From: ccie2be (ccie2be@nyc.rr.com)
Date: Thu Nov 04 2004 - 21:56:38 GMT-3
Sorry, I haven't had a chance to try it just yet. I'm working on IE lab 13
and running into mucho problemo's getting the isdn dhcp nego to work
properly. And, i'm running out of rack time.
But, I'll try it probably tomorrow sometime.
----- Original Message -----
From: "Cisco Net" <network.cisco@gmail.com>
To: "ccie2be" <ccie2be@nyc.rr.com>
Cc: "Rob Laidlaw" <laidlaw@consecro.com>; "Edwards, Andrew M"
<andrew.m.edwards@boeing.com>; "Group Study" <ccielab@groupstudy.com>
Sent: Thursday, November 04, 2004 7:53 PM
Subject: Re: Tracking when & who made config changes in config file itself
> ccie2be,
> Are you able to make it work ?
> I tried configuring the clock and also tried with login local.
> Still does nto show those lines...
> Cert
>
>
> On Thu, 4 Nov 2004 16:20:28 -0500, ccie2be <ccie2be@nyc.rr.com> wrote:
> > Rob,
> >
> > You're fantastic!!!
> >
> > I'm gonna try it out in a few.
> >
> > That was my problem - I didn't set the clock. I suspect the same would
> > happen if I use NTP, but I'll try that too and make sure.
> >
> >
> >
> > Thanks, Tim
> >
> > ----- Original Message -----
> > From: "Rob Laidlaw" <laidlaw@consecro.com>
> > To: "ccie2be" <ccie2be@nyc.rr.com>; "Edwards, Andrew M"
> > <andrew.m.edwards@boeing.com>
> > Cc: "Group Study" <ccielab@groupstudy.com>
> > Sent: Thursday, November 04, 2004 4:12 PM
> > Subject: Re: Tracking when & who made config changes in config file
itself
> >
> > > By setting the internal clock of the router, you'll then start seeing
this
> > > in the config.
> > >
> > > !
> > > ! Last configuration change at 15:07:28 UTC Thu Nov 4 2004
> > > ! NVRAM config last updated at 15:06:37 UTC Thu Nov 4 2004
> > > !
> > >
> > > If you add a local username and password and make the person log in,
then
> > it
> > > will show that in the line,
> > >
> > > username rob pass xxxx
> > > line con 0
> > > login local
> > > exit
> > > User Access Verification
> > >
> > > Username: rob
> > > Password:
> > > lan-rtr>en
> > > Password:
> > > lan-rtr#wr mem
> > > Building configuration...
> > > [OK]
> > > lan-rtr#sh run
> > > Building configuration...
> > >
> > > Current configuration : 813 bytes
> > > !
> > > ! Last configuration change at 15:09:50 UTC Thu Nov 4 2004
> > > ! NVRAM config last updated at 15:10:01 UTC Thu Nov 4 2004 by rob
> > > !
> > >
> > > NO aaa commands needed for that.
> > >
> > > GL
> > >
> > > -rob
> > > ----- Original Message -----
> > > From: "ccie2be" <ccie2be@nyc.rr.com>
> > > To: "Rob Laidlaw" <laidlaw@consecro.com>; "Edwards, Andrew M"
> > > <andrew.m.edwards@boeing.com>
> > > Cc: "Group Study" <ccielab@groupstudy.com>
> > > Sent: Thursday, November 04, 2004 2:39 PM
> > > Subject: Re: Tracking when & who made config changes in config file
itself
> > >
> > >
> > > > Rob, You're right.
> > > >
> > > > But, in the lab, (and, I'm not saying that I know this is on the
lab) I
> > > > can't earn any points, if I say that to the proctor.
> > > >
> > > > If the lab asks me to configure the router so that who and when the
last
> > > > changes were made are in the config file, then configuring a syslog
> > server
> > > > won't do the trick.
> > > >
> > > > Do you think doing this requires enabling AAA?
> > > >
> > > > Thanks, Tim
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Rob Laidlaw" <laidlaw@consecro.com>
> > > > To: "ccie2be" <ccie2be@nyc.rr.com>; "Edwards, Andrew M"
> > > > <andrew.m.edwards@boeing.com>
> > > > Sent: Thursday, November 04, 2004 2:33 PM
> > > > Subject: Re: Tracking when & who made config changes in config file
> > itself
> > > >
> > > >
> > > > > If you really want to know whats going on, you'd do best to put up
an
> > > acs
> > > > > server and turn on aaa accounting for everything. You'll have a
big
> > > log,
> > > > > but it will show you EVERYTHING anybody does.
> > > > >
> > > > > GL
> > > > >
> > > > > -Rob
> > > > > ----- Original Message -----
> > > > > From: "ccie2be" <ccie2be@nyc.rr.com>
> > > > > To: "Edwards, Andrew M" <andrew.m.edwards@boeing.com>; "Group
Study"
> > > > > <ccielab@groupstudy.com>
> > > > > Sent: Thursday, November 04, 2004 12:44 PM
> > > > > Subject: Re: Tracking when & who made config changes in config
file
> > > itself
> > > > >
> > > > >
> > > > > > Thanks Andrew. That confirmed what I was thinking.
