Senior Acquisitions Editor: Kenyon Brown Development Editor: Kim Wimpsett

could potentially miss out on a sale! Of course if the feature does work for

you, they’ll want you to buy a permanent license, but again, this is on the

honor system at the time of this writing.

Cisco’s license model allows you to install the feature you want without a

PAK. The Right-To-Use license works for 60 days before you would need

to install your permanent license. To enable the Right-To-Use license you

would use the

license boot module

command. The following

demonstrates starting the Right-To-Use license on my 2900 series router,

enabling the security module named

securityk9

:

Router(config)#

license boot module c2900 technology-package

securityk9

PLEASE READ THE FOLLOWING TERMS CAREFULLY. INSTALLING THE LICENSE

OR LICENSE KEY PROVIDED FOR ANY CISCO PRODUCT FEATURE OR USING

SUCHPRODUCT FEATURE CONSTITUTES YOUR FULL ACCEPTANCE OF THE

FOLLOWING TERMS. YOU MUST NOT PROCEED FURTHER IF YOU ARE NOT

WILLING

TO BE BOUND BY ALL THE TERMS SET FORTH HEREIN.

[output cut]

Activation of the software command line interface will be evidence

of

your acceptance of this agreement.

ACCEPT? [yes/no]:

yes

% use 'write' command to make license boot config take effect on

next boot

Feb 12 01:35:45.060: %IOS_LICENSE_IMAGE_APPLICATION-6-

LICENSE_LEVEL:

Module name =c2900 Next reboot level = securityk9 and License =

securityk9

Feb 12 01:35:45.524: %LICENSE-6-EULA_ACCEPTED: EULA for feature

securityk9 1.0 has been accepted. UDI=CISCO2901/K9:FTX1628838P;

StoreIndex=0:Built-In License Storage

Once the router is reloaded, you can use the security feature set. And it is

really nice that you don’t need to reload the router again if you choose to

install a permanent license for this feature. The

show license

command

shows the licenses installed on the router:

Router#

show license

Index 1 Feature: ipbasek9

Period left: Life time

License Type: Permanent

License State: Active, In Use

License Count: Non-Counted

License Priority: Medium

Index 2 Feature: securityk9

Period left: 8 weeks 2 days

Period Used: 0 minute 0 second

License Type: EvalRightToUse

License State: Active, In Use

License Count: Non-Counted

License Priority: None

Index 3 Feature: uck9

Period left: Life time

License Type: Permanent

License State: Active, In Use

License Count: Non-Counted

License Priority: Medium

Index 4 Feature: datak9

Period left: Not Activated

Period Used: 0 minute 0 second

License Type: EvalRightToUse

License State: Not in Use, EULA not accepted

License Count: Non-Counted

License Priority: None

Index 5 Feature: gatekeeper

[output cut]

You can see in the preceding output that the

ipbasek9

is permanent and

the

securityk9

has a license type of

EvalRightToUse

. The

show license

feature

command provides the same information as

show license

, but it’s

summarized into one line as shown in the next output:

Router#

sh license feature

Feature name Enforcement Evaluation Subscription Enabled

RightToUse

ipbasek9 no no no yes

no

securityk9 yes yes no no

yes

uck9 yes yes no yes

yes

datak9 yes yes no no

yes

gatekeeper yes yes no no

yes

SSL_VPN yes yes no no

yes

ios-ips-update yes yes yes no

yes

SNASw yes yes no no

yes

hseck9 yes no no no

no

cme-srst yes yes no yes

yes

WAAS_Express yes yes no no

yes

UCVideo yes yes no no

yes

The

show version

command also shows the license information at the end

of the command output:

Router#

show version

[output cut]

License Info:

License UDI:

-------------------------------------------------

Device# PID SN

-------------------------------------------------

*0 CISCO2901/K9 FTX1641Y07J

Technology Package License Information for Module:'c2900'

-----------------------------------------------------------------

Technology Technology-package Technology-package

Current Type Next reboot

------------------------------------------------------------------

ipbase ipbasek9 Permanent ipbasek9

security None None None

uc uck9 Permanent uck9

data None None None

Configuration register is 0x2102

The

show version

command shows if the license was activated. Don’t

forget, you’ll need to reload the router to have the license features take

effect if the license evaluation is not already active.

Backing Up and Uninstalling the License

It would be a shame to lose your license if it has been stored in flash and

your flash files become corrupted. So always back up your IOS license!

