It would seem there are a lot of folks out there looking for the recovery floppy disk that can be used to recover a defective installation of a Nortel VPN Router 1700, 2700 and 5000. I believe this disk will also work with previous models such as the Contivity 1500, 2500, 2600 and 4000 series.
It is my understanding that you will still need the Administrator password in order to perform any action. If someone could confirm this I will update this article. I haven’t yet documented a way of recovering a lost Administrator password.
You will need to use “dd” or rawrite to write the image to a 1.4MB floppy disk.
http://www.michaelfmcnamara.com/files/vpnboot.zip
I don’t think this will draw the ire of Nortel but you never know. Please let me know if your are successful in booting the VPN router.
Cheers!
Update: Wednesday August 5, 2009
I’ve uploaded a copy of the Technical Service Bulletin that advises you how to factory reset the VPN router with an unknown (lost) admin password. You can find it here; http://www.michaelfmcnamara.com/files/tt-0605401b.pdf
Cheers!
You are correct in your belief that a correct username and password will need to be provided before any actions can be performed with this disk. I have tested this with our Contivity 1740 and our username and password was required before the recovery disk could be used.
Steve is right about the P.word being needed but you can get round that by re-installing the OS from the web.
To find the lost P.word you need to be able to read the hex file that is inside the Intel next to the PCI slots. Only to be done by a skilled engineer.
There is a Nortel tech tip that tells you how to recover the password if you have the recovery disk
It is TT0605401B
(M.McNamara) Here is the link for the article reference above.
Thanks for the recovery disk. I’m using it with my Contivity 1700.
Now I have some problems. I had to install a new hard disk (the old one crashed) and I can’t format it using the recovery disk. The new disk capability is 80GB.
With the recovery disk, when I click on “Reformat” button I only get the error “Disk format operation failed. The disk may be write-protected”.
Any Help Will be greatly appreciated …
Hi Mark,
Thanks for the tip on that bulletin and the comment!
Cheers!
Hi Ruben,
It could be a few different thing (none of which will really help you – sorry). It could be that the software is unable to see the hard disk. Or perhaps the hard disk is too large for it to understand. It’s also possible that the software is hard coded for a specific disk type and size.
Unfortunately I don’t really know the answer.
Thanks for the comment!
I am looking for a recovery disk for a contivity 1750. I got your info off tek tips. Please email me and let me know how we can make this happen. Thanks for your time. Tim
Hi Tim,
Your welcome to use the information provided in the article. I believe the 1750 runs the same software, just newer hardware.
Good Luck!
FYI – Regarding the “Disk format operation failed. The disk may be write-protected”. error.
I had that this morning on a 1750 I tried multiple versions of the floppy, multiple HDD’s etc.
Very long story short, it turned out the CMOS battery had died, and the intel BIOS on the motherboard was giving a ‘CMOS settings lost. Press F1 to continue’ message, which of course you can’t normally see.
I hooked a monitor/keyboard direct to the motherboard to find that out.
I replaced the battery, went into the CMOS so that it could identify the HDD, (Don’t forget to set the ‘power on after loss of power’ setting) saved changes, put it all back together, and hey presto one HDD found again.
WARNING : You need to be a bit brave, and very careful, as getting to the VGA port / keyboard port, requires dismounting the motherboard, and nudging it back an inch or two.
Thanks for sharing that information Guy!
Guy is this the same method you use to recover the administrator password?
Michael,
your solution worked like a charm. Thank you so much. I truly appreciate your advice. Do you have any idea where I could find software version 4_06.xxx
Thank you again for your help
Andreas
Hi Andreas,
I’m happy to hear that you found the information useful. Unfortunately I can’t provide a location to the software, sorry.
Cheers!
Awesome!
Gday guys,
Just thought I’d drop in and say thanks a bunch.
Had a couple of 1700’s come in yesterday with no idea of login details, googled this forum up.
Booted the recovery disk, used a sniffer for the IP, reset to factory and away I went.
Thanks again, saved me a heap of searching.
cheers
Jim
Hi Jim,
I’m happy to hear that you found the information helpful!
