USB Disable for Cisco ISRs Feature Module



Similar documents
Router Security Audit Logs

Connecting to the Firewall Services Module and Managing the Configuration

3.1 Connecting to a Router and Basic Configuration

Image Verification. Finding Feature Information. Restrictions for Image Verification

Controlling Access to a Virtual Terminal Line

Transferring Files Using HTTP or HTTPS

Lab Review of Basic Router Configuration with RIP. Objective. Background / Preparation. General Configuration Tips

Password Recovery Procedure for the Cisco 3600 and 3800 Series Routers

Enhanced Password Security - Phase I

Encrypted Preshared Key

Managing Storage Services Modules

Password Recovery Procedure for the Cisco Catalyst 2948G L3, 4840G, and 4908G L3 Switch Routers

Password Recovery Procedure for the Cisco 806, 826, 827, 828, 831, 836, 837 and 881 Series Routers

- Advanced IOS Functions -

Objectives Understand Cisco IOS system architecture components. Work with the Cisco IOS Command Line Interface (CLI) and common commands.

The Purpose and Use of the Configuration Register on All Cisco Routers

Installing and Configuring External Flash Memory Cards in Cisco 3600 Series Routers

Using Cisco IOS Software

Enhanced Password Security - Phase I

NetFlow v9 Export Format

Lab 8.4.3b Managing Cisco IOS images with ROMMON and TFTP

Password Recovery Procedure for the Cisco 2900 Series Integrated Services Router

crypto key generate rsa

Upgrading Software Using the Online Installer

Flow-Based per Port-Channel Load Balancing

Digitally Signed Cisco Software

Backing Up and Restoring Data

Lab Introductory Lab 1 - Getting Started and Building Start.txt

Basic Configuration of the Cisco Series Internet Router

Configuring a Load-Balancing Scheme

Virtual Fragmentation Reassembly

QoS: Color-Aware Policer

Lab Load Balancing Across Multiple Paths

Encrypted Preshared Key

Consolidated Packages and SubPackages Management

Lab Advanced Telnet Operations

Cisco Router Configuration Tutorial

Configuring Port Security

Lab Configuring PAT with SDM and Static NAT using Cisco IOS Commands

L2TP Dial-Out Load Balancing and Redundancy

Configuring SIP Support for SRTP

Configuring Auto-MDIX

Basic Router and Switch Instructions (Cisco Devices)

Constraining IP Multicast in a Switched Ethernet Network

Managing ACE Software Licenses

Implementing Object Tracking on Cisco IOS XR Software

Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example

RADIUS Server Load Balancing

How To Install Cisco Asr 9000 Series Router Software On A Mini Mini Mini (Cisco Ios) Router

Applicazioni Telematiche

AutoQoS. Prerequisites for AutoQoS CHAPTER

Per-Packet Load Balancing

GLBP - Gateway Load Balancing Protocol

DHCP Server Port-Based Address Allocation

Cisco Configuration Professional Quick Start Guide

Angelos Stavrou. OF COURSE there is no Magic so lets see show things work in practice...

Lab 5.3.9b Managing Router Configuration Files Using TFTP

This feature was introduced. This feature was integrated in Cisco IOS Release 12.2(11)T.

Configuring System Message Logging

Backup and Recovery Procedures

Configuring a Load-Balancing Scheme

Configuring Secure Socket Layer HTTP

Configuring Enhanced Object Tracking

How to Configure Cisco 2600 Routers

Lab Creating a Logical Network Diagram

Simple Network Management Protocol

Lab Configuring DHCP with SDM and the Cisco IOS CLI

Lab: Basic Router Configuration

BGP Link Bandwidth. Finding Feature Information. Contents

ROM Monitor. Entering the ROM Monitor APPENDIX

Firewall Support for SIP

Lab 8.4.3a Managing Cisco IOS Images with TFTP

Chapter 6 Updating Software Images and Configuration Files

Configuring Voice over IP

Lab 8.3.3b Configuring a Remote Router Using SSH

ROLE-BASED COMMAND-LINE INTERFACE ACCESS

Lab Introductory Lab 1 Getting Started and Building Start.txt

Understanding Interface Numbering and Cisco IOS Software Basics

HTTP 1.1 Web Server and Client

Lab 3 Routing Information Protocol (RIPv1) on a Cisco Router Network

How Do I Upgrade Firmware and Save Configurations on PowerConnect Switches?

