Cat6500 Sup2T CMP Note

I’ve had the Sup2T’s in the lab for a couple of days now. This is the time for trying out everything I want before deploying the system to production.

One target for labbing is obviously the CMP, Connectivity Management Processor, which is new for Cat6500 systems. Nexus 7000 has already had it from the beginning.

Overview of the Sup2T CMP: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/cmp_configuration/guide/cmp_overview.html

After configuring the CMP with IP address (or using the default CMP IP information of 192.168.1.101/24, gateway 192.168.1.1) you can login to the CMP with SSH, and then use the attach command to attach to the supervisor route processor.

You might think that you are accessing the supervisor console with the attach command. That is not true however: The attach command takes you to “aux 0” port of the supervisor.

What is the difference? The important difference is that via the aux port you cannot enter the enable mode if your supervisor does not have enable password (secret) configured! With the real console port (“con 0”) you can always enter the enable mode, even without any passwords configured. But with the aux port it is not possible.

So, if you erase the configuration file in your Sup2T you will still need to use the console cable (or your serial console server) to access the switch and to configure the enable password before continuing via the CMP.

Maybe there is a workaround by uploading a stub startup-config file via the CMP somehow, I’ll need to investigate that later. That startup-config could then include the “enable secret” command, or more of the configuration.

Added: Sup2T management and monitoring white paper: http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-663635.html

Leave a Reply