Thanks for the comment!
Michael,
Than you for the recovery disk, saved my life as I loaded a software version my 1750 did not like.
Peter
I’m happy to hear that you found the information useful and helpful!
Thanks for the comment.
Hello!
I have a contivity 1740 and icant log in. I use serial cable but i dont know admin pass and i dont kown how to recover the password for admin.
I try all you said in this blog but nothing work.
Please help
Thanks
Hi Mihai,
I believe the solution was provided by Mark R in one of the comments to my original post.
I’ve uploaded a copy of the Technical Service Bulletin that advises you how to factory reset the VPN router with an unknown (lost) admin password. You can find it here; http://www.michaelfmcnamara.com/files/tt-0605401b.pdf
Good Luck!
Hi Michael,
I try all from this post but is not working…. :((
I cant get access to management IP and i cant restore to factory default.
The only method i can access the equipment is from serial console where i need admin password.
So i’m stuck and i don’t know what to do.
Please help!
Dear Michael;
Deep warm tahnks for your good self; we have faced the problem with two VPNR 2700, once we tried your tips it went as perfect as needed.
We were on site, and instead of 1 hour work, we spent 4 days figuring out the issue.
Thanks a gain.
Yours,
AhmAd
Hi Ahmad,
I’m going to guess that English isn’t your native language, no slight meant… but I believe I understand the thought behind your message.
I’m happy you found the information useful! Thanks for taking the time to make the a comment!
Cheers!
Hello Michael,
I have a question may be you know or you can help me…
I have configured a Nortel contivity model 1100 and When I run the command “sh status statistics interfaces lan-counters”
I had recived this information:
sh status statistics interfaces lan-counters
Date 11/24/2009 Time 13:16:41
*—————————————————————————–*
* Unit[0]- Fast Ethernet MAC Device (i8255x) Statistical Counters *
*—————————————————————————–*
Interface Packet Statistics
===========================
TX good frames: 31858903
TX MAXCOL errors: 0
TX LATECOL errors: 0
TX underrun errors: 0
TX lost CRS errors: 0
TX deferred: 0
TX single collisions: 0
TX multiple collisions: 0
TX total collisions: 0
RX good frames: 32101074
RX CRC errors: 0
RX alignment errors: 0
RX resource errors: 0
RX overrun errors: 0
RX collision detect errors: 0
RX short frame errors: 0
MAC Pause Flow Control TX Frames: 0
MAC Pause Flow Control RX Frames: 0
Summary Software-level Packet Data:
Total Packets Received 32101691
Total Layer-3 Octets Received 3570588966
Total Packets Sent 31859521
Total Octets Sent 347214201
IP Software-level Packet Data:
IP Packets Received 32075819
IP Octets Received 3568477700
IP Packets Sent 31839502
IP Octets Sent 345728775
IP Octets Dropped 5992277
IP Packets Accepted 2998
IP Packets Forwarded 32020039
IP Fragments Received 9196
IP Packets Fragmented 4587
IP Packet Fragments 9174
IP Packet Drops
IP Routing Filter Drops 1
IP Local System Filter Drops 47885
IP Local Interface Filter Drops 3
IP PAT Drops 0
IP Header Error Drops 0
IP QoS Random Drops 0
IP QoS Forced Drops 0
IP Zero Source Address Drops 49
IP Source Address Equals Destination Address Drops 0
IP Bad Packet Length Drops 0
IP Bad Header Length Drops 0
IP Bad Checksum Drops 0
IP Packet Too Short Drops 0
IP Bad Options Drops 0
IP No Buffer To Fragment Drops 0
IP Cannot Fragment Drops 0
IP Cannot Forward Drops 0
IP No Protocol Drops 0
IP No Route Drops 483
IP Bad Version Drops 0
IP 802.1Q Untagged Drops 0
IP 802.1Q Tagged Drops 0
TOTAL 48421
Control Software-level Packet Data:
Control Packets Received 25872
Control Octets Received 2111266
Control Packets Sent 20019
Control Octets Sent 1485426
Control Octets Dropped 0
Control Packet Drops
Total Control QoS Random Drops 0
Total Control QoS Forced Drops 0
Control 802.1Q Untagged Drops 0
Control 802.1Q Tagged Drops 0
TOTAL 0
I need to know what is the IP Software-level Packet Data and why the IP Octets Dropped with incrised.