If your license has been saved in a location other than flash, you can

easily back it up to flash memory via the

license save

command:

Router#

license save flash:Todd_License.lic

The previous command will save your current license to flash. You can

restore your license with the

license install

command I demonstrated

earlier.

There are two steps to uninstalling the license on a router. First, to

uninstall the license you need to disable the technology package, using

the

no license boot module

command with the keyword

disable

at the

end of the command line:

Router#

license boot module c2900 technology-package securityk9

disable

The second step is to clear the license. To achieve this from the router,

use the

license clear

command and then remove the license with the

no

license boot module

command:

Router#

license clear securityk9

Router#

config t

Router(config)#

no license boot module c2900 technology-package

securityk9 disable

Router(config)#

exit

Router#

reload

After you run through the preceding commands, the license will be

removed from your router.

Here’s a summary of the license commands I used in this chapter. These

are important commands to have down and you really need to

understand these to meet the Cisco objectives:

show license

determines the licenses that are active on your system. It

also displays a group of lines for each feature in the currently running

IOS image along with several status variables related to software

activation and licensing, both licensed and unlicensed features.

show license feature

allows you to view the technology package

licenses and feature licenses that are supported on your router along

with several status variables related to software activation and

licensing. This includes both licensed and unlicensed features.

show license udi

displays the unique device identifier (UDI) of the

router, which comprises the product ID (PID) and serial number of

the router.

show version

displays various pieces of information about the current

IOS version, including the licensing details at the end of the

command’s output.

license install url

installs a license key file into a router.

license boot module

installs a Right-To-Use license feature on a

router.

To help you organize a large amount of licenses, search on

Cisco.com

for the Cisco Smart Software Manager. This web page

enables you to manage all your licenses from one centralized website.

With Cisco Smart Software Manager, you organize and view your

licenses in groups that are called virtual accounts, which are

collections of licenses and product instances.

Summary

You now know how Cisco routers are configured and how to manage

those configurations.

This chapter covered the internal components of a router, which included

ROM, RAM, NVRAM, and flash.

In addition, I covered what happens when a router boots and which files

are loaded at that time. The configuration register tells the router how to

boot and where to find files. You learned how to change and verify the

configuration register settings for ​password recovery purposes. I also

showed you how to manage these files using the CLI and IFS.

Finally, the chapter covered licensing with the new 15.0 code, including

how to install a permanent license and a Right-To-Use license to install

features for 60 days. I also showed you the verification commands used

to see what licenses are installed and to verify their status.

Exam Essentials

Define the Cisco router components. Describe the functions of the

bootstrap, POST, ROM monitor, mini-IOS, RAM, ROM, flash memory,

NVRAM, and the configuration register.

Identify the steps in the router boot sequence. The steps in the

boot sequence are POST, loading the IOS, and copying the startup

configuration from NVRAM to RAM.

Understand configuration register commands and settings. The

0x2102 setting is the default on all Cisco routers and tells the router to

look in NVRAM for the boot sequence. 0x2101 tells the router to boot

from ROM, and 0x2142 tells the router not to load the startup-config in

NVRAM to provide password recovery.

Perform password recovery. The steps in the password recovery

process are interrupt the router boot sequence, change the configuration

register, reload the router and enter privileged mode, copy the startup-

config file to running-config and verify that your interfaces are re-

enabled, change/set the password, save the new configuration, reset the

configuration register, and reload the router.

Back up an IOS image. By using the privileged-mode command

copy

flash tftp

, you can back up a file from flash memory to a TFTP

(network) server.

Restore or upgrade an IOS image. By using the privileged-mode

command

copy tftp flash

, you can restore or upgrade a file from a TFTP

(network) server to flash memory.

Describe best practices to prepare to back up an IOS image to a

network server. Make sure that you can access the network server,

ensure that the network server has adequate space for the code image,

and verify the file naming and path requirement.

Understand and use Cisco IFS file system management

commands. The commands to use are

dir

,

copy

,

more

,

delete

,

erase

or

format

,

cd

and

pwd

, and

mkdir

and

rmdir

, as well as

system:running-

config

and

nvram:startup-config

.

Remember how to install a permanent and Right-To-Use

license. To install a permanent license on a router, use the

install

license

url

command. To install an evaluation feature, use the

license

boot module

command.

Remember the verification commands used for licensing in the

new ISR G2 ​routers. The

show license

command determines the

licenses that are active on your ​system. The

show

license feature

command allows you to view the technology package licenses and feature

licenses that are supported on your router. The

show license udi

command displays the unique device identifier (UDI) of the router, which

comprises the product ID (PID) and serial number of the router, and the

show version

command displays information about the current IOS

version, including the licensing details at the end of the command’s

output.

