Issues with configuration left on kit.

Forums > Community Lab > Issues with configuration left on kit.

owd_mon 2 posts	2 Jan 2010 at 5:15 p.m. UTC Hi Stretch Thanks for all the effort you are putting into maintaining this web site, and maintaining the lab. Quite a few people are having issues with lab kit having previous users configurations on them, not being able to log on due to incorrect passwords. May I suggest this as a possible resolution to the issue. As you manage/maintain the kit feel free to kick my idea in to touch - I may be creating issues. Connect one of the ports of S1 and S2 and a pc (nothing fancy required) to a small unmanageable switch. The pc would run a TFTP server (I use Solarwinds free) which is configured to only transmit files (not receive), and be configured with an IP address of 192.168.250.250 say. The TFTP server would hold basic configuration files for all the kit, including correct passwords. The file names of the configuration files would match the name of the device they relate to. Users of the lab must i) keep the port on the lab switch leading to this unmanaged switch shutdown whilst working on their labs ii) not use the 192.168.250.0 network iii) must restore their lab kit to an agreed position prior to their session finishing i.e remove all their work. If they need, they could copy from the TFTP server a config file that would return the device to an agreed start position, and correct password. The procedure would be: On the switches: 1) Shut all ports down 2) Configure the VTP mode as transparent 3) Open the necessary ports to allow connection to the TFTP server, and place in VLAN 1. 4) Assign an IP address to VLAN 1 in the 192.168.250.0 network - perhaps hosts in the range 1-99 for those using lab A, and hosts in range 101-199 if using lab B to ensure no duplicate IP addresses. 5) issue the commands: S1#del flash:vlan.dat S1#wr erase S1#copy tftp start enter ip address of tftp server - 192.168.250.250 enter name of switch for the config file to retrieve enter startup-config as the destination S1#reload The reload command is necessary to remove the VLAN data. Once reloaded the switch is ready for the next person. On the router 1) Configure the ip address on one of the fast ethernet interfaces in the 192.168.250.0 network - perhaps hosts in the range 1-99 if using lab A, and hosts in range 101-199 if using lab B to ensure no duplicate IP addresses. 2) Close all ports on the switches bar those that allow the router access to the unmanaged switch, and ensure both ports are in the same vlan. 3) issue the commands: R1#wr erase R1#copy tftp start enter ip address of tftp server - 192.168.250.250 enter name of switch for the config file to retrieve enter startup-config as the destination R1#configure replace nvram:startup-config The running configuration will now be replaced by the start-up configuration ready for the next person. We could replace the start-up configuration directly from the tftp server (#replace tftp://192.168.250.250/router name) but it may be better to have the right config file in NVRAM. I have not used the configure replace command - my routers are running old IOS's which do not support this command. I assume the IOS on the routers within the lab are fairly new and will support this command. For those interested in the command see : http://www.nil.com/ipcorner/ConfigReplacement/ I have no experience with firewalls so cannot suggest anything for these devices. With clear and precise instructions there would be no real excuse for users not cleaning up after themselves - out of courtesy for other users they should ensure they leave themselves enough time to complete the procedure. I appreciate that the temptation is to complete the lab you are working through but... Stretch, I appreciate this would involve more cost and time on your behalf and may create issues I had not forseen. Your comments would be appreciated. I am always open to constructive critiscm.
stretch 258 posts	2 Jan 2010 at 10:59 p.m. UTC If users can't even remember to perform a `wr erase` at the end of their session, what makes you think they'd remember to not utilize a certain port or network? I have considered a system for clearing configurations at the end of a reservation but am not yet confident enough in it to deploy it. As for saving configs, copy and paste to notepad.
Doug_Kenline 20 posts	3 Jan 2010 at 9:50 p.m. UTC What about resetting the switch to factory default settings upon logging in. Should only take a couple of minutes and you don't have to wonder or worry about anything anybody else left on there. Wouldn't this be the same as if you had just purchased a brand new shiny switch from Cisco and just plugged it in to your network? Wouldn't this be the smart thing to do at the beginning of every lab session so you know exactly where you stand as far as configurations go? Are there any old hands out there who would ever do anything else other than immediately reset the switch to factory default settings? Wouldn't this be the cleanest and most professional thing to do under these circumstances? What reason would there be not to do it? Immediately reset the switch to factory default settings. Could we not say for the beginners here that this is in fact the best thing for you to do? What good is trying to look around and see what kind of garbage and mess was left on there from the guy who just got kicked off. Just reset the damn thing to factory default settings and go to town on your lab. That's my two cents worth for today. SW1#write erase SW1#del vlan.dat SW1#reload SW1#save config? no

Viewing 1 - 3 of 3