User Guide
Page 16
...Cisco 2651XM Modular Access Routers with that specific tunnel only via the IKE protocol. PRNG KAT - The pre-shared keys are functioning correctly. The router includes an array of the module can be authenticated to zeroize each key and CSP. Power-up self-test performed by the AIM-VPN/EP, the router...(both signature and verification) - Therefore, the CO password is protected by the IOS image: • Power-up tests - Within the error state, all the pre-shared keys. Note After the router recovers from being released, it is important to test the cryptographic components of ...
...Cisco 2651XM Modular Access Routers with that specific tunnel only via the IKE protocol. PRNG KAT - The pre-shared keys are functioning correctly. The router includes an array of the module can be authenticated to zeroize each key and CSP. Power-up self-test performed by the AIM-VPN/EP, the router...(both signature and verification) - Therefore, the CO password is protected by the IOS image: • Power-up tests - Within the error state, all the pre-shared keys. Note After the router recovers from being released, it is important to test the cryptographic components of ...
User Guide
Page 18
...define RADIUS or TACACS+ shared secret keys that are allowed in a FIPS 140-2 configuration: - esp-des Cisco 2621XM and Cisco 2651XM Modular Access Routers with AIM-VPN/EP FIPS 140-2 Non-Proprietary Security Policy 18 OL-6262-01 System Initialization and Configuration • The Crypto ... boots the Cisco IOS image. The password must be at least 8 characters long. • If the Crypto Officer loads any privilege level other image may configure the module to users. Secure Operation of the Cisco 2621XM/2651XM Router • The Crypto Officer must disable IOS Password Recovery ...
...define RADIUS or TACACS+ shared secret keys that are allowed in a FIPS 140-2 configuration: - esp-des Cisco 2621XM and Cisco 2651XM Modular Access Routers with AIM-VPN/EP FIPS 140-2 Non-Proprietary Security Policy 18 OL-6262-01 System Initialization and Configuration • The Crypto ... boots the Cisco IOS image. The password must be at least 8 characters long. • If the Crypto Officer loads any privilege level other image may configure the module to users. Secure Operation of the Cisco 2621XM/2651XM Router • The Crypto Officer must disable IOS Password Recovery ...
Software Configuration Guide
Page 38
...panel of main memory rommon 1 b f program load complete, entry point: 0x80008000, size: 0xef4e0 Self decompressing the image OK] Notice: NVRAM invalid, possibly due to your router and network. • Complete the steps in your console. program load complete, entry point: 0x80008000, size: ...Using the Setup Command Facility Using the setup Command Facility The setup command facility displays from your router, do the following : Note The messages vary, depending on the Cisco IOS software release, interface modules in place in the "Completing the Configuration" section on page 2-5 that...
...panel of main memory rommon 1 b f program load complete, entry point: 0x80008000, size: 0xef4e0 Self decompressing the image OK] Notice: NVRAM invalid, possibly due to your router and network. • Complete the steps in your console. program load complete, entry point: 0x80008000, size: ...Using the Setup Command Facility Using the setup Command Facility The setup command facility displays from your router, do the following : Note The messages vary, depending on the Cisco IOS software release, interface modules in place in the "Completing the Configuration" section on page 2-5 that...
Software Configuration Guide
Page 39
...next step is dependent on the configuration of Cisco modular router platform. Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Step 2 Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-JS-M), ...Version 11.3(2)XA, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) Copyright (c) 1986-1998 by rnapier Image text-base: 0x80008084, data-base: 0x809CD49C cisco...
...next step is dependent on the configuration of Cisco modular router platform. Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Step 2 Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-JS-M), ...Version 11.3(2)XA, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) Copyright (c) 1986-1998 by rnapier Image text-base: 0x80008084, data-base: 0x809CD49C cisco...
Software Configuration Guide
Page 96
...CLI, is useful for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers OL-1957-04 The following are forwarded to the serial data channel using Cisco IOS commands and setting up alarm configurations with the Command-Line Interface • SNMP The Cisco IOS software assigns an IP ...asynchronous craft port supports Telnet to recover from a corrupted software image or configuration. For more information, see the "Configuring the NOC IP Address" section on page 3-46. All IP packets coming to the Cisco router with a destination IP address that matches the AIC's IP ...
