm events command to display ATM events. The no form of this command disables debugging output. Following is the command syntax:

[no] debug atm events

This command displays ATM events that occur on the ATM interface processor and is useful for diagnosing problems in an ATM network. It provides an overall picture of the stability of the network. In a stable network, the debug atm events command does not return any information. If the command generates numerous messages, the messages can indicate the possible source of problems.

If the interface is successfully communication with the DSLAM at the Telco, the modem state (shown in bold in the example output) is 0x10. If the interface is not communicating with the DSLAM, the modem state is 0x8.

Following is sample debug atm events output.

router# debug atm events

00:59:17:ATM0 idtatm25_1a_reset:PLIM type is 12, Rate is 25Mbps

00:59:17:ATM0 idtatm25_1a_shutdown:state=4

00:59:17:DSL:SET:[DMTDSL_STOP -> DMTDSL_INIT]

00:59:17:Resetting ATM0

00:59:17: idtatm25_1a_config(ATM0)

00:59:17: idtatm25_1a_enable(ATM0)

00:59:17:ATM0:idtamt25_init

00:59:18:ATM0 idtatm25_1a_enable:restarting VCs:0

00:59:18: idtatm25_1a_setup_vc(ATM0):vc:1 vpi:0 vci:35

00:59:18:ATM0 idtatm25_vc_setup:vcd 1, vpi 0, vci 35, avgrate 0

00:59:18: idtatm25_1a_setup_vc(ATM0):vc:2 vpi:0 vci:40

00:59:18:ATM0 idtatm25_vc_setup:vcd 2, vpi 0, vci 40, avgrate 0

00:59:18:%SYS-5-CONFIG_I:Configured from console by console

00:59:19:%LINK-3-UPDOWN:Interface ATM0, changed state to down

00:59:19: idtatm25_atm_lineaction(ATM0):state=0

00:59:19:DSL:SM:[DMTDSL_INIT -> DMTDSL_DLOAD_1]

00:59:19:DSL:Downloading ASW_init_1_4_1_b.bin

00:59:19:DSL:Downloaded 2 blocks... Finished!

00:59:19:DSL:Sent command 0x14

00:59:22:DSL:Received 1 timer events during wait

00:59:23:DSL:Received response:0x80

00:59:23:DSL:SM:[DMTDSL_DLOAD_1 -> DMTDSL_DLOAD_2]

00:59:23:DSL:Downloading ASW_R1_4_1.bin

00:59:23:DSL:Downloaded 100 blocks

00:59:24:DSL:Downloaded 200 blocks

00:59:24:DSL:Downloaded 300 blocks

00:59:24:DSL:Downloaded 400 blocks

00:59:24:DSL:Downloaded 500 blocks

00:59:24:DSL:Downloaded 600 blocks

00:59:24:DSL:Downloaded 604 blocks... Finished!

00:59:24:DSL:Sent command 0x14

00:59:24:DSL:SM:[DMTDSL_DLOAD_2 -> DMTDSL_DO_OPEN]

00:59:24:DSL:Send ADSL_OPEN command.

00:59:24:DSL:Using subfunction 0x2

00:59:24:DSL:Sent command 0x3

00:59:27:DSL:1:Modem state = 0x10

00:59:27:DSL:Received response:0x22

00:59:27:DSL:Open failed:Message error -- retrying

00:59:27:DSL:SM:[DMTDSL_DO_OPEN -> DMTDSL_INIT]

00:59:28:DSL:SM:[DMTDSL_INIT -> DMTDSL_DLOAD_1]

00:59:28:DSL:Downloading ASW_init_1_4_1_b.bin

00:59:28:DSL:Downloaded 2 blocks... Finished!

00:59:28:DSL:Sent command 0x14

00:59:31:DSL:Received 1 timer events during wait

00:59:32:DSL:Received response:0x80

00:59:32:DSL:SM:[DMTDSL_DLOAD_1 -> DMTDSL_DLOAD_2]

00:59:32:DSL:Downloading ASW_R1_4_1.bin

00:59:32:DSL:Downloaded 100 blocks

00:59:33:DSL:Downloaded 200 blocks

00:59:33:DSL:Downloaded 300 blocks

00:59:33:DSL:Downloaded 400 blocks

00:59:33:DSL:Downloaded 500 blocks

00:59:33:DSL:Downloaded 600 blocks

00:59:33:DSL:Downloaded 604 blocks... Finished!

00:59:33:DSL:Sent command 0x14

00:59:33:DSL:SM:[DMTDSL_DLOAD_2 -> DMTDSL_DO_OPEN]

00:59:33:DSL:Send ADSL_OPEN command.

