Cisco IPS-4255-K9 Installation Guide - Page 284
Disaster Recovery
UPC - 746320951096
View all Cisco IPS-4255-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 284 highlights
Disaster Recovery Chapter A Troubleshooting Note For IPS 5.0 and later, you can no longer remove the cisco account. You can disable it using the no password cisco command, but you cannot remove it. To use the no password cisco command, there must be another administrator account on the sensor. Removing the cisco account through the service account is not supported. If you remove the cisco account through the service account, the sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system image. To create the service account, follow these steps: Step 1 Step 2 Step 3 Step 4 Step 5 Log in to the CLI using an account with administrator privileges. Enter configuration mode. sensor# configure terminal Specify the parameters for the service account. sensor(config)# user username privilege service A valid username contains 1 to 64 alphanumeric characters. You can also use an underscore (_) or dash (-) in the username. Specify a password when prompted. If a service account already exists for this sensor, the following error is displayed and no service account is created. Error: Only one service account may exist Exit configuration mode. sensor(config)# exit sensor# When you use the service account to log in to the CLI, you receive this warning. WARNING UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED. This account is intended to be used for support and troubleshooting purposes only. Unauthorized modifications are not supported and will require this device to be reimaged to guarantee proper operation Disaster Recovery This section provides recommendations and steps to take if you need to recover your sensor after a disaster. Follow these recommendations so that you are ready in case of a disaster: • If you are using the CLI, IDM, or IME for configuration, copy the current configuration from the sensor to an FTP or SCP server any time a change has been made. • You should note the specific software version for that configuration. You can apply the copied configuration only to a sensor of the same version. • You also need the list of user IDs that have been used on that sensor. The list of user IDs and passwords are not saved in the configuration. Cisco Intrusion Prevention System Appliance and Module Installation Guide for IPS 7.0 A-6 OL-18504-01