Differences

This shows you the differences between two versions of the page.

--- networking:cisco-1921 [17/10/2025 14:52] – [Cisco 1921 Gigabit router] andrew
+++ networking:cisco-1921 [18/11/2025 16:04] (current) – [Running Config] andrew
@@ Line 1: / Line 1: @@
 ====== Cisco 1921 Gigabit router ======
+===== Background =====
 {{:networking:cisco1921.png?400 |Cisco 1921}}
 Replaces [[cisco-1841|Cisco ADSL & 1841 router]] as this is a Fast Ethernet only router, the 1921 is a similar router but with Ge0/0 and Ge0/1 interfaces and two hwic slots. I have a EHWIC-1GE-SFP-CU card as well because in the foreseeable future I may need to bring the internet in from the ISP ONT some distance away, so a utp to fibre next to the ONT would link to the WIC SFP port.
+Also, there is a USB port in addition to the serial connector, this implements a usb to serial converter internally, it shows up as ''/dev/ttyACM0''.
 {{ :networking:cisco-ehwic-sfp.png?100|Without SFP module}}
-Note this is NOT the direct fibre from the ISP, they provide a single WDM / TDM fibre to the ONT as part of the G-PON WAN network, then a Ethernet RJ45 from the ONT to a fibre converter and on to the 1941 SFP fibre in a different building.
+Note this is NOT the direct fibre from the ISP, they provide a single WDM / TDM fibre to the Optical Network Terminator (ONT) as part of the G-PON WAN network, then a Ethernet copper RJ45 from the ONT to a fibre converter and on to the 1941 SFP fibre in a different building.
 {{:networking:ehwic-1ge-sfp.png?200|sfp fibre module fitted}}
-Also, there is a USB port in addition to the serial connector, this implements a usb to seial converter internally, it shows up as /dev/ttyACM0.
-First problem...
+==== First problem... ====
 <code>
@@ Line 37: / Line 43: @@
-Carrying on without the WIC interface, just a copy and paste from the previous but with ''GigabitEthernet'' rather than ''FastEthernet''.
+Carrying on without the WIC interface, just a copy and paste from the previous [[cisco-1841-config|1841 config]] but with ''GigabitEthernet'' rather than ''FastEthernet''.
-I had this before but didn't document it:-
+I had this problem before enabling SSH but didn't document it:-
 <code>
@@ Line 76: / Line 82: @@
 router01(config)#
 </code>
+==== Updating Flash ====
+Having found an appropriate IOS which supports my WIC, I was able to tftp the file up to the flash: on the router, and then set the boot image to use the new image.
+If two images are present in flash, the router will boot off the first image it finds, this may not be the one you require, so set a boot image line. Once this new image is deemed stable, I will probably remove it from the router to an archive, and there will not be a requirement to set the image boot name.
+<code>
+router01#
+router01# copy tftp: flash:
+Address or name of remote host ?
+Source filename ?
+Destination filename [c1900-universalk9-mz.SPA.157-3.M2.bin]?
+Accessing tftp://192.168.x.y/c1900-universalk9-mz.SPA.157-3.M2.bin...
+Loading c1900-universalk9-mz.SPA.157-3.M2.bin from 192.168.x.y (via GigabitEthernet0/1): !!!!!!!!!!!!!!!!
+[OK - 85245200 bytes]
+85245200 bytes copied in 99.340 secs (858116 bytes/sec)
+router01#
+router01#sh flash:
+-#- --length-- -----date/time------ path
+     45801276 Jul 26 2012 09:32:54 c1900-universalk9-mz.SPA.150-1.M4.bin
+     85245200 Nov 16 2025 22:15:32 c1900-universalk9-mz.SPA.157-3.M2.bin
+125562880 bytes available (131047424 bytes used)
+router01#
+router01#conf t
+Enter configuration commands, one per line.  End with CNTL/Z.