00:59:33:DSL:Using subfunction 0x2

00:59:33:DSL:Sent command 0x3

00:59:36:DSL:1:Modem state = 0x10

00:59:38:DSL:2:Modem state = 0x10

00:59:41:DSL:3:Modem state = 0x10

00:59:43:DSL:Received response:0x24

00:59:43:DSL:Showtime!

00:59:43:DSL:Sent command 0x11

00:59:43:DSL:Received response:0x61

00:59:43:DSL:Read firmware revision 0x1A04

00:59:43:DSL:SM:[DMTDSL_DO_OPEN -> DMTDSL_SHOWTIME]

00:59:45:%LINK-3-UPDOWN:Interface ATM0, changed state to up

Debug ATM OAM Command

Use the debug atm oam command to display ATM operation and maintenance (OAM) events. The no form of this command disables debugging output. Following is the command syntax:

[no] debug atm oam

Following is sample debug atm oam output.

C1400# debug atm oam

   ATM OAM cells debugging is on
   Displaying all ATM oam data
   C1400#
00:00:53:ATM OAM(ATM0):Timer:VCD#2 VC 0/121 Status:1 CTag:12 Tries:12
00:00:53:ATM OAM LOOP(ATM0) O:VCD#2 VC 0/121 CTag:D
00:00:56:ATM OAM(ATM0):Timer:VCD#2 VC 0/121 Status:1 CTag:13 Tries:13
00:00:56:ATM OAM LOOP(ATM0) O:VCD#2 VC 0/121 CTag:E
00:00:59:ATM OAM(ATM0):Timer:VCD#2 VC 0/121 Status:1 CTag:14 Tries:14
00:00:59:ATM OAM LOOP(ATM0) O:VCD#2 VC 0/121 CTag:F
00:01:02:ATM OAM(ATM0):Timer:VCD#2 VC 0/121 Status:1 CTag:15 Tries:15
00:01:02:ATM OAM LOOP(ATM0) O:VCD#2 VC 0/121 CTag:10
00:01:05:ATM OAM(ATM0):Timer:VCD#2 VC 0/121 Status:1 CTag:16 Tries:16

Debug ATM Packet Command

Use the debug atm packet command to display per-packet debugging output. The output reports information online when a packet is received or a transmission is attempted. The no form of this command disables debugging output. Following is the command syntax:

[no] debug atm packet [interface atm number [vcd vcd-number]]

interface atm number

(Optional) ATM interface or subinterface number.

vcd vcd-number

(Optional) Number of the virtual circuit designator (VCD).



Following are the keywords used in this command:

The debug atm packet command displays all process-level ATM packets for both outbound and inbound packets. This command is useful for determining whether packets are being received and transmitted correctly.

Caution Because the debug atm packet command generates a significant amount of output for every packet processed, use it only when network traffic is low so that other system activities are not adversely affected.

Below is sample debug atm packet output.

C1400# debug atm packet

   ATM packets debugging is on
   Displaying all ATM packets
   C1400#
   00:08:04:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:06:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:09:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:12:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:15:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:18:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:21:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:24:ATM0.1(O):
   VCD:0x3 VPI:0x0 VCI:0x4B DM:0x0, MUXETYPE:0x0009 Length:0x10
   00:08:24:C021 0164 000A 0506 1083 3152
   00:08:24:
   00:08:24:ATM0 idtatm25_transmit_pak(0), pak size 16
   00:08:24:ATM0 idtatm25_transmit_pak(0), pak size 52
   00:08:26:ATM0.1(O):
   VCD:0x3 VPI:0x0 VCI:0x4B DM:0x0, MUXETYPE:0x0009 Length:0x10
   00:08:26:C021 0165 000A 0506 1083 3152
 

Table 4-4 describes the fields shown in the debug atm packet command output.


Table 4-4: Debug ATM Packet Command Output Description
Field Description

ATM0

Interface that is generating the packet.

(O)

Output packet. (I) would mean receive packet.

Pak size

Packet size in bytes.

VCD: 0xn

Virtual circuit associated with this packet, where n is some value.

VPI: 0xn

Virtual path identifier for this packet, where n is some value.

DM: 0xn

Descriptor mode bits, where n is some value.

MUXETYPE: n

Multiplex type.

Length: n

Total length of the packet (in bytes) including the ATM header(s).



Software Upgrade Methods

Following are the methods for upgrading software on the Cisco 1400 series routers:

  • Install a Flash PC card that contains the new software image in the router.