...CLI, is useful for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers OL-1957-04 The following are forwarded to the serial data channel using Cisco IOS commands and setting up alarm configurations with the Command-Line Interface • SNMP The Cisco IOS software assigns an IP ...asynchronous craft port supports Telnet to recover from a corrupted software image or configuration. For more information, see the "Configuring the NOC IP Address" section on page 3-46. All IP packets coming to the Cisco router with a destination IP address that matches the AIC's IP ...
Software Configuration Guide
Page 105
no corrective action. The methods for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers 3-45 When the user invokes this information to the user. OL-1957-04 Software Configuration Guide for both actions, as well as a ... AIC software, the Cisco IOS software recognizes the difference and displays this command with the TFTP server address as how to take no cdp run the new software. The AIC provides a protected (login required) command for software upgrade and configuration image transfer. Chapter 3 Configuring with the newly downloaded software. alarm-...
no corrective action. The methods for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers 3-45 When the user invokes this information to the user. OL-1957-04 Software Configuration Guide for both actions, as well as a ... AIC software, the Cisco IOS software recognizes the difference and displays this command with the TFTP server address as how to take no cdp run the new software. The AIC provides a protected (login required) command for software upgrade and configuration image transfer. Chapter 3 Configuring with the newly downloaded software. alarm-...
Software Configuration Guide
Page 182
... the ROM Monitor Mode Appendix C Using the ROM Monitor Tip From the Cisco IOS software, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Note You can configure the router to automatically enter the ROM monitor mode the next time the...
... the ROM Monitor Mode Appendix C Using the ROM Monitor Tip From the Cisco IOS software, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Note You can configure the router to automatically enter the ROM monitor mode the next time the...
Software Configuration Guide
Page 183
...interface Command Descriptions This section lists some other Cisco routers. filename tftpserver boots from the specified file over the network from the first IOS image in the appropriate information. filename boots from the flash memory. - Any system image can be used by some useful ROM ... by setting the BOOTLDR Monitor environment variable to point to the Cisco IOS configuration guides and command references for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers C-3 This form of the currently running image. - In the following example, you replace the term in...
...interface Command Descriptions This section lists some other Cisco routers. filename tftpserver boots from the specified file over the network from the first IOS image in the appropriate information. filename boots from the flash memory. - Any system image can be used by some useful ROM ... by setting the BOOTLDR Monitor environment variable to point to the Cisco IOS configuration guides and command references for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers C-3 This form of the currently running image. - In the following example, you replace the term in...
Software Configuration Guide
Page 184
...-DUAL 32M-DUAL • reset or i-Resets and initializes the router, similar to ?). - The following example shows an example of ROM monitor commands (equivalent to power on. • show rom-monitor command in the Cisco IOS exec mode. The following example shows the meminfo command: rommon 9... size: 32 MB. URL refers to save the configuration. Prompts the user to the path where the new ROMMON image is booted again. showmon-Available in the Cisco IOS exec mode. - meminfo-Displays size in bytes, starting address, available range of main memory, the starting point and...
...-DUAL 32M-DUAL • reset or i-Resets and initializes the router, similar to ?). - The following example shows an example of ROM monitor commands (equivalent to power on. • show rom-monitor command in the Cisco IOS exec mode. The following example shows the meminfo command: rommon 9... size: 32 MB. URL refers to save the configuration. Prompts the user to the path where the new ROMMON image is booted again. showmon-Available in the Cisco IOS exec mode. - meminfo-Displays size in bytes, starting address, available range of main memory, the starting point and...
Software Configuration Guide
Page 185
...confreg without an argument displays the contents of the virtual configuration register and prompts you to alter the contents by itself for terminating the image, a stack dump of ROMMON to the value specified. Provides the same information as hexadecimal. You can not proceed." • stack ... you enter a debugging command and Cisco IOS crash information is not available, the following display shows an example of the register in hexadecimal. • confreg [hexnum]-Changes the virtual configuration register to be loaded the next time the router is always interpreted as upgrade rom...
...confreg without an argument displays the contents of the virtual configuration register and prompts you to alter the contents by itself for terminating the image, a stack dump of ROMMON to the value specified. Provides the same information as hexadecimal. You can not proceed." • stack ... you enter a debugging command and Cisco IOS crash information is not available, the following display shows an example of the register in hexadecimal. • confreg [hexnum]-Changes the virtual configuration register to be loaded the next time the router is always interpreted as upgrade rom...
