Extremely Serious

Month: November 2020

Assigning an IP to an Interface of a Cisco Router

Pre-requisite

  • Putty application

Displaying the Interfaces

Use the following command to display the available interfaces and their states:

show ip interface brief

Assigning an IP

  1. Connect to cisco console using putty.

  2. Press the enter key to enter into user mode.

  3. Execute the following command to enter into privilege mode:

    enable
  4. Load the startup-config into the running-config using the following command:

    copy startup-config running-config
  5. Execute the following command to enter into the configuration mode:

    config terminal
  6. Configure an interface using the following syntax:

    interface <INTERFACE_NAME> 

    Example

    interface GigabitEthernet0/0
  7. Assign an IP address using the following syntax:

    ip address <IP_ADDRESS> <SUBNET_MASK>

    Example

    ip address 10.0.0.210 255.255.255.0
  8. Turn on the interface using the following command:

    no shutdown
  9. Exit the interface configuration using the following command:

    exit
  10. Exit the configuration mode:

    exit

    After this you can display the interfaces and see the state of the interface just configured

  11. Save the update on the running-config to the startup-config file using the following command:

    copy running-config startup-config

Synchronizing Logging in Cisco Router

To always have a readable command line on cisco console, aux and/or virtual terminals it is recommended to synchronize the logging.

Pre-requisite

  • Putty application

Synchronizing the Logging

  1. Connect to cisco console using putty.

  2. Press the enter key to enter into user mode.

  3. Execute the following command to enter into privilege mode:

    enable
  4. Load the startup-config into the running-config using the following command:

    copy startup-config running-config
  5. Execute the following command to enter into the configuration mode:

    config terminal
  6. Synchronize the logging on console using the following commands:

    line con 0
    logging sync
  7. Synchronize the logging on AUX using the following command:

    line aux 0
    logging sync
  8. (Optional) Synchronize the logging on 5 virtual terminals using the following command:

    line vty 0 4
    logging sync

    Only do this if you are using virtual terminals, specially with SSH connections.

  9. Exit the virtual terminal configuration using the following command:

    exit
  10. Exit the configuration mode:

    exit
  11. Save the update on the running-config to the startup-config file using the following command:

    copy running-config startup-config

Enable SSH on a Cisco Router

Pre-requisite

  • Putty application

Enabling SSH

  1. Connect to cisco console using putty.

  2. Press the enter key to enter into user mode.

  3. Execute the following command to enter into privilege mode:

    enable
  4. Load the startup-config into the running-config using the following command:

    copy startup-config running-config
  5. Execute the following command to enter into the configuration mode:

    config terminal
  6. Change the hostname using the following syntax:

    hostname 
  7. Change the domain name using the following syntax:

    ip domain-name 
  8. Generate the SSH keys using the following command:

    crypto key generate rsa general-keys
  9. On How many bits in the modules [512]:, type in 2048 and press the enter key.

  10. Enable SSH version 2 using the following command:

    ip ssh version 2
  11. Create an SSH credential using the following syntax:

    username  secret 
  12. Create 5 (i.e. vty 0 to 4) virtual terminals for SSH connections, using the following command.

    line vty 0 4
  13. Allow only SSH to the newly created virtual connection using the following command:

    transport input ssh
  14. Use only the local database for credentials using the following command:

    login local
  15. Exit the virtual terminal configuration:

    exit
  16. Exit the configuration mode:

    exit
  17. Save the update on the running-config to the startup-config file using the following command:

    copy running-config startup-config
  18. Using putty, connect on any known IP of the router via SSH using the credentials you made from step 11.

Simple Java Keystore Management

Importing a certificate to a keystore

keytool -importcert -alias <ALIAS> -v -keystore <KEYSTORE_FILE> -file <INPUT_FILE> -storepass <KEYSTORE_PASSWORD>

Listing the certificates from a keystore

keytool -list -v -keystore <KEYSTORE_FILE> -storepass <KEYSTORE_PASSWORD>

Include the -a <ALIAS> parameter to just display a single certificate

Delete a certificate from a keystore

keytool -delete -v -alias <ALIAS> -keystore <KEYSTORE_FILE> -storepass <KEYSTORE_PASSWORD>