  • Copy the new software image to Flash memory (the Flash PC card) over the LAN or WAN while the existing Cisco IOS software image is operating.

  • Copy the new software image to Flash memory (the Flash PC card) over the LAN while the boot image (ROM monitor) is operating.

  • Copy the new software image over the console port while in ROM monitor mode.

  • From the ROM monitor mode, boot the router from a software image that is loaded on a TFTP server. To use this method, the TFTP server must be on the same LAN as the router.

Recovering a Lost Password

This section describes how to recover a lost enable or enable secret password. The process of recovering a password consists of the following major steps:


Note This procedure can only be done when you are connected to the router through the console port. This procedure cannot be performed when connected to the router with a Telnet session.

Note See the "Hot Tips" section on Cisco Connection Online (CCO) for additional information on replacing enable secret passwords.

Change the Configuration Register


Step 1   Connect an ASCII terminal or a PC running a terminal emulation program to the CONSOLE port on the rear panel of the router. Refer to the section "Connecting the Router to a PC" in the "Installation" chapter.

Step 2   Configure the terminal to operate at 9600 baud, 8 data bits, no parity, and 1 stop bit.

Step 3   At the user EXEC prompt (router_name >), enter the show version command to display the existing configuration register value (shown in bold at the bottom of this output example):

1401> show version

Cisco Internetwork Operating System Software
IOS (tm) 1400 Software (C1400-NSY-M),Version 12.0(19980714:220727)
Copyright (c) 1986-1998 by cisco Systems, Inc.
Compiled Wed 15-Jul-98 10:56 by cisco
Image text-base: 0x02005000, data-base: 0x024E9ECC
.
.
.
Configuration register is 0x2102

 

Step 4   Record the setting of the configuration register. It is usually 0x2102 or 0x102.

Step 5   Record the break setting.

  • Break enabled—bit 8 is set to 0.

  • Break disabled (default setting)—bit 8 is set to 1.


Note To enable break, enter the config-register 0x01 command while in privileged EXEC mode.

Reset the Router


Step 1   Do one of the following:

  • If break is enabled, go to Step 2.

  • If break is disabled, turn the router off ( O ), wait 5 seconds, and turn it on ( | ) again. Within 60 seconds, press the Break key. The terminal displays the ROM monitor prompt. Go to Step 3.


Note Some terminal keyboards have a key labeled Break. If your keyboard does not have a Break key, refer to the documentation that came with the terminal for instructions on how to send a break.

Step 2   Send a break. The terminal displays the following prompt:

rommon 2>
 

Step 3   Enter confreg 0x142 to reset the configuration register:

rommon 2> confreg 0x142

 

Step 4   Initialize the router by entering the reset command:

rommon 2> reset

 

The router cycles its power, and the configuration register is set to 0x142. The router uses the boot ROM system image, indicated by the system configuration dialog:

--- System Configuration Dialog --- 
 

Step 5   Enter no in response to the prompts until the following message is displayed:

Press RETURN to get started! 
 

Step 6   Press Return. The following prompt appears:

Router>
 

Step 7   Enter the enable command to enter enable mode. Configuration changes can be made only in enable mode:

Router> enable

 

The prompt changes to the privileged EXEC prompt:

Router# 
 

Step 8   Enter the show startup-config command to display an enable password in the configuration file:

Router# show startup-config

 

If you are recovering an enable password, skip the following "Reset the Password and Save Your Changes" section, and complete the password recovery process by performing the steps in the "Reset the Configuration Register Value" section.

If you are recovering an enable secret password, it is not displayed in the show startup-config command output. Complete the password-recovery process by performing the steps in the following "Reset the Password and Save Your Changes" section.

Reset the Password and Save Your Changes


Step 1   Enter the configure terminal command to enter configuration mode:

Router# configure terminal

 

Step 2   Enter the enable secret command to reset the enable secret password in the router:

Router(config)# enable secret gobbledegook

 

Step 3   Enter exit to exit configuration mode:

Router(config)# exit

Step 4   Save your configuration changes:

Router# copy running-config startup-config

Reset the Configuration Register Value

After you have recovered or reconfigured a password, reset the configuration register value:


Step 1   Enter the configure terminal command to enter configuration mode:

Router# configure terminal

 

Step 2   Enter the configure register command and the original configuration register value that you recorded in Step 4:

Router(config)# config-reg 0x2102

 

Step 3   Enter exit to exit configuration mode:

Router(config)# exit

Note To return to the configuration being used before you recover the lost enable password, do not save the configuration changes before rebooting the router.

Step 4   Reboot the router, and enter the recovered password.