Thanks a lot for your help
Hi Eduardo,
I’ll try to answer your question but it’s really not on topic for this post. Please post any future questions over on the forums; http://forums.networkinfrastructure.info/nortel-vpn-routers/.
The IP Software-level Packet Data is just the network statistics beyond physical layer (typically Layer 3). The ‘IP Packet Drops’ section provides a breakdown of the various packets that have been dropped. The IP Octets Dropped are just the total number of octets (bytes) for all those dropped packets.
Good Luck!
The hard drive on my Contivity 1700 was crashed. I am putting a new one in. I used the recovery diskette to boot… then reformat the hard disk… then restore factory configuration…. BUT, I don’t have a backup image of this 1700 box. Is there anyway I can get the new hard drive working?
Hi Luke,
Do you have any backup of the 1700, or another 1700? You could restore the backup of any 1700 and then perform a factory reset.
Good Luck!
Michael,
Thanks for you reply. No, I don’t have any backup of the 1700. This is the only 1700 box I have. Can anyone here who has a 1700 backup that I can use, please?!!
Michael,
A nice thread–thank you very much!
Recently our Contivity 2700’s have been rebooting randomly. We’ve opened a case with Avaya and been advised to restore from the full server-backups because the core files show LDAP file corruption. We’ve done this, but still are experiencing random reboots. Avaya says to rebuild from scratch, going with a version of code from two years ago, and restore to that. Obviously we have the backups on tape and can do this, but we’ll be missing two years’ of config changes and new tunnels.
Coindentally, immediately prior to the time of the first crash of the VPN router, our Desktop Support staff pushed a change out to all desktops that added a second DNS suffix into their Windows DNS Suffix Search List.
My questions to you are two:
1. Could that second DNS suffix in the DNS Suffix Search List be associated with the VPN reboots in any way? It’s an interesting, and unexpected, coincidence.
2. If we must rebuild the configs from scratch, missing years of data, do you know of any way we can recover the encrypted shared keys from the existing configurations? Avaya says we’ll need to call all the Branch Office Tunnel users and reconfigure / recreate the shared keys. We’d like to think not, but we don’t know some of the keys due to missing or lost or uncreated documenation from “the old days”. And we don’t know which file on the Contivity contains the keys, and how to view them if they are encrypted.
Yours,
Rick S.
Hi Rick,
You’re not the only one to face a rebooting Contivity,
Ours turned out to be a rogue machine sending out too many network requests killing the network.
We ended up having to remove all the machines off the network (unplugged from the switch) then plug them back in, one at a time, waiting 10 minutes between each, to see which one finally triggered the reboot.
You could also see the problem happening by checking the memory statistics (Status – HealthCheck – Memory Usage) We found when the rogue machine was connected, the free memory would slowly (or quickly) start to go down, when it gets to somewhere under 10Mb free, reboot time!
As to retrieving the keys, I have no idea if this will work or not, try it at your own risk, it was something I was planning on trying but never needed to in the end due to finding the rogue machine.
If you go to Servers – LPAD, stop the service, then create a backup (Give it a name you’ll recognise)
You can then restart the service, then FTP to the contivity (Same username / password you use to access the Management Web Interface) go to the system/slapd/ldif folder and copy out the file you just created.
If memory serves, if you download it in ascii format it’s formatted easier to read in notepad than if done in binary mode (but it could be the other way round)
In there you’ll find the encrypted pre-shared keys for the tunnels (and encrypted passwords for dial up VPN users)
Now I don’t know how to decrypt them, maybe some googling / hacker tools will help there, but my plan at the time was to grab the file, do a fresh configuration on the contivity, rebuild the tunnels with random pre-shared keys, export it’s lpad config file, edit it replacing the encrypted keys it contains with the encrypted keys from the previous file.
Then put the new file back on the contivity (again via FTP) and then do a resotre from the file.
