Knowledge Base

Browse our knowledge base for free solutions to common problems

Change RAT Settings Remotely On a Cisco Router

Created On: 14 September 2022
Written by: Ben

Radio Access Technology (RAT) changes on Cisco based routers can only be applied if the Cellular interfaces are in a down down state. This is an issue if you are working on a remote router that uses Cellular connectivity as it's main connection because as soon as the interfaces get dropped you lose the ability to stay connected.

A good way to work around this limitation on Cisco is to make use of an EEM script. EEM scripts give us the ability to run a fixed list of commands in the background without having to maintain an SSH session to the router. This in thoery allows us to drop the cellular interfaces and complete a RAT change without being physically connected to the device via console, the only thing we need to add to it is a trigger event.

Creating Trigger Interface

My trigger event is done via a virtual interface which I create with the following:

config t
interface vlan 1337
no shut
end

Applying EEM Script

The next step in the process was for me to add the EEM script to the running config:

conf t
event manager applet Change_RAT_Pref authorization bypass
event syslog pattern "Interface Vlan1337, changed state to administratively down" maxrun 180
action 1.0 cli command "enable"
action 1.5 cli command "config t"
action 2.0 cli command "interface Cellular 0"
action 2.5 cli command "shutdown"
action 3.0 cli command "exit"
action 3.5 cli command "interface Cellular 1"
action 4.0 cli command "shutdown"
action 4.5 cli command "end"
action 5.0 cli command "cellular 0 lte technology auto"
action 5.5 cli command "config t"
action 6.0 cli command "interface Cellular 0"
action 6.5 cli command "no shutdown"
action 7.0 cli command "end"
end

For me I had two different model routers to change the RAT preference on for this reason I also applied the following to the other router:

conf t
event manager applet Change_RAT_Pref authorization bypass
event syslog pattern "Interface Vlan1337, changed state to administratively down" maxrun 180
action 1.0 cli command "enable"
action 1.5 cli command "config t"
action 2.0 cli command "interface cellular 0/2/0"
action 2.5 cli command "shutdown"
action 3.0 cli command "exit"
action 3.5 cli command "interface cellular 0/2/1"
action 4.0 cli command "shutdown"
action 4.5 cli command "end"
action 5.0 cli command "cellular 0/2/0 lte technology auto"
action 5.5 cli command "config t"
action 6.0 cli command "interface cellular 0/2/0"
action 6.5 cli command "no shutdown"
action 7.0 cli command "end"
end

EEM Script In Detail

To breakdown the config, the EEM script is called "Change_RAT_Pref" and has authorisation bypass allowed which will skip to contact the AAA server and run the policy immediately. EEM stores AAA bypassed policy names in a list. This list is checked when policies are triggered. If a match is found, AAA authorization is bypassed. This setting was important as the routers in question use aaa config.

The EEM is only triggered when syslog pattern is found and matches "Interface Vlan1337, changed state to administratively down", this is the virtual interface which was created in the first step and I will use this to trigger the EEM and run my required commands to change RAT preference.

maxrun is used to define the maximum amount of time that the script has to run before timeout occurs. If this is not defined an EEM should complete within 20 seconds to avoid the risk of a timeout occuring. Setting this to 180 seconds gives the script plenty of time to run.

The action lines are used to define the commands which need to be run / applied when the applet is triggered. For us these differed slightly due to the two different model roouters which the script was being applied on. One router used celllular interfaces called "cellular 0" and "cellular 1" the other router used interfaces called "cellular 0/2/0" and "cellular 0/2/1".

Increasing Recovery Chances

As previously explained we were working on remote routers that we could not physically reboot or console onto, just SSH. As with anything there is some risk associated with running such script in that you rely on the router to automatically re-connect to the network and fully trsut the EEM.

As a final measure to increase the chances of recovery should the router fail to come back online we run the following before finally triggering the EEM.

reload in 10

When prompted I select to ignore my config changes.

Triggering the EEM

Now to trigger the EEM script we simply shutdown the Virtual Interface that we created earlier:

config t
interface vlan 1337
shut
end

As we are connected via SSH to the router we expect the SSH connection to drop to confirm that the EEM script is working. As soon as we see the drop.

ICTU LTD is a company registered England and Wales (Company No. 09344913) 15 Queen Square, Leeds, West Yorkshire, England, LS2 8AJ
Copyright © 2024 ICTU LTD, All Rights Reserved.
exit