> > > > > >
> > > > > > Do you have any idea about the 2nd part of my question ie having
the
> > > > > router
> > > > > > put a line in the config that shows when and who made the last
> > > changes?
> > > > > >
> > > > > > Tim
> > > > > > ----- Original Message -----
> > > > > > From: "Edwards, Andrew M" <andrew.m.edwards@boeing.com>
> > > > > > To: "ccie2be" <ccie2be@nyc.rr.com>
> > > > > > Sent: Thursday, November 04, 2004 12:52 PM
> > > > > > Subject: RE: Tracking when & who made config changes in config
file
> > > > itself
> > > > > >
> > > > > >
> > > > > > The router is always logging to the console (for the level
settings
> > > > > > specified with logging con command) even when there is nothing
> > > connected
> > > > > > to it. Once the logging has occurred to the console, if nothing
is
> > > > > > there to see it and post in its own buffer (e.g. a computer)
then
> > you
> > > > > > wont be able to retrieve the messages.
> > > > > >
> > > > > > I'd suggest logging to con and buff to same level, then you can
go
> > > look
> > > > > > at the log on the local machine... Of course, logging to a
logging
> > > > > > server is best then you can turn off con and buff and save the
> > router
> > > > > > cpu and memory resources.
> > > > > >
> > > > > > HTH,
> > > > > >
> > > > > > andy
> > > > > > -----Original Message-----
> > > > > > From: ccie2be [mailto:ccie2be@nyc.rr.com]
> > > > > > Sent: Thursday, November 04, 2004 9:22 AM
> > > > > > To: Group Study
> > > > > > Subject: Tracking when & who made config changes in config file
> > itself
> > > > > >
> > > > > >
> > > > > > Hi guys,
> > > > > >
> > > > > > I apologize in advanced if these are dumb questions, but....
> > > > > >
> > > > > > I can't figure out how to view the 165 messages logged as shown
> > below
> > > to
> > > > > > the console. Does the 165 represent the number of messages IOS
sent
> > > to
> > > > > > the console and to see them I would have to scroll up quite a
bit?
> > If
> > > > > > so, when did the router first start counting? Was it from the
last
> > > time
> > > > > > the router was rebooted?
> > > > > >
> > > > > > Rack1R5#sh log
> > > > > > Syslog logging: enabled (0 messages dropped, 1 messages
> > rate-limited,
> > > 0
> > > > > > flushes, 0 overruns, xml disabled)
> > > > > > Console logging: level debugging, 165 messages logged, xml
> > > disabled
> > > > > > Monitor logging: level debugging, 0 messages logged, xml
> > disabled
> > > > > > Buffer logging: level debugging, 2 messages logged, xml
disabled
> > > > > > Logging Exception size (4096 bytes)
> > > > > > Count and timestamp logging messages: disabled
> > > > > > Trap logging: level informational, 170 message lines logged
> > > > > >
> > > > > > Log Buffer (4096 bytes):
> > > > > >
> > > > > > *Mar 1 20:57:35.698: %SYS-5-CONFIG_I: Configured from console
by
> > > > > > ROUTER4 on vty 0 (187.3.56.6) *Mar 1 20:57:42.582:
> > %CLEAR-5-COUNTERS:
> > > > > > Clear counter on all interfaces by ROUT ER4 on vty0 (187.3.56.6)
> > > > > >
> > > > > > Also, I would like the router to add lines to the config file
like
> > > > > > below:
> > > > > >
> > > > > > Router1#show running-config
> > > > > > Building configuration...
> > > > > >
> > > > > > Current configuration : 4285 bytes
> > > > > > !
> > > > > > ! Last configuration change at 12:58:26 EDT Fri Jun 27 2003 by
> > ijbrown
> > > !
> > > > > > NVRAM config last updated at 13:01:45 EDT Fri Jun 27 2003 by
kdooley
> > !
> > > > > >
> > > > > > I've tried various things but, so far, no success. This is what
> > I've
> > > > > > done so far.
> > > > > >
> > > > > > I added a username password command and enabled login local
under
> > the
> > > > > > vty lines. Then, I telnetted in and logged in under the name
> > ROUTER4.
> > > > > > Then, I logged out and re-entered the router via the console and
did
> > a
> > > > > > show run. I was expecting to see something like above, "Last
config
> > > > > > change at ..." But, no luck.
> > > > > >
> > > > > > Can someone explain what I need to do to have the router keep
track
> > of
> > > > > > when and who made changes to the config file and have that info
> > added
> > > to
> > > > > > the config file as shown above?
> > > > > >
> > > > > > TIA, Tim
> > > > > >
> > > > > >
> > >
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:38 GMT-3