Again, I HAVE NOT TRIED THIS, but facing the same issue you had, I was willing to give it a try if it came to it, maybe it will work, maybe the encrypted keys are encrypted based on a system build specific thing I don’t know.
I leave whether or not to try it up to you.
Guy
Oh one other thing, I don’t come back to this thread often, but I just read through it again now.
A lot of people asking for the admin password.
Well if you’ve done a ‘restore factory settings’ it removes the existing admin password and resets that to defaults as well, or at least it does on our 600’s and 1750’s.
After a factory reset, the default credentials are
username : admin
password : setup
REMEMBER TO CHANGE THIS ONCE YOU”VE RESTORED!! NEVER LEAVE A DEFAULT PASSWORD ON A KEY ROUTER LIKE THIS!
Thank you very much for the response, Michael.
As you were troubleshooting your network to find the rogue, were you unable to do a port-mirror or SPAN session on the port(s) to the VPN router, to see the excessive connect attempts?
One symptom we see is that when we connect to the VPN router via web, it has a much higher likelihood of rebooting when we open the Branch Office Tunnel page.
Other times we are unable to connect via web at all. When this happens, sometimes we can telnet into it, sometimes we connect via telnet but the VPN router hangs when we enter the password.
Are you aware of a CLI command to show the system memory, similar to the web-based Status – Health Check – Memory? That might be helpful when the web interface fails to work properly. I was thinking of something like:
show status statistics resources memory
Unfortunately, running that command reboots the box.
Rick S.
Hi Rick,
What version of software are you running? I’m currently running V07_05.531 on three different 1700s and they’ve been very stable (and very busy).
We have had a few instances where the LDAP database become corrupt and the box would reboot every so often, thankfully we were able to roll back to an earlier configuration (we archive them on an FTP server so we have the last 14 days and then a one copy for each of the previous 12 weeks). In one event the box would just continually reboot until we restored the previous days configuration.
Cheers!
We could, but to be honest the amount of time it takes to setup port-mirroring , sniff the traffic, then analyize the results would be greater than just doing it the old fashioned manual way.
Admittedly it did cause some user complaints when we disconnected all their machines, so if that’s not an option then yes, port-mirroring / sniffing may be your best bet.
We ran V07_05.400 for a long time (two years?) without any problems–rock solid. Then all this random rebooting. Avaya had us upgrade to V07_05_500, but it rebooted randomly too. They say the core files generated indicate a corrupt LDAP file. We’ve restored configs from over a year ago, and the box still reboots without warning.
Then they had us downgrade to V07_05.300 and restore from really old configs. Again, it’s still rebooting.
We’ve been planning for some time to budget for moving to Cisco ASA 5520’s. This is forcing the issue, so we brought in a temp ASA 5510 yesterday and began configuring it for the user/client VPN connections. Today we’ll start setting it up for the Branch Office Tunnels, and hopefully begin migrating them over by the end of the week.
Disappointing, but we’ve not achieved stability through the results of the efforts of Avaya Support.
Hi Michael,
You may be interested to learn that Avaya has done further analysis of our 2700 rebooting problem (after pushing harder for them to look at a new core file), and they report that the rebooting is caused by a known CR that affects all versions of 7 & 8 firmware. They are advising us to downgrade to version 6 code.
Rick S.
Hi All!
Can anybody send me flash image from 1100 device?
Thnks!
It is not possible to copy a folder in hard disk Сontivity1010 through ftp, deduces the message -501 Directory non existent or syntax error
You need to boot the NVR with the recovery floppy (or if you have a flash based system you need to use the bootrom) and then select the appropriate recovery option. One option is to download the code to the system from a FTP server.
Good Luck!
Ok!
After the booting of recovery image I have the next screen
Booting recovery image…
Welcome to the Contivity Extranet Switch
Copyright 1999-2002 Nortel Networks
Recovery Image Version: V04_07
Creation date: Apr 22 2002, 14:12:05
Date: 01/20/2011
Unit Serial Number:
Please enter the administrator’s user name: admin
Please enter the administrator’s password:
Main Menu:
1) Interfaces
2) Administrator
3) Private Default Route Gateway*
B) System Boot Options
R) Reset System to Factory Defaults
E) Exit, Save and Invoke Changes
* Type 0.0.0.0 to delete.
