Cisco upgrade and downgrade IOS

https://supportforums.cisco.com/document/98421/how-upgrade-or-downgrade-ios-isr-or-similar-router

Potential Caveats:

Usually these would only affect older routers but the main caveats would be ensuring there is enough system memory (RAM) and also flash to store the new IOS.

Step 1: Get the new IOS to the router.

If you are onsite then often the simplest way to get the new IOS to the router is to copy the IOS to a flash card, or on newer ISR G2s, USB thumb drive.

Otherwise you would copy the file to the router using TFTP, FTP, etc.  Detailed instructions for this step are out of scope but an example would be:

copy ftp: flash:       

(Follow the prompts for server IP and file name.)

Step 2: Verify the integrity of the new IOS binary

The next step we take is to verify that the IOS was not corrupted during transit or copying.

verify flash:c2800nm-advsecurityk9-mz.150-1.M8.bin

Success will show that the calculated MD5 hash is the same as the embedded hash.

Step 3: Change the boot statements to ensure that the correct IOS loads after restart

We need to remove the old boot statement(s) and add the new one.  (There are other ways to select which IOS to run but this is the simplest method.)

a. examine the current boot statement(s)

show run | include boot



boot-start-marker

boot system flash:c2800nm-advsecurityk9-mz.12.4-15.T3.bin

boot-end-marker

b. remove the old boot statement  (Output in step a)

config t

no boot system flash:c2800nm-advsecurityk9-mz.12.4-15.T3.bin

c. add the new boot statement  (this will include the file name of the new binary)

boot system flash:c2800nm-advsecurityk9-mz.15.0-1-M8.bin

Step 4: Save configuration changes

While still in configuration mode from before:

end

write memory

show start | include boot



boot-start-marker

boot system flash:c2800nm-advsecurityk9-mz.15.0-1-M8.bin

boot-end-marker

To recap all of the commands (in this example) would then be:

show run | include boot

config t

no boot system flash:c2800nm-advsecurityk9-mz.12.4-15.T3.bin

boot system flash:c2800nm-advsecurityk9-mz.15.0-1-M8.bin

end

write memory

show start | include boot

Step 5: Reload the device and verify that the correct IOS has loaded

For normal ISR's the only way to change the IOS is to reload the device.  (ISSU, In-Service Software Upgrade, is not currently supported.)

After the device has reloaded please do a "show version" and confirm that the router is now running the correct version of IOS. 

Then you are done.

Fortigate SCp backup command with linux

https://blog.linuxnet.ch/scp-backup-of-fortinet-configuration/

To create a Fortigate Backup you only need to copy the sys_config via SCP from the Firewall.

The following describes the steps to do a backup and to setup the SSH/SCP on the Fortigate:

• Enable SSH Access on the Interface:

config system interface
edit <interface name>
set allowaccess ping https ssh
end

• Enable SCP on the firewall

config system global
set admin-scp enable
end

• Add Users Public Key

config system admin
edit admin
set ssh-public-key1 "ssh-rsa ... user@hostname.com"
next
end

• Backup using SCP

From Linux:

scp admin@<fortinet-ip-address>:fgt-config /backup

From Windows:

pscp admin@<fortinet-ip-address>:fgt-config /backup

reset fortigate password

http://docs.fortinet.com/uploaded/files/1708/Resetting_a_lost_admin_password.pdf

. Now you should be connected to the firewall. To change the admin password you type the following… In a unit where vdoms are not enabled:


config system admin
edit admin set password (XXXXXX)