[c-nsp] Regain CLI access with snmp sets?
Persio Pucci
persio at gmail.com
Sat Sep 10 08:06:33 EDT 2011
Here is my steps:
persio.pucci at tacacs:/tftpboot$snmpset -v2c -c COMUNITY 10.20.30.1
> .1.3.6.1.4.1.9.9.96.1.1.1.1.2.200 integer 1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.2.200 = INTEGER: 1
> persio.pucci at tacacs:/tftpboot$ snmpset -v2c -c COMUNITY 10.20.30.1
> .1.3.6.1.4.1.9.9.96.1.1.1.1.3.200 integer 1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.3.200 = INTEGER: 1
> persio.pucci at tacacs:/tftpboot$ snmpset -v2c -c COMUNITY 10.20.30.1
> .1.3.6.1.4.1.9.9.96.1.1.1.1.4.200 integer 4
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.4.200 = INTEGER: 4
> persio.pucci at tacacs:/tftpboot$ snmpset -v2c -c COMUNITY 10.20.30.1
> .1.3.6.1.4.1.9.9.96.1.1.1.1.5.200 address 10.10.10.1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.5.200 = IpAddress: 10.10.10.1
> persio.pucci at tacacs:/tftpboot$ snmpset -v2c -c COMUNITY 10.20.30.1
> .1.3.6.1.4.1.9.9.96.1.1.1.1.6.200 string user
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.6.200 = STRING: "user"
> persio.pucci at tacacs:/tftpboot$ snmpset -v2c -c COMUNITY 10.20.30.1
> .1.3.6.1.4.1.9.9.96.1.1.1.1.14.200 integer 4
> Error in packet.
> Reason: inconsistentValue (The set value is illegal or unsupported in some
> way)
> Failed object: SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.14.200
As you can see, the object gets created, but it does not accepts the active
command
persio.pucci at tacacs:/tftpboot$ snmpwalk -v2c -c COMUNITY 10.20.30.1
> .1.3.6.1.4.1.9.9.96.1.1.1.1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.2.200 = INTEGER: 1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.3.200 = INTEGER: 1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.4.200 = INTEGER: 4
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.5.200 = IpAddress: 10.10.10.1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.6.200 = STRING: "user"
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.9.200 = INTEGER: 2
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.10.200 = INTEGER: 4
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.11.200 = Timeticks: (1836298009) 212
> days, 12:49:40.09
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.12.200 = Timeticks: (1836302109) 212
> days, 12:50:21.09
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.13.200 = INTEGER: 3
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.14.200 = INTEGER: 1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.15.200 = INTEGER: 1
> SNMPv2-SMI::enterprises.9.9.96.1.1.1.1.16.200 = STRING: "10.10.10.1"
> persio.pucci at tacacs:/tftpboot$
On Fri, Sep 9, 2011 at 10:12 PM, Lee <ler762 at gmail.com> wrote:
> On 9/9/11, Persio Pucci <persio at gmail.com> wrote:
> > Anybody would have a working recipe for routers, specialy 7200? I've
> > been trying the ones posted at Cisco (specially the one where you need
> > several commands) but the final "activate" command gets an error
> > response...
>
> echo "processing $DEV"
> echo " delete row 3"
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV ccCopyEntryRowStatus.3 i
> 6
> echo " create row 3 & wait"
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV ccCopyEntryRowStatus.3 i
> 5
>
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV ccCopyProtocol.3 i 1
> # use tftp
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV ccCopySourceFileType.3 i
> 1
> # 1=networkFile 3=startupConfig 4=runningConfig
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV ccCopyDestFileType.3 i 4
> # 1=networkFile 3=startupConfig 4=runningConfig
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV
> ccCopyServerAddress.3 a $TFTPHOST
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV ccCopyFileName.3 s $FILE
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV
> ccCopyNotificationOnCompletion.3 i 1
> # 1: true 2: false
> $SNMPSET $community -m CISCO-CONFIG-COPY-MIB $DEV ccCopyEntryRowStatus.3 i
> 1
> # make it active
> echo "Done!"
>
>
> Regards,
> Lee
>
>
>
>
> > Em 08/09/2011, às 18:44, Mike <mike-cisconsplist at tiedyenetworks.com>
> > escreveu:
> >
> >> Hello,
> >>
> >> I am sure this can be done and am calling on my fellows to help light
> >> the way!
> >>
> >> I have a cisco 2970 switch newly installed in a remote, inaccessible
> >> location that presently lacks OOB serial access. Due to a config error,
> I
> >> cannot telnet into the unit due to missing config elements:
> >>
> >> Escape character is '^]'.
> >>
> >>
> >> Password required, but none set
> >> Connection closed by foreign host.
> >>
> >>
> >> I do have, however, a writable snmp community string. So I am
> wondering
> >> if it would be possible to update the running config using snmp in order
> >> to give me telnet access to this unit? It would beat a trip back out
> there
> >> and would serve my cisco education well too. So how about it, any
> takers?
> >>
> >> Mike-
> >> _______________________________________________
> >> cisco-nsp mailing list cisco-nsp at puck.nether.net
> >> https://puck.nether.net/mailman/listinfo/cisco-nsp
> >> archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
>
More information about the cisco-nsp
mailing list