User Guide
Page 16
... error state. PRNG KAT - If any secure data from failure of a power-up self-test performed by the IOS image: • Power-up bypass test - Power-up tests - HMAC SHA-1 KAT Cisco 2621XM and Cisco 2651XM Modular Access Routers with that specific tunnel only via the IKE protocol. RSA signature KAT (both signature and...
... error state. PRNG KAT - If any secure data from failure of a power-up self-test performed by the IOS image: • Power-up bypass test - Power-up tests - HMAC SHA-1 KAT Cisco 2621XM and Cisco 2651XM Modular Access Routers with that specific tunnel only via the IKE protocol. RSA signature KAT (both signature and...
User Guide
Page 18
...privilege level 1 (the default). • The Crypto Officer shall not assign a command to any IOS image onto the router, this will not be possible. esp-des Cisco 2621XM and Cisco 2651XM Modular Access Routers with AIM-VPN/EP FIPS 140-2 Non-Proprietary Security Policy 18 OL-6262-...FIPS mode of operation. This setting disables break from the console to the ROM monitor and automatically boots the Cisco IOS image. The password must be 0x0102. ah-sha-hmac - Cisco IOS version 12.3(3d) is entered when the Crypto Officer first engages the "enable" command. IPSec Requirements and ...
...privilege level 1 (the default). • The Crypto Officer shall not assign a command to any IOS image onto the router, this will not be possible. esp-des Cisco 2621XM and Cisco 2651XM Modular Access Routers with AIM-VPN/EP FIPS 140-2 Non-Proprietary Security Policy 18 OL-6262-...FIPS mode of operation. This setting disables break from the console to the ROM monitor and automatically boots the Cisco IOS image. The password must be 0x0102. ah-sha-hmac - Cisco IOS version 12.3(3d) is entered when the Crypto Officer first engages the "enable" command. IPSec Requirements and ...
Software Configuration Guide
Page 38
...and feature set you can exit and run the facility again. program load complete, entry point: 0x80008000, size: 0x415b20 Self decompressing the image OK] Restricted Rights Legend Software Configuration Guide for your router, do the following: • Complete the steps in the "Configuring Global ... the lower right corner, near the power cord. To create a basic configuration for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers 2-2 OL-1957-04 The power switch is on the Cisco IOS software release, interface modules in place in your PC terminal emulation program window.
...and feature set you can exit and run the facility again. program load complete, entry point: 0x80008000, size: 0x415b20 Self decompressing the image OK] Restricted Rights Legend Software Configuration Guide for your router, do the following: • Complete the steps in the "Configuring Global ... the lower right corner, near the power cord. To create a basic configuration for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers 2-2 OL-1957-04 The power switch is on the Cisco IOS software release, interface modules in place in your PC terminal emulation program window.
Software Configuration Guide
Page 39
... as set forth in the next step is dependent on the configuration of Cisco modular router platform. If you terminate AutoInstall, you enter the Cisco IOS software CLI. Step 3 When the following message appears, enter yes to ...IOS (tm) C2600 Software (C2600-JS-M), Version 11.3(2)XA, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) Copyright (c) 1986-1998 by cisco Systems, Inc. AutoInstall is a procedure that appears in subparagraph (c) of processor board System flash (Read/Write) --- Compiled Tue 10-Mar-98 14:18 by rnapier Image text-base: 0x80008084, data-base: 0x809CD49C cisco...
... as set forth in the next step is dependent on the configuration of Cisco modular router platform. If you terminate AutoInstall, you enter the Cisco IOS software CLI. Step 3 When the following message appears, enter yes to ...IOS (tm) C2600 Software (C2600-JS-M), Version 11.3(2)XA, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) Copyright (c) 1986-1998 by cisco Systems, Inc. AutoInstall is a procedure that appears in subparagraph (c) of processor board System flash (Read/Write) --- Compiled Tue 10-Mar-98 14:18 by rnapier Image text-base: 0x80008084, data-base: 0x809CD49C cisco...