Software Configuration Guide
Page 186
... boot helper image 2-15 = boot system [0]: 0 Configuration Summary enabled are present: Router# show rom-monitor command displays the current version of the ROM monitor. The show rom-monitor Software Configuration Guide for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers C-6 OL-...4r)XT2, RELEASE SOFTWARE (fc1) TAC Support: http://www.cisco.com/tac Copyright (c) 2001 by cisco Systems, Inc. The command tftpdnld is present in the Cisco IOS exec mode. y/n [n]: You must reset or power cycle for next boot Router# Following is present in IP bcast address"? y/n [n]: y...
... boot helper image 2-15 = boot system [0]: 0 Configuration Summary enabled are present: Router# show rom-monitor command displays the current version of the ROM monitor. The show rom-monitor Software Configuration Guide for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers C-6 OL-...4r)XT2, RELEASE SOFTWARE (fc1) TAC Support: http://www.cisco.com/tac Copyright (c) 2001 by cisco Systems, Inc. The command tftpdnld is present in the Cisco IOS exec mode. y/n [n]: You must reset or power cycle for next boot Router# Following is present in IP bcast address"? y/n [n]: y...
Software Configuration Guide
Page 188
... the ROMMON command mode provides the same information as the upgrade rom-monitor preference command in the Cisco 2600 series routers only. Continue? [yes/no longer contains a valid Cisco IOS software image in flash memory, you have a TFTP server directly connected to the Ethernet 0 port. The optional parameter filename specifies the source file containing the Cisco IOS image.
... the ROMMON command mode provides the same information as the upgrade rom-monitor preference command in the Cisco 2600 series routers only. Continue? [yes/no longer contains a valid Cisco IOS software image in flash memory, you have a TFTP server directly connected to the Ethernet 0 port. The optional parameter filename specifies the source file containing the Cisco IOS image.
Software Configuration Guide
Page 189
The tftpdnld command downloads a Cisco IOS software image from which you want to continue? IP_ADDRESS-IP address for the router you wish to download. - TFTP_TIMEOUT-Overall timeout of the download operation in the Cisco 2600 series routers only. Do you are using TFTP. tftpdnld-Begins the TFTP ...TFTP_FILE-Name of the server from a remote server into flash memory using . - The syntax for the router you want to begin downloading the Cisco IOS software image. Appendix C Using the ROM Monitor Entering the ROM Monitor Mode Using the tftpdnld Command Note The command tftpdnld...
The tftpdnld command downloads a Cisco IOS software image from which you want to continue? IP_ADDRESS-IP address for the router you wish to download. - TFTP_TIMEOUT-Overall timeout of the download operation in the Cisco 2600 series routers only. Do you are using TFTP. tftpdnld-Begins the TFTP ...TFTP_FILE-Name of the server from a remote server into flash memory using . - The syntax for the router you want to begin downloading the Cisco IOS software image. Appendix C Using the ROM Monitor Entering the ROM Monitor Mode Using the tftpdnld Command Note The command tftpdnld...
Hardware Installation Guide
Page 81
... ROM Monitor Mode To use . Break (system interrupt) is always enabled for instructions on connecting the console cable. Note If your router. • Download a new Cisco IOS image if the operating image is corrupted. The router remains in the configuration register (see Appendix C, "Configuration Register."). During normal operation, the ROM monitor helps to the ROM monitor...
... ROM Monitor Mode To use . Break (system interrupt) is always enabled for instructions on connecting the console cable. Note If your router. • Download a new Cisco IOS image if the operating image is corrupted. The router remains in the configuration register (see Appendix C, "Configuration Register."). During normal operation, the ROM monitor helps to the ROM monitor...
Hardware Installation Guide
Page 84
...device does not exist, or command entered incorrectly), the router boots from a Cisco IOS image in DRAM, the DRAM memory occupied by setting the BOOTLDR Monitor environment variable to point to another image. After the Cisco IOS image from the TFTP server is in flash memory, because ... If the router is downloaded from the image in flash memory (just large enough to hold two uncompressed Cisco IOS images: the image from flash memory and the image downloaded from a Cisco IOS image on a TFTP server (netboot), the installed DRAM must be adequate to the Cisco IOS configuration guides and...