Deleting an Entry from a Java Keystore

Use the following command to delete an entry of a Java keystore:

The keytool is normally found in $JAVA_HOME/jre/bin (i.e. the $JAVA_HOME variable is where you’ve installed JDK).

keytool -delete -v -alias <ALIAS> -keystore <KEYSTORE_FILE> -storepass <KEYSTORE_PASSWORD>
Token Description
ALIAS The alias used upon importing the certificate.
KEYSTORE_FILE The target key store file (e.g. cacerts found in $JAVA_HOME/jre/lib/security)
KEYSTORE_PASSWORD The password for accessing the keystore (i.e. the default is changeit)

Override the Forgotten Password on a Cisco Router

Pre-requisite

  • Putty application

Overriding the Forgotten Password

  1. Connect to cisco console using putty.

  2. Press the enter key to enter into user mode.

  3. Once in the user mode (i.e. the prompt with greater than sign >), reboot the cisco router (i.e. using the physical switch of the router).

  4. Going back to your putty terminal, once you see any text on it, issue the break command.

    1. Point and click your mouse to the putty icon on putty title bar.

    2. Select Special Command.

    3. Select Break.

      Expect the see the rom monitor prompt as follows:

      rommon 1 >

  5. Execute the following command to disable the startup-config:

    confreg 0x2142
  6. Reset cisco router using the following command:

    reset
  7. Expect to see the following question:

    Would you like to enter the initialization configuration dialog? [yes/no]
  8. Type in no for the answer and press the enter key.

  9. Press the enter key one more time to enter into user mode.

  10. Execute the following command to enter into privilege mode:

    enable
  11. Load the startup-config into the running-config using the following command:

    copy startup-config running-config
  12. On Destination filename [running-config]?, press the enter key.

  13. Execute the following command to enter into the configuration mode:

    config terminal
  14. Change the password using the following syntax:

    enable secret <PASSWORD>

    Example of setting cisco as the password:

    enable secret cisco
  15. Execute the following command to enable the startup-config:

    config-register 0x2102
  16. Exit from the configuration mode using the following command:

    exit
  17. Save the update on the running-config to the startup-config file using the following command:

    copy running-config startup-config
  18. On Destination filename [startup-config]?, press enter key.

  19. Reboot the cisco router (i.e. using the physical switch of the router).

    After this you have the new password in effect.

Using USB to Connect to Cisco Console

Pre-requisite

  • Windows 64-bit
  • Putty application

Connecting to Cisco Console

  1. Access https://software.cisco.com/download/home.

    This requires you to be logged in to download anything.

  2. Search for the following:

    Software on Chassis : 3945 Integrated Services Router
  3. On the Select a software type, choose the following:

    USB Console Software
  4. Download the latest release (i.e. 3.1 is the latest at the time of this writing).

    This is in the form of the zip file.

  5. Extract the zip file and select which appropriate installer (i.e. based on OS type) you need.

    We will choose Windows 64-bit for this procedure.

  6. Once the installer is identified, install it.

  7. Insert the mini USB-B to the console port at the back of the cisco router.

  8. Power on your cisco router.

  9. Insert the USB-A to one of your computer's USB where you installed the USB Console Software.

  10. Open your windows device manager and check the node, Ports (COM & LPT).

  11. Identify the COM port for Cisco Serial, as follows:

  12. Once the COM port is identified, open your putty application.

  13. Select Serial as the Connection type.

  14. In the Serial line, type in the identified COM port from step 11.

  15. Click the Open button.

    This will open a cisco console, if everything is good.

Using dos2unix

Sometimes we wrote a script intended for linux but we are using windows. However, when we deploy the script to linux it doesn't work.

For example you've created the file helloworld.sh in windows with the following content:

#!/bin/sh
echo "Hello World"

Transport helloworld.sh to linux and make it executable (i.e. using the command chmod 755 helloworld.sh). Execute it using the following command:

./helloworld.sh

Expect to see something similar to the following error:

-bash: ./helloworld.sh: /bin/sh^M: bad interpreter: No such file or directory

To remedy this, run dos2unix command with helloworld.sh as follows:

dos2unix helloworld.sh

Expect an output similar to the following:

dos2unix: converting file helloworld.sh to Unix format...

After this, execute the helloworld.sh again and expect no error.