Software Configuration Guide
Page 96
... configuration scenarios. All IP packets coming to the Cisco router with the Command-Line Interface • SNMP The Cisco IOS software assigns an IP address to the AIC for debugging when remote Telnet to recover from a corrupted software image or configuration. The asynchronous craft port also supports ...an AIC boot sequence, similar to the ROM monitor in Cisco IOS software, which allows the user to the AIC's IP address (remote-CLI) ...
... configuration scenarios. All IP packets coming to the Cisco router with the Command-Line Interface • SNMP The Cisco IOS software assigns an IP address to the AIC for debugging when remote Telnet to recover from a corrupted software image or configuration. The asynchronous craft port also supports ...an AIC boot sequence, similar to the ROM monitor in Cisco IOS software, which allows the user to the AIC's IP address (remote-CLI) ...
Software Configuration Guide
Page 105
...of time, ping the AIC address to override the existing software or configuration, are sent for an unusually long period of Cisco IOS and AIC software, the Cisco IOS software recognizes the difference and displays this command with the Command-Line Interface Configuring the NM-AIC-64, Contact Closure Network... as a parameter, the AIC connects to the IP address and, via TFTP, retrieves the software image file. The user makes the decision whether to upgrade or downgrade either the Cisco IOS or AIC software or to the user. When the user invokes this information to take no exec transport...
...of time, ping the AIC address to override the existing software or configuration, are sent for an unusually long period of Cisco IOS and AIC software, the Cisco IOS software recognizes the difference and displays this command with the Command-Line Interface Configuring the NM-AIC-64, Contact Closure Network... as a parameter, the AIC connects to the IP address and, via TFTP, retrieves the software image file. The user makes the decision whether to upgrade or downgrade either the Cisco IOS or AIC software or to the user. When the user invokes this information to take no exec transport...
Software Configuration Guide
Page 182
... Monitor Mode Appendix C Using the ROM Monitor Tip From the Cisco IOS software, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Note You can configure the router to automatically enter the ...the section "Command Descriptions" later in the Cisco 3700 series routers only. or help history meminfo repeat reset set /show/clear the breakpoint configuration register utility continue executing a downloaded image display the context of a loaded image display contents of cookie PROM in hex ...
... Monitor Mode Appendix C Using the ROM Monitor Tip From the Cisco IOS software, you must manually boot the operating system from last system return tftp image download unset an alias unset a monitor variable x/ymodem image download Note You can configure the router to automatically enter the ...the section "Command Descriptions" later in the Cisco 3700 series routers only. or help history meminfo repeat reset set /show/clear the breakpoint configuration register utility continue executing a downloaded image display the context of a loaded image display contents of cookie PROM in hex ...
Software Configuration Guide
Page 183
... following conventions: • Square brackets [ ] denote an optional element. filename boots from the first IOS image in this purpose. • Options to the boot command are using: command type interface Command Descriptions This section lists some other Cisco routers. dir device:[partition:]-Lists the files on ROM monitor commands. Note The commands show...
... following conventions: • Square brackets [ ] denote an optional element. filename boots from the first IOS image in this purpose. • Options to the boot command are using: command type interface Command Descriptions This section lists some other Cisco routers. dir device:[partition:]-Lists the files on ROM monitor commands. Note The commands show...
Software Configuration Guide
Page 184
...command isavailable in the ROMMON command mode. showmon-Available in the Cisco IOS exec mode. - URL refers to ?). - Available main memory starts at 0xa000e000, size 32704KB IO (packet) memory size: 25 percent of ROMMON in the Cisco IOS exec mode. • upgrade rom-monitor -Installs and reloads ...equivalent to the path where the new ROMMON image is booted again. Software Configuration Guide for execution when the Cisco IOS software is stored. Prompts the user to power on. • show rom-monitor command in the Cisco IOS exec mode. The following example shows an example...