Written Lab 8

You can find the answers to this labs in Appendix A, “Answers to Written

Labs.”

In this section, you’ll complete the following lab to make sure you’ve got

the information and concepts contained within them fully dialed in:

Lab 8.1: IOS Management

Written Lab 8.1: IOS Management

Write the answers to the following questions:

1.  What is the command to copy a Cisco IOS to a TFTP server?

2.  What do you set the configuration register setting to in order to boot

the mini-IOS in ROM?

3.  What is the configuration register setting to tell the router to look in

NVRAM for the boot sequence?

4.  What do you set the configuration register setting to in order to boot

to ROM monitor mode?

5.  What is used with a PAK to generate a license file?

6.  What is the configuration register setting for password recovery?

7.  Which command can change the location from which the system loads

the IOS?

8.  What is the first step of the router boot sequence?

9.  What command can you use to upgrade a Cisco IOS?

10.  Which command determines the licenses that are active on your

system?

Hands-on Labs

To complete the labs in this section, you need at least one router (three

would be best) and at least one PC running as a TFTP server. TFTP server

software must be installed and running on the PC. For these labs, it is

also assumed that your PC and the router(s) are connected together with

a switch or hub and that all interfaces (PC NIC and router interfaces) are

in the same subnet. You can alternately connect the PC directly to the

router or connect the routers directly to one another (use a crossover

cable in that case). Remember that the labs listed here were created for

use with real routers but can easily be used with the LammleSim IOS

version (found at

www.lammle.com/ccna

) or Cisco’s Packet Tracer program.

Here is a list of the labs in this chapter:

Lab 8.1: Backing Up Your Router IOS

Lab 8.2: Upgrading or Restoring Your Router IOS

Hands-on Lab 8.1: Backing Up Your Router IOS

In this lab, we’ll be backing up the IOS from flash to a TFTP host.

1.  Log into your router and go into privileged mode by typing

en

or

enable

.

2.  Make sure you can connect to the TFTP server that is on your network

by pinging the IP address from the router console.

3.  Type

show flash

to see the contents of flash memory.

4.  Type

show version

at the router privileged-mode prompt to get the

name of the IOS currently running on the router. If there is only one

file in flash memory, the

show flash

and

show version

commands

show the same file. Remember that the

show version

command shows

you the file that is currently running and the

show flash

command

shows you all of the files in flash memory.

5.  Once you know you have good Ethernet connectivity to the TFTP

server and you also know the IOS filename, back up your IOS by

typing

copy flash tftp

. This command tells the router to copy a

specified file from flash memory (this is where the IOS is stored by

default) to a TFTP server.

6.  Enter the IP address of the TFTP server and the source IOS filename.

The file is now copied and stored in the TFTP server’s default

directory.

Hands-on Lab 8.2: Upgrading or Restoring Your Router IOS

In this lab, we’ll be copying an IOS from a TFTP host to flash memory.

1.  Log into your router and go into privileged mode by typing

en

or

enable

.

2.  Make sure you can connect to the TFTP server by pinging the IP

address of the server from the router console.

3.  Once you know you have good Ethernet connectivity to the TFTP

server, type the

copy tftp flash

command.

4.  Confirm that the router will not function during the restore or

upgrade by following the prompts provided on the router console. It is

possible this prompt may not occur.

5.  Enter the IP address of the TFTP server.

6.  Enter the name of the IOS file you want to restore or upgrade.

7.  Confirm that you understand that the contents of flash memory will

be erased if there is not enough room in flash to store the new image.

8.  Watch in amazement as your IOS is deleted out of flash memory and

your new IOS is copied to flash memory.

If the file that was in flash memory is deleted but the new version wasn’t

copied to flash memory, the router will boot from ROM monitor mode.

You’ll need to figure out why the copy operation did not take place.

Review Questions

The following questions are designed to test your

understanding of this chapter’s material. For more information on

how to get additional questions, please see

www.lammle.com/ccna

.

You can find the answers to these questions in Appendix B, “Answers to

Review Questions.”

1.  What does the command

confreg 0x2142

provide?

A.  It is used to restart the router.

B.  It is used to bypass the configuration in NVRAM.

C.  It is used to enter ROM monitor mode.

D.  It is used to view the lost password.

2.  Which command will copy the IOS to a backup host on your network?

A.

transfer IOS to 172.16.10.1

B.

copy run start

C.

copy tftp flash

D.

copy start tftp

E.

copy flash tftp

3.  What command is used to permanently install a license on an ISR2

router?