+router01(config)#boot system flash c1900-universalk9-mz.SPA.157-3.M2.bin
+router01(config)#exit
+router01# copy run sta
+router01#
+</code>
+After a reboot:-
+<code>
+int-router01>sh ver
+Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.7(3)M2, RELEASE SOFTWARE (fc2)
+int-router01>sh ip interface brief
+Interface                  IP-Address      OK? Method Status                Protocol
+Embedded-Service-Engine0/0 unassigned      YES NVRAM  administratively down down
+GigabitEthernet0/0         82.120.220.241  YES NVRAM  down                  down
+GigabitEthernet0/1         unassigned      YES NVRAM  down                  down
+GigabitEthernet0/0/0       unassigned      YES NVRAM  up                    up
+</code>
+The ''GigabitEthernet0/0/0'' interface is the WIC (Slot 0, port 0/0), the 0/0 and 0/1 are the fixed ethernet interfaces.
+==== Running Config ====
+To show a running config without page breaks, use ''term length 0''
+Old running config from 1841 - needs updating to Gigabit interfaces.
+<code>
+version 15.1
+service timestamps debug datetime msec
+service timestamps log datetime msec
+service password-encryption
+!
+hostname my-router
+!
+boot-start-marker
+<del>boot system flash:c1841-advipservicesk9-mz.151-4.M6.bin</del>
+boot-end-marker
+!
+!
+logging buffered 51200 warnings
+enable secret 5 reallySecret
+!
+no aaa new-model
+!
+clock timezone GMT 0 0
+clock summer-time BST recurring 4 Sun Mar 1:00 4 Sun Oct 2:00
+dot11 syslog
+ip source-route
+!
+!
+!
+!
+!
+ip cef
+ip domain list mydomain.co.uk
+ip domain name mydomain.co.uk
+ip name-server 92.190.220.250
+ip name-server 220.168.200.20
+ipv6 source-route
+ipv6 unicast-routing
+ipv6 cef
+ipv6 multicast-routing
+!
+multilink bundle-name authenticated
+!
+crypto pki token default removal timeout 0
+!
+!
+!
+!
+license udi pid CISCO1841 sn FCZ090720RC
+username admin password 7 anothersecret
+!
+redundancy
+!
+!
+ip ssh time-out 60
+ip ssh version 2
+!
+!
+interface FastEthernet0/0
+ description Internet LAN to firewall
+ ip address ww.xx.yy.zz 255.255.255.248
+ duplex auto
+ speed auto
+!
+interface FastEthernet0/1
+ no ip address
+ duplex auto
+ speed auto
+ pppoe enable group global
+ pppoe-client dial-pool-number 1
+!
+interface Dialer0
+ description WAN link to ISP
+ ip address negotiated
+ encapsulation ppp
+ dialer pool 1
+ dialer idle-timeout 0
+ dialer persistent
+ dialer-group 1
+ ipv6 address dhcp rapid-commit
+ ipv6 enable
+ ipv6 traffic-filter adsl-ipv6 in
+ ppp chap hostname user@domain
+ ppp chap password 7 chappassword
+ no cdp enable
+!
+ip forward-protocol nd
+no ip http server
+no ip http secure-server
+!
+!
+ip route 0.0.0.0 0.0.0.0 Dialer0
+!
+ip access-list standard snmpv4
+ permit 82.190.220.252
+dialer-list 1 protocol ip permit
+ipv6 route ::/0 Dialer0
+!
+!
+!
+!
+snmp-server community mystring1 RO 22
+snmp-server community mystring2 RO snmpv4
+snmp-server ifindex persist
+snmp-server location Attic-comms-cab
+snmp-server contact support@mydomain.co.uk
+!
+!
+control-plane
+!
+!
+banner exec ^CCC
+Session established to $(hostname) on line $(line)^C
+banner login ^CCC
++-------------------------------------------------------+
+|             This is a private system and              |
+|      is only for the use of authorized personnel.     |
+|                                                       |
++-------------------------------------------------------+
+|                                                       |
+|  If you are allowed access, you will have been told.  |
+|    If you have to ask anyone if you are authorized,   |
+|                                                       |
+|                   -*YOU AREN'T*-                      |
+|                                                       |
++-------------------------------------------------------+
+^C
+banner motd ^CCCx^C
+!
+line con 0
+ password 7 top-secret
+ login
+line aux 0
+line vty 0 4
+ access-class 22 in
+ password 7 very-secret
+ login local
+ transport input ssh
+!
+scheduler allocate 20000 1000
+ntp server 123.123.123.1
+end
+</code>
@@ Line 93: / Line 309: @@
-OpenReach ONT
+OpenReach ONT (Believed to be a Nokia model)
 {{:networking:450px-fttp-ont-pon.jpg?100|}}