Sending Cisco logging messages to a buffer/syslog server. To console, or not to console – That is the question!
So you’ve configured up your Cisco box, enabled remote access and the serial console cable is long gone. But hey – what about all those potentially crucial console messages? Well, you’ ve got a few choices…
First is to leave it as it is - going off to a serial port – but add a permanent terminal to display the results. Not very practical – especially if the router is at a remote site.
Second option is to send the messages off to a syslog server – which is good if you’ve got routers spread all over and want to report back to a central point. Ok! Time to get yourself a syslog server up and running. If you’ve not already got it, Tftpd32 has funcitionality for this (which is also useful for the transfer of IOS images – more on this some other time maybe). You can get it from http://tftpd32.jounin.net. Configuring tftpd32 is beyond the scope of this guide – but it’s easy enough. Google it if in doubt. Enter global config mode on your router (conf t) and then:
phbrouter(config)# logging <ip address of syslog server>
phbrouter(config)# exit
phbrouter# wr mem
It’s that easy! Future messages will now be directed to your syslog server.
The third option is to get the router to store messages in a buffer for retrieval later. This is really useful to debug network failure at remote sites (say for instance your remote routers can’t report back to you whats going on - because its outside link is down! You’d wait for the line to come back up, log in and check what happened). Again, this is easy to configure. Enter global config mode and:
phbrouter# conf t
phbrouter(config)# logging buffered
phbrouter(config)# exit
phbrouter# wr mem
phbrouter#
And to retrieve the messages, issue:
phbrouter#
phbrouter#sh logging
Syslog logging: enabled (11 messages dropped, 1 messages rate-limited,
0 flushes, 0 overruns, xml disabled, filtering disabled)
Console logging: level debugging, 4873 messages logged, xml disabled,
filtering disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: level debugging, 3 messages logged, xml disabled,
filtering disabled
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabledNo active filter modules.
Trap logging: level debugging, 4879 message lines logged
Logging to 192.168.0.1(global) (udp port 514, audit disabled, link up), 4879 message lines logged, xml disabled,
filtering disabledLog Buffer (4096 bytes):
*Jun 10 18:01:01: %SYS-5-CONFIG_I: Configured from console by admin on vty0 (192.168.0.107)
*Jun 10 18:14:57: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: admin] [Source: 192.168.0.107] [localport: 22] at 18:14:57 GMT Wed Jun 10 2009
*Jun 10 18:20:49: %SYS-5-CONFIG_I: Configured from console by admin on vty0 (192.168.0.107)
If you getting too much crap in the buffer, you can clear it by issuing the ‘clear logging’ command. Incidentally, you can set the amount of buffer space by tagging on a byte value at the end of ‘logging buffered’ (between 4096 to 2147483647).
Finally, if you’re sick of the logging messages appearing on the serial console (or if you want to hide the messages from prying eyes!) you can stop them by entering global config mode and issuing:
phbrouter(config)# no logging console
Did you find this hint useful? Are you looking to learn more? Well, here’s a few books that I’ve found useful – have a goosie!
 Cisco: A Beginner’s Guide |
 CCNA – Cisco Certified Network Associate Study Guide |
 Cisco Networking for Dummies |
 Cisco IOS in a Nutshell – O’Reilly |
Configure a server behind a Cisco Router (port redirection)
This ‘how to’ isn’t going to go into the hows or why NAT / PAT works on the Cisco router – or in general for that matter. If you’re looking for that – Wikipedia has a good enough write up located here:
What I am going to go into is how to configure them on your router. What we’re trying to achieve here is that you’ve got a functioning router and want to direct any incoming requests (SMTP, POP, HTTP – pick one!) to an internal server.
First identify which interface sits on the outside. Then enter global config mode, and issue:
ip nat inside source static tcp <internal ip> <internal port> interface <outside interface> <outside port>
So, for example, if you’re outside interface is FastEthernet1/0, and you wanted to redirect any HTTP requests to your internal web server on 192.168.0.10, you would issue:
phbrouter(config)# ip nat inside source static tcp 192.168.0.10 80 interface FastEthernet1/0 80
What if you’ve got multiple public IP’s? Simply use this instead:
phbrouter(config)# ip nat inside source static tcp 192.168.0.10 80 123.123.123.123 80
Easy, yet effective!
Did you find this hint useful? Are you looking to learn more? Well, here’s a few books that I’ve found useful – have a goosie!