A.

install license

B.

license install

C.

boot system license

D.

boot license module

4.  You type the following into the router and reload. What will the router

do?

Router(config)#

boot system flash c2800nm-advsecurityk9-mz.151-

4.M6.bin

Router(config)#

config-register 0x2101

Router(config)#

do sh ver

[output cut]

Configuration register is 0x2102 (will be 0x2101 at next reload)

A.  The router will expand and run the

c2800nm-advsecurityk9-

mz.151-4.M6.bin

IOS from flash memory.

B.  The router will go into setup mode.

C.  The router will load the mini-IOS from ROM.

D.  The router will enter ROM monitor mode.

5.  A network administrator wants to upgrade the IOS of a router without

removing the image currently installed. What command will display

the amount of memory consumed by the current IOS image and

indicate whether there is enough room available to hold both the

current and new images?

A.

show version

B.

show flash

C.

show memory

D.

show buffers

E.

show running-config

6.  The corporate office sends you a new router to connect, but upon

connecting the console cable, you see that there is already a

configuration on the router. What should be done before a new

configuration is entered in the router?

A.  RAM should be erased and the router restarted.

B.  Flash should be erased and the router restarted.

C.  NVRAM should be erased and the router restarted.

D.  The new configuration should be entered and saved.

7.  Which command loads a new version of the Cisco IOS into a router?

A.

copy flash ftp

B.

copy nvram flash

C.

copy flash tftp

D.

copy tftp flash

8.  Which command will show you the IOS version running on your

router?

A.

sh IOS

B.

sh flash

C.

sh version

D.

sh protocols

9.  What should the configuration register value be after you successfully

complete the password recovery procedure and return the router to

normal operation?

A.  0x2100

B.  0x2101

C.  0x2102

D.  0x2142

10.  You save the configuration on a router with the

copy running-config

startup-config

command and reboot the router. The router, however,

comes up with a blank configuration. What can the problem be?

A.  You didn’t boot the router with the correct command.

B.  NVRAM is corrupted.

C.  The configuration register setting is incorrect.

D.  The newly upgraded IOS is not compatible with the hardware of

the router.

E.  The configuration you saved is not compatible with the hardware.

11.  Which command will install a Right-To-Use license so you can use an

evaluation version of a feature?

A.

install Right-To-Use license feature feature

B.

install temporary feature feature

C.

license install feature

D.

license boot module

12.  Which command determines the licenses that are active on your

system along with several status variables?

A.

show license

B.

show license feature

C.

show license udi

D.

show version

13.  Which command allows you to view the technology package licenses

and feature licenses that are supported on your router along with

several status variables?

A.

show license

B.

show license feature

C.

show license udi

D.

show version

14.  Which command displays the unique device identifier that comprises

the product ID and serial number of the router?

A.

show license

B.

show license feature

C.

show license udi

D.

show version

15.  Which command displays various pieces of information about the

current IOS version, including the licensing details at the end of the

command’s output?

A.

show license

B.

show license feature

C.

show license udi

D.

show version

16.  Which command backs up your license to flash memory?

A.

copy tftp flash

B.

save license flash

C.

license save flash

D.

copy license flash

17.  Which command displays the configuration register setting?

A.

show ip route

B.

show boot version

C.

show version

D.

show flash

18.  What two steps are needed to remove a license from a router? (Choose

two.)

A.  Use the

erase flash:license

command.

B.  Reload the system.

C.  Use the

license boot

command with the

disable

variable at the

end of the command line.

D.  Clear the license with the

license clear

command.

19.  You have your laptop directly connected into a router’s Ethernet port.

Which of the following are among the requirements for the

copy flash

tftp

command to be successful? (Choose three.)

A.  TFTP server software must be running on the router.

B.  TFTP server software must be running on your laptop.

C.  The Ethernet cable connecting the laptop directly into the router’s

Ethernet port must be a straight-through cable.

D.  The laptop must be on the same subnet as the router’s Ethernet

interface.

E.  The

copy flash tftp

command must be supplied the IP address of

the laptop.

F.  There must be enough room in the flash memory of the router to

accommodate the file to be copied.

20.  The configuration register setting of 0x2102 provides what function to

a router?

A.  Tells the router to boot into ROM monitor mode

B.  Provides password recovery

C.  Tells the router to look in NVRAM for the boot sequence

D.  Boots the IOS from a TFTP server

E.  Boots an IOS image stored in ROM

Yüklə 22,5 Mb.

Dostları ilə paylaş: