From: Jay Hennigan (jay@xxxxxxxx)
Date: Wed Jul 17 2002 - 21:43:03 GMT-3
On Wed, 17 Jul 2002, Anthony Pace wrote:
> This is actually a real "gottcha" that bites you more in real life than
> in the practice labs. On a practice lab you can more or less do things
> in any order, but it is not uncommon to make the mistake of applying
> the access list to an interface. So far, so good. Then as soon as you
> create one line, the implicit deny cuts off everyone's access.
> Including your telnet session. Now you have to get to the router, and
> fast, and get a console hooked up.
"reload in" is your friend.
When making remote changes to a router, before configuring enter the
command "reload in 15". Then make your changes. If you manage to lock
yourself out, 15 minutes after you started the router will reboot itself.
Because you were locked out, the change that locked you out won't be
written to memory and you'll come back happy with the old configuration.
Once you've successfully reconfigured without locking yourself out, then
"reload cancel" will kill the scheduled reload and you can write memory.
I've use this trick many times when working with a carrier to change
LMI type or number of channels on a frame-relay circuit. You get telco
on the line, log in to the router, "reload in 15". Then change your
remote interface, effectively locking yourself out until telco changes
their side. If all goes well, you log back in, cancel the reload and
save. If telco can't change their side (or does it to the wrong circuit),
then 15 minutes later you're back where you started without a trip across
town or across the country.
-- Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net NetLojix Communications, Inc. - http://www.netlojix.com/ WestNet: Connecting you to the planet. 805 884-6323
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:34 GMT-3