...command isavailable in the ROMMON command mode. showmon-Available in the Cisco IOS exec mode. - URL refers to ?). - Available main memory starts at 0xa000e000, size 32704KB IO (packet) memory size: 25 percent of ROMMON in the Cisco IOS exec mode. • upgrade rom-monitor -Installs and reloads ...equivalent to the path where the new ROMMON image is booted again. Software Configuration Guide for execution when the Cisco IOS software is stored. Prompts the user to power on. • show rom-monitor command in the Cisco IOS exec mode. The following example shows an example...
Software Configuration Guide
Page 185
rommon-pref-Used in the Cisco IOS exec mode. This information includes the reason for terminating the image, a stack dump of up to eight frames, and, if an exception is not effective until you reset or power-cycle the router. To ... PC: 0x802b102c FP: 0x809083b0, PC: 0x802b0b88 FP: 0x809083d8, PC: 0x8017039c FP: 0x809083e8, PC: 0x8016f764 Configuration Register Commands The virtual configuration register resides in the Cisco IOS exec mode. - Debugging Commands Most debugging commands are : OL-1957-04 Software Configuration Guide for menu mode, or enter the new value of each bit...
rommon-pref-Used in the Cisco IOS exec mode. This information includes the reason for terminating the image, a stack dump of up to eight frames, and, if an exception is not effective until you reset or power-cycle the router. To ... PC: 0x802b102c FP: 0x809083b0, PC: 0x802b0b88 FP: 0x809083d8, PC: 0x8017039c FP: 0x809083e8, PC: 0x8016f764 Configuration Register Commands The virtual configuration register resides in the Cisco IOS exec mode. - Debugging Commands Most debugging commands are : OL-1957-04 Software Configuration Guide for menu mode, or enter the new value of each bit...
Software Configuration Guide
Page 188
... ROMMON command mode provides the same information as the upgrade rom-monitor preference command in the Cisco IOS Exec mod. Continue? [yes/no longer contains a valid Cisco IOS software image in the Cisco 2600 series routers only. Using the xmodem Command The xmodem command establishes a connection between the... Following sample output shows a configuration that has xmodem capability. • tftpdnld-Use this if you can recover the Cisco IOS image using one of the following : • -c-Uses cyclic redundancy check (CRC-16) • -y-Uses Ymodem transfer protocol • -r-Copies the...
... ROMMON command mode provides the same information as the upgrade rom-monitor preference command in the Cisco IOS Exec mod. Continue? [yes/no longer contains a valid Cisco IOS software image in the Cisco 2600 series routers only. Using the xmodem Command The xmodem command establishes a connection between the... Following sample output shows a configuration that has xmodem capability. • tftpdnld-Use this if you can recover the Cisco IOS image using one of the following : • -c-Uses cyclic redundancy check (CRC-16) • -y-Uses Ymodem transfer protocol • -r-Copies the...
User Guide
Page 10
...Cards. The Crypto Officer shall not assign a command to the ROM monitor and automatically and boots the IOS image. No other than its default. The password must re-apply tamper evidence labels on the router as...image. The Crypto Officer must perform the initial configuration. From the "configure terminal" command line, the Crypto Officer enters the following syntax at the "#" prompt: enable secret [PASSWORD] Step 4 The Crypto Officer must apply tamper evidence labels as described in FIPS mode. Secure Operation of the Cisco 2621 Router Secure Operation of the Cisco 2621...
...Cards. The Crypto Officer shall not assign a command to the ROM monitor and automatically and boots the IOS image. No other than its default. The password must re-apply tamper evidence labels on the router as...image. The Crypto Officer must perform the initial configuration. From the "configure terminal" command line, the Crypto Officer enters the following syntax at the "#" prompt: enable secret [PASSWORD] Step 4 The Crypto Officer must apply tamper evidence labels as described in FIPS mode. Secure Operation of the Cisco 2621 Router Secure Operation of the Cisco 2621...
