HPE Community
Switches, Hubs, and Modems
1752801 Members
5606 Online
108789 Solutions
New Discussion юеВ

Router access denied

 
SOLVED
Go to solution
Mr Possibility
Advisor

тАО06-03-2004 04:45 AM

тАО06-03-2004 04:45 AM

Router access denied

Hi

I need assistance based on the access denied I am getting from the modular access router. I had earlier loaded with the SDM, changed the IP form the default 10.10.10.1 to a class c IP address.
I needed to log on to further my configuration using SDM but was locked out after typing the new IP address. It say "Access denied" I have log on using hyperterminal to see how I can work round this problem without much progress. Pressing CTL break took me to rommon 1> instead of the rommon 2>. Since I do not have the later based on the documentation when reseting router, I have decided to hold and ask.

Attached is the output I got after logging in to using hyperterminal.

Kindly help peruse it and help with suggestions.

What I want to do is how to default to the former IP 10.10.10.1 and then use SDM to start all over again

Thanks
0 Kudos
10 REPLIES 10
John Collier
Esteemed Contributor

тАО06-03-2004 07:05 AM

тАО06-03-2004 07:05 AM

Re: Router access denied

It seems as if you aren't getting so much of an access denied statement as you are a login/password challenge.

If you set a password when you configured the router, then simply use that login/password now and it should let you in. You will most likely be challenged for an enable password as well. Again, if you set one during the original configs, then use it.

If you didn't do the original configuration, then ask the person who did what login/password combination they configured into the router. You will also want to get the enable password from them.

If nobody in your organization set the passwords, try the basics. Every time that Cisco has been forced to load a config for us at a remote site, they have always set the log/pass as cisco/cisco. I won't promise that it will work, but it's worth a shot.

If all else fails, there are some documents available that can tell you how to 'break into' a cisco router if you have physical access to it. That would be your last step if all else fails.

Let us know if this helps or if you need more info.


Best of luck to you,
John
"I expect to pass through this world but once. Any good, therefore, that I can do, or any kindness that I can show to any human being, let me do it now. Let me not defer or neglect it, for I shall not pass this way again." Stephen Krebbet, 1793-1855
0 Kudos
Mr Possibility
Advisor

тАО06-03-2004 07:14 AM

тАО06-03-2004 07:14 AM

Re: Router access denied

Hi,

Thanks for response to my mail,

It like the log in is the problem. I do not want to break into the router for the cost. I read about password reset. Can it work for this model of router.

If it works, What will the Username/Password default to. Is it the former one before the configuration? THAT IS cisco/cisco

Thanks for your expected response
0 Kudos
John Collier
Esteemed Contributor

тАО06-08-2004 09:12 AM

тАО06-08-2004 09:12 AM

Re: Router access denied

I think you misunderstand me. When I use the term 'break into' I do no mean to actually break the router or to cause damage to it. What I am referring to is the act of interrupting the normal boot process before it loads the information required for a logon and password. That would allow you to make the config changes that are needed to put your own logon/password into the router.

As for the default, I can't say that I truly remember. It has been a long time since I have had to look at the defaults.

Please don't ask me to post the exact steps needed to 'break into' a Cisco router on this site. Even though it requires physical access to the router, I still don't feel that it is appropriate to post such information to a public site like this. I know that if you contact Cisco they could point you to information of this nature.


Please let me know if you need more info.


(PS. Have you taken the time to learn about the point system on this site? It is considered good protocol to use it).
"I expect to pass through this world but once. Any good, therefore, that I can do, or any kindness that I can show to any human being, let me do it now. Let me not defer or neglect it, for I shall not pass this way again." Stephen Krebbet, 1793-1855
0 Kudos
Mr Possibility
Advisor

тАО06-10-2004 05:42 AM

тАО06-10-2004 05:42 AM

Re: Router access denied

Hi Jon and Earnest,

I got into my shack with the sybex stuff and has really benefited alot. I had dumped it after passing my exams thinking I may not really need it again. Thank God I have not been too generous to give it out to colleagues. I just finished with the router configuration with access list.
I want to put my laptop on a seperate network, say a class A, connect with a cross over cable to the router and then connect the other systems to a hub that connect the router interface on another network, say a class C network.

