Cannot console into VPN 3005 concentrator

[TSupportEngineer]

Hi all. We have a 3005 VPN concentrator we cannot VPN into to reconfigure. Just got it off eBay (yes, that could be the problem), so I can't check the IP address either. It boots up okay per the lights. Using Teraterm, w/9600,8,1,hardware, on COM1. Tried Hypertermial also. Cannot get a reaction from the concentrator. Any suggestions? Thanks in advance. TSupportEngineer.

 

[KiscoKid]

My first inclination is that the baud rate may have been changed from something other than 9600 for the console session.

However now I come to think of it, I'm not sure you can change the baud rate settings for the 3005 (albeit I've never tried).

I would try.. in the following order:

1. A different console cable and connector.
2. Buffering CTRL-C after the LED diagnostics has completed. Don't buffer too often however to avoid locking the console session.
2. Different baud rates on the console session (may need to restart the console session each time). If this is the issue, I'd expect you to see something .. albeit garbage.. on the screen

 

[TSupportEngineer]

Thanks Kid, but no cigar. Tried all the above. Something is screwy. Unfortunately don't have the IP address, so I can't telnet in. I'll keep working on it, but thanks for the time and info!!
TSupportEngineer

 

[CCIE9277]

If you can't get anything from the console its unlikely you would be able to telnet, ssh or https to the box anyway.

The settings are definitely

9600 bits per second

8 data bits

no parity

1 stop bit

hardware flow control

I don't know of anyway to change these in the concentrator itself.

Might have bought a dud.

 

[CCIE9277]

Just out of curiousity, what type of cable are you using?

 

[TSupportEngineer]

We have tried both the black and the silver Cisco rollover cables as well as trying a standard cat5 patch cable. Appreciate your input. We did try the settings you suggested and tried (for the heck of it) different baud rates as well as "no flow control" and the "X on", "X off" control. Got to be something we're missing. We're working with the person we got it from and will post what we find, or if we were not able to get into the console what we don't find. (the status lights indicate to us everything SHOULD be ok). Additional suggestions or inquiries are still welcome! Thanks.
TSupportEngineer

 

[eurobadger]

Hi

You might find this useful. Step 1 says you need a straight-through cable:

Password Recovery Procedure for the Cisco VPN 3000 Series
This document describes the password recovery procedure for the following Cisco Virtual Private Network (VPN) products running version 2.5.1 or later.
Cisco VPN 3002 Cisco VPN 3015
Cisco VPN 3060
Cisco VPN 3005 Cisco VPN 3030 Cisco VPN 3080

For concentrators running code version 2.5 or earlier, contact the Cisco TAC for password recovery assistance.
The factory default passwords for the Cisco VPN 3000 Series are:
username: admin
password: admin
Follow the steps below to recover a password.
Step 1 Connect a PC to the VPN Concentrator via a straight-through RS-232 serial cable between the console port on the VPN Concentrator and the COM1 or serial port on the PC (Cisco supplies the cable with the system).

Step 2 Start a terminal emulator (HyperTerminal) on the PC. Configure a connection on COM1 with port settings of:
9600 bits per second
8 data bits
no parity
1 stop bit
hardware flow control
Set the emulator for VT100 emulation, or let it auto-detect the emulation type.

Step 3 When the Concentrator boots, and after the diagnostics check is complete, a line of three dots (...) appears on the console, a sample of which is shown below for reference. Press Ctrl-C within 3 seconds after seeing these dot. This displays a menu that lets you reset the system passwords to their defaults.

Boot-ROM Initializing...
Boot configured 128Mb of RAM. ...

!--- At this second set of three dots, press Ctrl-C


Loading image ..........
Verifying image checksum ...........
Active image loaded and verified...
Starting loaded image...
Starting power-up diagnostics...

...
Main Menu Options
-----------------
1 - Reset Passwords
Q - Quit Main Menu

EB

 

[TSupportEngineer]

Thanks eurobadger, but the problem is I cannot get into the console prompt in the first place.

 

[JOAMON]

Take a look at your cables...I believe the black Cisco cable is a rollover....not sure about the silver one....the 3000 series uses a straight through cable with a Cisco DB9 adapter.

 

[TSupportEngineer]

Thanks Joamon,
We tried the straight through also. This is a strange one. We are still trying to work with the seller, I will post the outcome (if there is one!).

 

[JOAMON]

Are you using a Cisco DB9 adapter? If you have a crimp tool take one of your rollover cables and make it into a straight through and try it. Have never used patch cord for console...should work but maybe as the two center pair are twisted it may foul up the signaling in some way. Worth a try.

 

[TSupportEngineer]

Hi again and thanks for the continued interest! Yes, we are using Cisco adapters, tried swapping those. We'll try your suggestion also. Thanks!

 

[petehall]

Hi

I've just read your post & I had the same problem with a cisco 3005 concentrator. You need a special cisco cable for this. I have one manufactured by cisco with a female DB9 connector at each end. It has a part no of 37-0303-01 rev A0. I have just put it on a cable checker which says it is wired pin to pin but because it is moulded at each end I cannot tell if there are any other connections. Hope this helps

 

[TSupportEngineer]

Hi all, thanks for all the help. We tried again with a different straight-through (regular cat 5 cable) and got in. The first one we used must have a loose connector or something. Anyhow we are in. Thanks again!
TSupportEngineer.