Howto:Config or Password Recovery: Difference between revisions
m (Highlighting of command to send config, minor rephrasing for clarification, added related articles) |
|||
Line 18: | Line 18: | ||
===Problem Details=== | ===Problem Details=== | ||
In case you have lost the password for innovaphone device and there no recent config backup available, you are still able to recover the device config. | In case you have lost the password for an innovaphone device and there is no recent config backup available, you are still able to recover the device config. | ||
There two possible solutions, depending on given requirements: | There are two possible solutions, depending on given requirements: | ||
*[[Howto:Config_or_Password_Recovery#Update_Server|Update Server approach]] | *[[Howto:Config_or_Password_Recovery#Update_Server|Update Server approach]] | ||
*[[Howto:Config_or_Password_Recovery#TFTP|TFTP approach]] | *[[Howto:Config_or_Password_Recovery#TFTP|TFTP approach]] | ||
The | The prefered approach is to use an Update Server. The last resort is to use TFTP mode to download the device config. | ||
===System Requirements=== | ===System Requirements=== | ||
Line 38: | Line 38: | ||
===Update Server=== | ===Update Server=== | ||
If you know that there is an [[Reference:Update_Server|Update Server]] URL configured on the device and you have access to the web server with update script on it, you can change polled update script | If you know that there is an [[Reference:Update_Server|Update Server]] URL configured on the device and you have access to the web server with an update script on it, you can change the polled update script as follows to reset the admin password on the device. | ||
# reset password | # reset password | ||
Line 52: | Line 52: | ||
===TFTP=== | ===TFTP=== | ||
If | If the prefered usage of the Update Server approach is not possible you have to get the device configuration via TFTP as a last resort. Make sure you have read articles about [[Howto:How_to_Reset_IPXXX_%2C_factory_default%2C_led_behaviour%2C_tftp_mode%2Cclear_config%2Cgwload|Factory Reset]] and [[Howto:How_to_use_gwload|Gwload Utility]], before you start to recover the device configuration via TFTP. | ||
====Set device to TFTP mode==== | ====Set device to TFTP mode==== | ||
Setting the device in TFTP mode is made by pressing reset button on gateway for ca. 1,5-2 sec(active LED must blink 3 times). Be careful cause if you press reset button too long it will perform factory reset, | Setting the device in TFTP mode is made by pressing reset button on gateway for ca. 1,5-2 sec (active LED must blink 3 times). Be careful cause if you press reset button too long, it will perform a factory reset, which means the config is lost. | ||
====Set IP adress of device with gwload==== | ====Set IP adress of device with gwload==== | ||
Once set to TFTP mode | Once set to TFTP mode, the device is without IP address so you have to set it with gwload: | ||
gwload /gwtype 6000 /i 192.168.0.1 /setip | gwload /gwtype 6000 /i 192.168.0.1 /setip | ||
Line 73: | Line 73: | ||
Now | Now you'll have a file with config text repeated several times in it, so you have to search for latest config that was saved in this ring buffer. | ||
This config can be changed to a known password ( e.g. config change CMD0 /user admin, | This config can be changed to a known password ( e.g. config change CMD0 /user admin,ip6000 ). After sending this config to the device: | ||
On the first start of the firmware | |||
gwload /gwtype 6000 /i 192.168.0.1 /setip /cfg config.txt | |||
the new config is effective. | |||
On the first start of the firmware the user/password definition is copied from the commandline to a crypted var. | |||
This procedure keeps the configuration and the flashdir (ldap) directory because no long reset is done. | This procedure keeps the configuration and the flashdir (ldap) directory because no long reset is done. | ||
Line 83: | Line 87: | ||
The <code>config.txt</code> file recovered with TFTP only includes the partial configuration (lines starting with <code>config change</code>). No <code>vars</code>, no <code>FLASHDIR</code>. | The <code>config.txt</code> file recovered with TFTP only includes the partial configuration (lines starting with <code>config change</code>). No <code>vars</code>, no <code>FLASHDIR</code>. | ||
<!-- == Related Articles == --> | <!-- == Related Articles == --> | ||
== Related Articles == | |||
[[Howto:How to use gwload]] | |||
[[Howto:How_to_Reset_IPXXX_%2C_factory_default%2C_led_behaviour%2C_tftp_mode%2Cclear_config%2Cgwload | How to reset a IPxxx.]] | |||
[[Howto:Change the default admin password in the config file?]] | |||
[[Category:Howto|{{PAGENAME}}]] | [[Category:Howto|{{PAGENAME}}]] |
Latest revision as of 17:58, 13 March 2023
This article describes approaches to recover devices with lost admin password.
Applies To
This information applies to:
- IP3000, boot 320
- IP400, boot 319
- IP21, boot 326
- IP200, boot 338
- IP800, boot 405
- IP6000, boot 132
- IP22,IP24,IP302,IP305, boot 357
earlier boot code versions may not work or have different command names.
More Information
Problem Details
In case you have lost the password for an innovaphone device and there is no recent config backup available, you are still able to recover the device config.
There are two possible solutions, depending on given requirements:
The prefered approach is to use an Update Server. The last resort is to use TFTP mode to download the device config.
System Requirements
Update Server approach:
- Update Server URL need to be configured before you have lost the password
TFTP approach:
- appropriate boot code version need to be installed on device
- gwload.exe
- TFTP client
Update Server
If you know that there is an Update Server URL configured on the device and you have access to the web server with an update script on it, you can change the polled update script as follows to reset the admin password on the device.
# reset password config change CMD0 /name mydevicehostname /log on /user admin,ip6000 config write # encrypt it config activate # remove from visible config config change CMD0 /name mydevicehostname /log on # done
In case one of ETH interfaces is configured as DHCP client, you can provide Update Server URL to device via DHCP.
TFTP
If the prefered usage of the Update Server approach is not possible you have to get the device configuration via TFTP as a last resort. Make sure you have read articles about Factory Reset and Gwload Utility, before you start to recover the device configuration via TFTP.
Set device to TFTP mode
Setting the device in TFTP mode is made by pressing reset button on gateway for ca. 1,5-2 sec (active LED must blink 3 times). Be careful cause if you press reset button too long, it will perform a factory reset, which means the config is lost.
Set IP adress of device with gwload
Once set to TFTP mode, the device is without IP address so you have to set it with gwload:
gwload /gwtype 6000 /i 192.168.0.1 /setip
Download config from device using TFTP-Client
Now you can use any TFTP client to download the config from device. There two different versions of boot code, so config file on device can be called c
or config
.
Open shell of your operating system and type:
tftp -i 192.168.0.1 GET config config.txt
or if you have device with older boot code version:
tftp -i 192.168.0.1 GET c config.txt
Now you'll have a file with config text repeated several times in it, so you have to search for latest config that was saved in this ring buffer.
This config can be changed to a known password ( e.g. config change CMD0 /user admin,ip6000 ). After sending this config to the device:
gwload /gwtype 6000 /i 192.168.0.1 /setip /cfg config.txt
the new config is effective. On the first start of the firmware the user/password definition is copied from the commandline to a crypted var.
This procedure keeps the configuration and the flashdir (ldap) directory because no long reset is done.
Known Problems
The config.txt
file recovered with TFTP only includes the partial configuration (lines starting with config change
). No vars
, no FLASHDIR
.