However, looking at the interface of the router, I have only one ethernet 10/100 port. The other ports are the console and the auxillary. Can I make do with the auxillary port as the second ehternet interface so that I can connect my hub to this port which in turn connects the two other system i want to set up on a class C network.

Just want to ask for me to test the access list configured and to check if its functioning properly between the two separate networks.
Lest I forget, I did a password reset with a new configuration register 0x2102 as the default settings and it worked.

Thanks for you suggestions while still awaiting your responses

Regards
0 Kudos
Ernest Ford
Trusted Contributor

тАО06-10-2004 07:31 AM

тАО06-10-2004 07:31 AM

Solution

Re: Router access denied

The auxiliary port cannot be used as an ethernet port.
Mr Possibility
Advisor

тАО06-10-2004 07:13 PM

тАО06-10-2004 07:13 PM

Re: Router access denied

How do I resolve this. I will also want to log traces when my access list is hit.

Kindest regards
0 Kudos
Ernest Ford
Trusted Contributor

тАО06-10-2004 11:21 PM

тАО06-10-2004 11:21 PM

Re: Router access denied

You could add another ethernet interface to the router - but that would mean reconfiguring it - so it wouldn't be a valid test.

You mention in one of the other threads that this is not the router that you will actually be using - get that one and connect the two using a "modem eliminator" or "DTE-DCE" cable between the serial interfaces.

Finally - logging - see your IOS documentation for details on how to enable it. Whilst the concept of logging the hits on the access list sounds like a good thing, in practise it generates vast quantities of log messages thereby destroying any value that might have been gained. It is also possible to have the router "choke" on it's own logging traffic.
0 Kudos
Mr Possibility
Advisor

тАО06-11-2004 03:07 AM

тАО06-11-2004 03:07 AM

Re: Router access denied

Hi earnest,

I know it is possible! I got another router from my store that has been abandoned. It a 3600 router. I found out that a lot of things are wrong with the router, I did a password recovery to have the default settings in place for me to practice with while waiting for the add on ethernet card. I think I can make do with this one. It has one ethernet interface,
controller E1 3/0
!
controller E1 3/1 interface. written CTRLR E1 and and E0.

can I make use of either one of the E1 3/0 or 1 as the second ethernet interface? I Would have gone for the second option but for the fact that 1760 does not have a serial interface
What do you suggest.

Secondly, Before placing order for the card, I will like basic understanding of some things taking into consideration that I will be called upon to come around and display all I have been able to make out of my lab experience.

The firewall router will sit on our site, allowing access from specific organisations with designated Public IP addresses. Those are the IP addresses that will be permitted on my access list. Assume two IP addreses 10.0.0.1 and 178.90.0.45
Assuming I am having a public address 12. 25.50.1.

assuming I have configured one of the ethernet interface on the router as 12.25.50.1 connecting to another swicth on thesame network that the firewall is suppose to protect. Call the netwotk "12 network"
Now that my router will have to filter only two IP addresses. Are my expected to deploy a router to those sites with IP addresses 10.0.0.1 and 178.90.0.45 configured before I can actually pick packets to be filtered on my router ?.
What will the second ethernet interface be used for if that is the case.

If you can refer to any link or materials to read I wouldn't mind

Regards
0 Kudos
Ernest Ford
Trusted Contributor

тАО06-11-2004 05:28 AM

тАО06-11-2004 05:28 AM

Re: Router access denied

Mr. Possibility or Owotuyi Adeyinka or whoever you choose to call yourself.

You cannot use an E1 3/1 interface as an ethernet interface.

You seem to have a 1760 router with one ethernet interface and no serial interfaces -seems like you have none of the optional interface modules. Don't even bother to try testing your configuration - it's wrong, it can't work - the 1760 needs at least one optional interface and it won't let you enter configuration commands relating to a non existent interface.

One of your previous posts in this thread, speaks of "dumping sybex stuff after passing exams". I have great difficulty in believing that anyone who has read the Sybex guides or passed the first of the exams, the CCNA, would ask the questions that you have been asking.

I said it in both of your other threads, I'm going to say it in this one also - you're in over your head, seek professional assistance.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.