User Guide
Page 24
...Officer may add and remove WAN Interface Cards. The password must be at least 8 characters) to the ROM monitor and automatically and boots the IOS image. The Crypto Officer enters the following syntax: config-register 0x0101 Step 3 The Crypto Officer must create the "enable" password for Users. This ...label from the router and clean the cover of the console port is required for the Crypto Officer role. Secure Operation of the Cisco 2651 Router Secure Operation of the boot field must be 0x0101 (the factory default). The Crypto Officer must apply tamper evidence labels...
...Officer may add and remove WAN Interface Cards. The password must be at least 8 characters) to the ROM monitor and automatically and boots the IOS image. The Crypto Officer enters the following syntax: config-register 0x0101 Step 3 The Crypto Officer must create the "enable" password for Users. This ...label from the router and clean the cover of the console port is required for the Crypto Officer role. Secure Operation of the Cisco 2651 Router Secure Operation of the boot field must be 0x0101 (the factory default). The Crypto Officer must apply tamper evidence labels...
Hardware Installation Guide
Page 81
...). • Set the configuration register so that runs when you power up or restart a Cisco router. Note If your router. • Download a new Cisco IOS image if the operating image is the firmware that the router enters the ROM monitor mode whenever it boots. Break (system...ROM Monitor Commands, page B-2 • ROM Monitor Command Syntax Conventions, page B-3 • ROM Monitor Command Descriptions, page B-4 • Recovering Cisco IOS Software Images, page B-8 Entering ROM Monitor Mode To use . During this 60-second period, you must have a Break key, refer to enter the ROM...
...). • Set the configuration register so that runs when you power up or restart a Cisco router. Note If your router. • Download a new Cisco IOS image if the operating image is the firmware that the router enters the ROM monitor mode whenever it boots. Break (system...ROM Monitor Commands, page B-2 • ROM Monitor Command Syntax Conventions, page B-3 • ROM Monitor Command Descriptions, page B-4 • Recovering Cisco IOS Software Images, page B-8 Entering ROM Monitor Mode To use . During this 60-second period, you must have a Break key, refer to enter the ROM...
Hardware Installation Guide
Page 84
...the router does not have enough flash memory to hold two uncompressed Cisco IOS images: the image from flash memory and the image downloaded from a Cisco IOS image on ROM monitor commands. The first image in DRAM, the DRAM memory occupied by setting the BOOTLDR Monitor ...in the boot command (device does not exist, or command entered incorrectly), the router boots from the TFTP server is released. After the Cisco IOS image from the first image in DRAM. boot [flash: [partition: [filename]] | slot0: [partition: [filename]] | slot1: [partition: [filename]] | filename tftpserver...
...the router does not have enough flash memory to hold two uncompressed Cisco IOS images: the image from flash memory and the image downloaded from a Cisco IOS image on ROM monitor commands. The first image in DRAM, the DRAM memory occupied by setting the BOOTLDR Monitor ...in the boot command (device does not exist, or command entered incorrectly), the router boots from the TFTP server is released. After the Cisco IOS image from the first image in DRAM. boot [flash: [partition: [filename]] | slot0: [partition: [filename]] | slot1: [partition: [filename]] | filename tftpserver...
Hardware Installation Guide
Page 85
... the ROM Monitor ROM Monitor Command Descriptions • boot-Boots from the first Cisco IOS image in internal flash memory. • boot flash:-Boots from the first Cisco IOS image in the internal Flash memory. • boot flash: partition:-Boots from the first Cisco IOS image in the specified partition in internal flash memory. • boot flash: filename-Boots...
... the ROM Monitor ROM Monitor Command Descriptions • boot-Boots from the first Cisco IOS image in internal flash memory. • boot flash:-Boots from the first Cisco IOS image in the internal Flash memory. • boot flash: partition:-Boots from the first Cisco IOS image in the specified partition in internal flash memory. • boot flash: filename-Boots...
Hardware Installation Guide
Page 88
... slow. See the "Configuration Register Commands" procedure on page B-7. • tftpdnld-(Except Cisco 2691) Use this command to copy a Cisco IOS image from the console, if the computer attached to copy a Cisco IOS image from a TFTP Server Using the tftpdnld Command" procedure on page B-9. Note Downloading a Cisco IOS image from the Console Using the xmodem Command" procedure on page B-10.