Cisco: A Beginner’s Guide |
CCNA – Cisco Certified Network Associate Study Guide |
Cisco Networking for Dummies |
Cisco IOS in a Nutshell – O’Reilly |
Hot Swapping / Removing Cisco 3660 Network Modules
I’ve got a Cisco 3660 that supports hot swapping of components: power supplies (yup – there’s two of them!), chassis fans – but also the network modules (NM-) too. So here’s something I’ve been wondering for a while – how to actually do this within the IOS! Not suprisingly, it’s easier than I thought! Just enter config mode, shutdown all the modules interfaces, remove the module and (optionally) replace the card and “no shutdown” each interface.
If you’re still reading, you want to know how to do it. Ok! First identify what module and so what interfaces you want to swap over (’sh int’ or ’sh diag’ will do). Say we want to swap over an NM-1FE1R2W in slot #3 with a WIC1-ADSL:
phbrouter# conf t
phbrouter(config)# interface FastEthernet3/0
phbrouter(config-if)# shutdown
phbrouter(config-if)# exit
phbrouter(config)# interface TokenRing3/0
phbrouter(config-if)# shutdown
phbrouter(config-if)# exit
phbrouter(config)# interface ATM3/0
phbrouter(config-if)# shutdown
phbrouter(config-if)# exit
phbrouter(config)# exit
phbrouter#
Next, physically remove the slot #3 module. If you’re on the console or have logging enabled, you should see something like:
* Jun 5 22:07:53: %OIR-6-REMCARD: Card removed from slot 3, interfaces disabled
You could stop here (make sure you install filler plate), or you could replace it with a similar card and repeat the steps above substituting ’shutdown’ for ‘no shutdown’.
Done!!
Did you find this hint useful? Are you looking to learn more? Well, here’s a few books that I’ve found useful – have a goosie!
Cisco: A Beginner’s Guide |
CCNA – Cisco Certified Network Associate Study Guide |
Cisco Networking for Dummies |
Cisco IOS in a Nutshell – O’Reilly |
Cisco router password reset / recovery
This is something that I’ve commited to memory now (sad, I know) but here it is – the password recovery procedure (tested on 800, 1700, 1800, 2600, 3600 series routers – you get the idea – most of them!).
Get a console cable rigged up and your favourite terminal application. Make sure this works first and then turn on / reboot the router.
When the router is ‘Self decompressing the image’ hit CTRL+C. If nothing seems to happen – check your terminal app for keyboard mappings, etc (I know that PuTTY needs a bit of playing with. HyperTerminal works with the defaults)
The next stage is to alter the config register to make it ‘ignore’ the startup-config on next boot (which is where your passwords are stored). You should check what your original config register is before you change it – but if you know what it was, you probably wouldn’t be reading this!! It’s usually safe to assume anyway that you want to set the config register to 0×2142. So, at the prompt:
rommon 1> confreg 0×2142
rommon 2> reset
The router should now be resetting itself as if it didn’t have any config – and start to run through the ‘Initial Setup’. Hit CTRL+C and you’ll drop to the prompt. The trick is to get yourself into priviledged mode, copy over your startup config to ‘running’ and then set your new password(s). So:
Router> en
Router# copy startup-config running-config
phbrouter#
Note that you’ll see your interfaces being brought up, and other status messages to signify the router is/has been configured. What you do at this point depends entirely on your configuration. Chances are that you’ll want to set a new enable password, but you may also want to reset local user passwords, console passwords, etc. I’ll show you how to reset the enable secret (but make sure to do a ’sh run’ to check for others):
phbrouter# conf term
phbrouter(config)# enable secret <new password>
phbrouter(config)# exit
phbrouter#
Issue a quick ‘wr mem’ and your new config will be written. Finally, you’ll need to set your config register back to 0×2102 (to tell the router to no longer ignore your startup-config):
phbrouter# conf t
phbrouter(config)# config-register 0×2102
phbrouter(config)# exit
phbrouter# wr mem
Done! Reboot and you should be able to use your new password(s). Note that on some IOS images, I’ve noticed that the interfaces adopt the shutdown state. Easily rectified by going into configuration mode, and issuing a ‘no shutdown’ for each interface.
Did you find this hint useful? Are you looking to learn more? Well, here’s a few books that I’ve found useful – have a goosie!
Cisco: A Beginner’s Guide |
CCNA – Cisco Certified Network Associate Study Guide |
Cisco Networking for Dummies |
Cisco IOS in a Nutshell – O’Reilly |