Basic Software Configuration Using the Cisco IOS Command-Line Interface

Cisco IOS XR Diagnostics

Public Key Infrastructure Configuration Guide, Cisco IOS Release 15MT

Firewall Stateful Inspection of ICMP

Upgrading to the Cisco ubr7246vxr Universal Broadband Router

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

Getting Started with Configuring Cisco IOS NetFlow and NetFlow Data Export

Configuring SSH and Telnet

Lab 5.5 Configuring Logging

USB etoken and USB Flash Features Support

Router Recovery with ROM Monitor

Configuring a Router

End of Sale/End of Life Report Tool Usage Notes for CiscoWorks NCM 1.6

Getting Started Guide for Cisco UCS E-Series Servers, Release 2.x

Configuring Password Encryption

Configuring the Scheduler

Objectives. Router as a Computer. Router components and their functions. Router components and their functions

Cisco Router Configuration Basics. Scalable Infrastructure Workshop

Transcription:

USB Disable for Cisco ISRs Feature Module First Published: March 28, 2011 Part Number: This guide describes the USB Disable feature in the following major sections: Feature Introduction, page 1 Restrictions, page 2 How to Disable USB Ports, page 4 How to Re-enable USB Ports, page 6 Command Reference, page 7 Feature Information for Disabling USB Ports, page 10 Feature Introduction The USB Disable feature provides Cisco IOS administrators with the ability to disable all USB ports on the router. Default Setting The Cisco IOS enables USB ports by default, which preserves existing USB functionality such as the following: Booting the Cisco IOS from a USB port Saving configuration files to a router for Cisco IOS reloads Note Using the USB Disable feature (to disable or re-enable the USB ports) requires a router reboot. When USB ports are disabled from within the Cisco IOS, USB functionality remains unavailable until re-enabled. Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA 2011 Cisco Systems, Inc. All rights reserv

Restrictions USB Disable for Cisco ISRs Feature Module CLI Commands The USB Disable feature includes the Cisco IOS commands described in Table 1. Table 1 Cisco IOS Commands for the USB Disable Feature CLI Command no Purpose Disabling all USB ports on the router. See How to Disable USB Ports, page 4 for details. Re-enabling the USB ports requires the no version. See How to Re-enable USB Ports, page 6 for details. See Command Reference, page 7 for complete reference information. Restrictions Use of the USB Disable feature is restricted as follows: Only Cisco IOS administrators with enable-mode privileges have the ability to disable (and re-enable) the USB ports. The USB Disable feature is available only on the Cisco Integrated Services Routers (ISRs) listed in Supported Platforms, page 2. You must reboot the router after entering the CLI command (to disable or re-enable the USB ports). Note USB ports are not meant to be disabled or re-enabled dynamically. When you disable or re-enable USB ports on a router, the change is implemented globally affecting all USB ports. This feature, therefore, is intended for initial router configuration and deployment options and not for real-time operations. Supported Platforms The USB Disable feature is supported only on the following Cisco ISR Generation 2 (G2) platforms: Cisco 1941 ISR Cisco 2901 ISR Cisco 2911 ISR Cisco 2921 ISR Cisco 2951 ISR Cisco 3925 ISR Cisco 3925E ISR with Services Performance Engine (SPE) 250 Cisco 3945 ISR Cisco 3945E ISR with SPE 250 2

USB Disable for Cisco ISRs Feature Module Restrictions Standards No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. MIBs No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature. To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use the Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs RFCs No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature. Technical Assistance The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, tools, and technical documentation. Registered Cisco.com users can log in from this page to access even more content. http://www.cisco.com/techsupport 3

How to Disable USB Ports USB Disable for Cisco ISRs Feature Module How to Disable USB Ports To disable all USB ports on the router, use the command and start in privileged EXEC mode. SUMMARY STEPS 1. configure terminal 2. 3. exit 4. copy running-config startup-config 5. reload DETAILED STEPS Command or Action Purpose Step 1 configure terminal Enters global configuration mode. Step 2 Disables USB ports on the router. Step 3 exit Exits Global Configuration mode. Step 4 copy running-config startup-config Saves the configuration to NVRAM. Step 5 reload Reloads Cisco IOS. Caution Disabling the USB ports does not take effect until after you reload Cisco IOS on the router. RESULTS After you reload Cisco IOS, the USB ports are disabled, and the show usb command is no longer available in the CLI. Note For routers configured with USB Type A flash (or smart card on a USB token): The dir, copy, erase, boot system, and format commands no longer include keywords usbflash[0-9] or usbtoken[0-9]. 4