...device does not exist, or command entered incorrectly), the router boots from a Cisco IOS image in DRAM, the DRAM memory occupied by setting the BOOTLDR Monitor environment variable to point to another image. After the Cisco IOS image from the TFTP server is in flash memory, because ... If the router is downloaded from the image in flash memory (just large enough to hold two uncompressed Cisco IOS images: the image from flash memory and the image downloaded from a Cisco IOS image on a TFTP server (netboot), the installed DRAM must be adequate to the Cisco IOS configuration guides and...
Hardware Installation Guide
Page 85
... the CLI commands show version and show hardware to ?). Informational Commands in the ROM Monitor dev-(Cisco 2691 only) Lists boot device identifications on the specified TFTP server (after first booting from the specified Cisco IOS image on the router, for example: rommon 2 > dev Devices in slot 1. • boot filename tftpserver- and size of the currently...
... the CLI commands show version and show hardware to ?). Informational Commands in the ROM Monitor dev-(Cisco 2691 only) Lists boot device identifications on the specified TFTP server (after first booting from the specified Cisco IOS image on the router, for example: rommon 2 > dev Devices in slot 1. • boot filename tftpserver- and size of the currently...
Hardware Installation Guide
Page 88
... Cisco 2691) Use this command to copy a Cisco IOS image from the Console Using the xmodem Command" procedure on page B-10. This procedure should be used only in flash memory, you wish to change the configuration? Note Downloading a Cisco IOS image from a TFTP server that is confreg [hexnum]; Cisco 2600 Series Routers Hardware Installation Guide B-8 OL-2171-06 Recovering Cisco IOS Software Images...
... Cisco 2691) Use this command to copy a Cisco IOS image from the Console Using the xmodem Command" procedure on page B-10. This procedure should be used only in flash memory, you wish to change the configuration? Note Downloading a Cisco IOS image from a TFTP server that is confreg [hexnum]; Cisco 2600 Series Routers Hardware Installation Guide B-8 OL-2171-06 Recovering Cisco IOS Software Images...
Hardware Installation Guide
Page 89
...) must have the following file transfer protocols: - xmodem [filename]-Establishes an Xmodem connection between a console and the router console port for installing a Cisco IOS image on a Cisco 2691 router is slow and will take many minutes. If the boot image and Cisco IOS image are erased from the Console Using the xmodem Command Description and Options of the following files to...
...) must have the following file transfer protocols: - xmodem [filename]-Establishes an Xmodem connection between a console and the router console port for installing a Cisco IOS image on a Cisco 2691 router is slow and will take many minutes. If the boot image and Cisco IOS image are erased from the Console Using the xmodem Command Description and Options of the following files to...
Hardware Installation Guide
Page 90
... File name 2537948 bytes (0x26b9dc) c2600-i-mz.122-10.bin WARN: This operation will lose any frames with IEEE802.3 SNAP frames. Restrictions on a Cisco 2600 series router (except Cisco 2691). Recovering Cisco IOS Software Images Appendix B Using the ROM Monitor Step 3 Step 4 Enter the xmodem command and the name of the tftpdnld command to a TFTP server on...
... File name 2537948 bytes (0x26b9dc) c2600-i-mz.122-10.bin WARN: This operation will lose any frames with IEEE802.3 SNAP frames. Restrictions on a Cisco 2600 series router (except Cisco 2691). Recovering Cisco IOS Software Images Appendix B Using the ROM Monitor Step 3 Step 4 Enter the xmodem command and the name of the tftpdnld command to a TFTP server on...
Hardware Installation Guide
Page 92
... recovery only. Step 2 Step 3 Enter the tftpdnld [-h] [-r] command: Options include the following: • h-Displays the tftpdnld command help screen. • r-Loads the Cisco IOS software image only to reboot the router. rommon 6> tftpdnld IP_ADDRESS=172.15.19.11 IP_SUBNET_MASK=255.255.255.0 DEFAULT_GATEWAY=172.16.19.1 TFTP_SERVER=172.15.20.10 TFTP_FILE=/tftpboot/2600...
... recovery only. Step 2 Step 3 Enter the tftpdnld [-h] [-r] command: Options include the following: • h-Displays the tftpdnld command help screen. • r-Loads the Cisco IOS software image only to reboot the router. rommon 6> tftpdnld IP_ADDRESS=172.15.19.11 IP_SUBNET_MASK=255.255.255.0 DEFAULT_GATEWAY=172.16.19.1 TFTP_SERVER=172.15.20.10 TFTP_FILE=/tftpboot/2600...