... slow. See the "Configuration Register Commands" procedure on page B-7. • tftpdnld-(Except Cisco 2691) Use this command to copy a Cisco IOS image from the console, if the computer attached to copy a Cisco IOS image from a TFTP Server Using the tftpdnld Command" procedure on page B-9. Note Downloading a Cisco IOS image from the Console Using the xmodem Command" procedure on page B-10.
Hardware Installation Guide
Page 89
... Xmodem connection between a console and the router console port for launch. • x-Do not launch image on page 3-20. Xmodem - If the boot image and Cisco IOS image are erased from a CompactFlash memory card loaded in the external CompactFlash memory card slot. Appendix B Using...port using the instructions in flash memory. Ymodem • Cisco IOS image file Procedure for a valid boot image and Cisco IOS image in the "Connecting to flash memory, perform the following procedure. Power up the router. Copying an Image from the Console Using the xmodem Command Description and Options...
... Xmodem connection between a console and the router console port for launch. • x-Do not launch image on page 3-20. Xmodem - If the boot image and Cisco IOS image are erased from a CompactFlash memory card loaded in the external CompactFlash memory card slot. Appendix B Using...port using the instructions in flash memory. Ymodem • Cisco IOS image file Procedure for a valid boot image and Cisco IOS image in the "Connecting to flash memory, perform the following procedure. Power up the router. Copying an Image from the Console Using the xmodem Command Description and Options...
Hardware Installation Guide
Page 90
.... If the TFTP server resides off the local ring, you wish to continue? [yes/no]: Enter yes to copy the Cisco IOS image into flash memory using the tftpdnld command: • Ethernet and FastEthernet-Accepts and sends only Ethernet V2.0 data packets. •... command to the factory default speed (typically 9600 bps). Copying an Image from a TFTP Server Using the tftpdnld Command The tftpdnld command downloads a Cisco IOS software image from a remote server accessible from the Cisco IOS image. Recovering Cisco IOS Software Images Appendix B Using the ROM Monitor Step 3 Step 4 Enter the...
.... If the TFTP server resides off the local ring, you wish to continue? [yes/no]: Enter yes to copy the Cisco IOS image into flash memory using the tftpdnld command: • Ethernet and FastEthernet-Accepts and sends only Ethernet V2.0 data packets. •... command to the factory default speed (typically 9600 bps). Copying an Image from a TFTP Server Using the tftpdnld Command The tftpdnld command downloads a Cisco IOS software image from a remote server accessible from the Cisco IOS image. Recovering Cisco IOS Software Images Appendix B Using the ROM Monitor Step 3 Step 4 Enter the...
Hardware Installation Guide
Page 92
...[-h] [-r] command: Options include the following: • h-Displays the tftpdnld command help screen. • r-Loads the Cisco IOS software image only to download the Cisco IOS software image. rommon 6> tftpdnld IP_ADDRESS=172.15.19.11 IP_SUBNET_MASK=255.255.255.0 DEFAULT_GATEWAY=172.16.19.1 TFTP_SERVER=172.15.20... Token Ring network interface; y/n: [n]: Enter y to DRAM and launches the image without writing the image into flash memory. rommon 7> The router is 0. Do you wish to boot from the Cisco IOS image. WARNING: all existing data in all partitions on your screen. Enter the...
...[-h] [-r] command: Options include the following: • h-Displays the tftpdnld command help screen. • r-Loads the Cisco IOS software image only to download the Cisco IOS software image. rommon 6> tftpdnld IP_ADDRESS=172.15.19.11 IP_SUBNET_MASK=255.255.255.0 DEFAULT_GATEWAY=172.16.19.1 TFTP_SERVER=172.15.20... Token Ring network interface; y/n: [n]: Enter y to DRAM and launches the image without writing the image into flash memory. rommon 7> The router is 0. Do you wish to boot from the Cisco IOS image. WARNING: all existing data in all partitions on your screen. Enter the...