Contents
In some rare situations, ex. due to configuration mistakes or device hang, or you may completely lose the ability to manage the device remotely via SSH or mfusion. This can be detrimental especially if it’s installed in a retail store that’s a few thousand miles away and there’s no local support resource available. Under that circumstances, you may want to reset your device to factory default settings.
Reset HSG / CMG to factory reset
To reset your device to factory defaults, follow the below guide.
- Console/SSH into mbox
- Login to unprivileged mode (‘support’ login credential)
- Login to privileged mode (‘enable’ login credential)
- Type ‘write erase’
mbox# write erase
Do you want to erase current CLI config "y" or "n": y
[info] resetting start-up config to default…
[note] Please restart mbox to apply the default config.
Remove local captive portal contents. Remove all "y" or "n": y
Remove mbox portal user files (e.g. Historical Reports). Remove all "y" or "n": y
Do you want to reset all databases "y" or "n": y
[info] ...
Do you want to erase local config backup files "y" or "n": y
Do you want to erase MAP statistics "y" or "n": y
mbox# reboot
After the box comes up, the box will be pre-loaded with a default configuration (startup-config).
- Use “show startup-config” command under privileged mode (
mbox# show startup-config
), To verify the default configs for HSG / CMG / HSA / UA
mbox# show startup-config
!
hostname mbox
!
interface eth0
description "Default connection to WAN"
enable
ip address dhcp
!
interface eth1
description "Default connection to LAN"
enable
ip address 192.168.8.1/22
dhcp-server
lease-time 86400 86400
router 192.168.8.1
dns 8.8.8.8 8.8.4.4
range 192.168.8.10 192.168.11.254
enable
!
interface eth2
description "Default OOB-Mgmt"
enable
ip address 10.10.10.1/24
dhcp-server
lease-time 86400 86400
router 10.10.10.1
dns 8.8.8.8 8.8.4.4
range 10.10.10.10 10.10.10.20
enable
!
interface eth3
description "Reserved network"
!
interface loopback
enable
ip address 2.1.2.1/32
!
ip name-server 8.8.8.8 8.8.4.4
!
ip ntp-server 203.211.159.1 62.201.225.9
!
ip host macc.ransnet.com 2.1.2.1 rewrite
ip host splash.ransnet.com 2.1.2.1 rewrite
!
firewall-input 10 permit all tcp dport 80 src 10.0.0.0/8 admin remark "WEB mgmt OOB"
firewall-input 11 permit all tcp dport 22 src 10.0.0.0/8 remark "SSH mgmt OOB"
!
firewall-access 10 permit outbound eth0
!
firewall-snat 10 overload outbound eth0
Reset HSA / UA to factory reset
There’s an option to do complete “FACTORY RESET” HSA/UA to recover the device through the following steps:
- Press and hold the “Reset” button (backside of the device) for more than 5 seconds and release the “Reset” button (it will re-flash to default firmware and reboot)
- Wait for more than 3 minutes (the device will boot up with default configuration and automatically register back to mfusion-portal.ransnet.com)
- Now you can double check your device configuration on mfusion orchestrator. Once the device is back online again on mfusion, resync your configuration (it will reboot again and boot up with new working configuration).
Reset MAP to factory reset
Find the procedure below:
- Connect to MAP console port (using baud rate 9600), log in with the credential admin/admin.
- Delete existing config (in case MAP is ever used elsewhere). under enable mode, delete config.text, and use the command reload, to reboot the MAP.
Basic Configuration
Product: CMG, HSG, LOG
Mostly mbox is deployed as a gateway appliance with minimum router & firewall functions. A working mbox must have the below points configured:
Prerequisites
- Interface IP addresses for both WAN and LAN interfaces
- Default IP gateway route and name-server (optional if WAN is DHCP)
- DHCP address assignment for LAN users
- Basic firewall access rules and address translation rules
Provisioning Procedure
- Enable & configure WAN (eth0) interface IP
- Enable & configure LAN (eth1) interface (assume there’s another LAN switch to connect internal PC)
- Enable DHCP server on LAN (eth1) to assign DHCP IP addresses to internal users
- Configure default gateway and name-server (not needed if WAN is on DHCP)
- Configure firewall rules to permit outbound Internet access and Port Address Translation to hide internal private IP addresses.
This is the default startup-config after mbox bootstrap (or write erase), for the above simple scenario.
mbox# show startup-config
!
hostname mbox
!
interface eth0
description "Default connection to WAN"
enable
ip address dhcp
!
interface eth1
description "Default connection to LAN"
enable
ip address 192.168.8.1/22
dhcp-server
lease-time 86400 86400
router 192.168.8.1
dns 8.8.8.8 8.8.4.4
range 192.168.8.10 192.168.11.254
enable
!
interface eth2
description "Default OOB-Mgmt"
enable
ip address 10.10.10.1/24
dhcp-server
lease-time 86400 86400
router 10.10.10.1
dns 8.8.8.8 8.8.4.4
range 10.10.10.10 10.10.10.20
enable
!
interface eth3
description "Reserved network"
!
interface loopback
enable
ip address 2.1.2.1/32
!
ip name-server 8.8.8.8 8.8.4.4
!
ip ntp-server 203.211.159.1 62.201.225.9
!
ip host macc.ransnet.com 2.1.2.1 rewrite
ip host splash.ransnet.com 2.1.2.1 rewrite
!
firewall-input 10 permit all tcp dport 80 src 10.0.0.0/8 admin remark "WEB mgmt OOB"
firewall-input 11 permit all tcp dport 22 src 10.0.0.0/8 remark "SSH mgmt OOB"
!
firewall-access 10 permit outbound eth0
!
firewall-snat 10 overload outbound eth0