USB Disable for Cisco ISRs Feature Module Verifying the USB Ports Are Disabled Verifying the USB Ports Are Disabled To verify all USB ports on the router are disabled, use the show running-config include usb command and start in privileged EXEC mode. SUMMARY STEPS 1. show running-config include usb 2. show usb port 3. exit DETAILED STEPS Command or Action Purpose Step 1 show running-config include usb Indicates status of the current configuration. Step 2 Verify the output includes the following line: Verifies that USB support is disabled. Step 3 show usb port Shows the current USB configuration. Step 4 Verify the output includes the following lines: ^ % Invalid input detected at '^' marker. Provides additional confirmation that USB support is disabled. 5

How to Re-enable USB Ports USB Disable for Cisco ISRs Feature Module How to Re-enable USB Ports You can re-enable all USB ports using the no command. SUMMARY STEPS 1. config terminal 2. no 3. exit 4. copy running-config startup-config 5. reload DETAILED STEPS Command or Action Purpose Step 1 configure terminal Enters global configuration mode. Step 2 no Re-enables USB ports on the router. Step 3 exit Exits Global Configuration mode. Step 4 copy running-config startup-config Saves the configuration to NVRAM. Step 5 reload Reloads Cisco IOS. Caution Re-enabling the USB ports does not take effect until after you reload Cisco IOS on the router. RESULTS After you reload Cisco IOS, the USB ports are re-enabled, and the show usb command becomes available in the CLI. Note For routers configured with USB Type A flash (or smart card on a USB token): The dir, copy, erase, boot system, and format commands include keywords usbflash[0-9] or usbtoken[0-9]. 6

USB Disable for Cisco ISRs Feature Module Command Reference Command Reference This section documents the following new commands: no All other commands used with this feature are documented in the Cisco IOS Release 15.1(4)T command reference publications. 7

USB Disable for Cisco ISRs Feature Module To disable the USB ports on the router, enter the command. To re-enable the USB ports, enter the no command. no Command Modes Global configuration Command History Release Cisco IOS Software Release 15.1(4)M Modification This command was introduced. Usage Guidelines To disable or re-enable the USB ports on the router, you must enter the copy running-config startup-config command to save the changes and then reload Cisco IOS on the router. To verify the USB ports are disabled after reloading Cisco IOS, you can enter the show running-config include usb command or show usb port command to make sure all usbflash: directories are excluded from output. After you have disabled the USB ports, the show usb command is not available in the CLI. After you have disabled the USB ports, the usbflash:, usbflash0:, and usbflash1: keyword(s) are not available in the dir, copy, erase, boot system, and format commands. The command is available on the following Cisco ISR Generation 2 (G2) platforms: Cisco 1941 ISR Cisco 2901 ISR Cisco 2911 ISR Cisco 2921 ISR Cisco 2951 ISR Cisco 3925 ISR Cisco 3925E ISR with Services Performance Engine (SPE) 250 Cisco 3945 ISR Cisco 3945E ISR with SPE 250 Examples The following example shows how to disable the USB ports and verify the configuration: To disable all USB ports on the router: router#configure terminal router(config)# Warning: this command requires a reload to take effect. 8

USB Disable for Cisco ISRs Feature Module router(config)#exit router#copy running-config startup-config Building configuration... [OK] router#reload Proceed with reload? [confirm] System Bootstrap, Version xx.x(x), RELEASE SOFTWARE (xxx) Technical Support: http://www.cisco.com/techsupport Copyright (c) 2011 by Cisco Systems, Inc. PLD version 0x GIO ASIC version 0x...output truncated... To verify the USB ports are disabled after reloading the Cisco IOS: Example 1 Using the show running-config command router>show running-config Building configuration... Current configuration:! version 15.x...output truncated......output truncated... router> Example 2 Using the show usb port command router#show usb port...output truncated... ^ % Invalid input detected at '^' marker....output truncated... router> 9

Feature Information for Disabling USB Ports USB Disable for Cisco ISRs Feature Module Feature Information for Disabling USB Ports Table 2 lists release history for this feature. Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation. Note Table 2 lists only the Cisco IOS software release that introduced support for this feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support this feature. Table 2 Release 15.1(4)M Release History for USB Disable Modifications This feature was introduced. 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information