Please select a menu choice (1 – 3,R,E):
I can’t find option to load software from ftp
What can I do?
Hi Michael!
Excuse for my English. I will try to explain more clearly. Flash card NVR is formatted, I tried to restore a software through Recovery Disk but it is impossible to me.
1) Restore Factory Configuration: cannot to restore
2) Restore Backups: I do not know on what file to specify an archive way as this archive is called? I have СD a disk with a software, and one more such worker NVR.
Thanks.
Hi Urri!
I apologise for the English. In the menu choose 1 copy and send the message.
– Interface Menu
0) Slot 0, Port 1, Private LAN
Management IP Address = 172.16.1.45, ( Subnet Mask = 255.255.255.0 )
Subnet Mask = 255.255.255.0
R) Return to the Main Menu
Hi Urri!
You appoint to the computer IP 172.16.1.46 Mask 255.255.255.0 and through web the browser you come on 172.16.1.45 address you choose Restore Factory Configuration
You press button Restore. Contivity itself will reboot.
Flash card file system is corrupted and in normal mode operating system can’t load from flash card. Can anybody send me image from working 1XXX device?
Urii write to me tleu@yahoo.com
I am Sorry tleu77@yahoo.com
Nearly has not forgotten! The computer you connect through LAN 0.
What FTP server you use for Contivity1010?
All has understood with NVR.
how do you connect keyboard and monitor to motherboard
It’s not really intended to be connected to a traditional keyboard and monitor. You connect a terminal or laptop serial port to the console port of the VPN router and utilize a VT100 terminal emulator to connect to it at 9600-8-N-1.
Good Luck!
Understood, but in one of the earlier posts, it was mentioned that the cmos was directly accessed. I tried a recovery diskette but the 1700 would still not boot. I wanted to look at the device cmos. thanks…
Hello Uri
i am trying to reset the contivity 1010 and i am getting the same image than URI
Ok!
After the booting of recovery image I have the next screen
Booting recovery image…
Welcome to the Contivity Extranet Switch
Copyright 1999-2002 Nortel Networks
Recovery Image Version: V04_07
Creation date: Apr 22 2002, 14:12:05
Date: 01/20/2011
Unit Serial Number:
Please enter the administrator’s user name: admin
Please enter the administrator’s password
however in the password i am typing setup and this doesn’t work, any idea why this is not working, i have tried with different passwords and not success
Hi Juan,
If you don’t know the username and password you need to figure out the management IP address. You can use WireShark and they try to solicit the IP address from the VPN router via a few ping or ARP requests. Once you have the IP address you should open a web browser and connect to the management interface where you should have the option of factory resetting the VPN router.
Good Luck!
Hi MIchael
thanks a lot for your response, i did it what you say and discovered the management IP address, i got into the web browser and reset the factory defaults.
The problem is that i am trying to access to the router with the default user: admin and password: setup, unfortunately not success, i tried to get again into the management ip address again and i think this was reset it because i cannot enter.
what else can i do?
thanks a lot.
Hi Juan,
That’s very odd… I believe the username/password is case sensitive, could that be it?
What terminal emulator are you using? I would try a different terminal emulator, I’ve seen some odd things where some software inserts CR/LF into the password field. See if that helps any. Sorry I can’t offer more help it should work.
Cheers!
hi there, i just download vpnboot.zip recovery image version V06_05 from your side.
everything go well till to ask password. it did not accept ADMIN but accept ROOT. unfotunitly i do not know passwword for root. any help
Hi Fuat,
As the article above states you need to know the Administrator password. The default is username is “admin” with a password of “setup”.
Short of that (four comments up);
“If you don’t know the username and password you need to figure out the management IP address. You can use WireShark and they try to solicit the IP address from the VPN router via a few ping or ARP requests. Once you have the IP address you should open a web browser and connect to the management interface where you should have the option of factory resetting the VPN router.”
Good Luck!