Advanced Network Testing/Cisco Routers

From FreekiWiki
Jump to navigation Jump to search

Cisco Router Testing

Network attached equipment is almost always protected with some form of authentication that prevents unauthorized users from accessing the equipment. This protection may be as simple as a username/password configured into the router or it may employ a network security server (TACACS+, RADIUS, Kerberos or a combination of them). In order to default the router (erase its current configuration), you will need to get around this authentication.

Interrupting the boot process

Cisco routers can have their boot process interrupted by sending a BREAK signal to the console port as they begin booting. Using GtkTerm, a Ctrl-B will send a BREAK signal. Hopefully, this will put the router in ROM Monitor mode where you can alter the configuration register.

As an added security measure, the BREAK signal can be disabled in the router configuration. If this is the case, there is usually a way to erase the configuration (and the passwords along with it). Google for "cisco <router model number> password recovery" (e.g. "cisco 2600 password recovery") to find a document on the Cisco website detailing the procedure.

Altering the Configuration Register

rommon 1> confreg

<put screen capture of confreg utility dialog here>

rommon 2> sync

rommon 3> reset

<router reboots>

Deleting the Configuration

Router> enable

Router# write erase

blah blah[confirm]

Downloading a Test Configuration

You will put a test configuration into the router that makes it act as a DHCP server in order to test its Ethernet interfaces. This is accomplished by sending a raw file from GtkTerm into the router's console port. Cisco console ports do not implement flow control so it is a good idea to set GtkTerm's End of line delay (Configuration -> Port) to 200 milliseconds before sending the file.

1) Put the router in config mode:

Router# config term

2) Send the file via GtkTerm

Ctrl-R then select file "cisco_router_test.text". This will load the configuration and exit configuration mode.

3) Using a short network cross-over cable, connect the workstation to each of the router's interfaces in turn...



Return to Advanced Network Testing.

Retrieved from "http://wiki.freegeek.org/index.php?title=Advanced_Network_Testing/Cisco_Routers&oldid=52913"