Cisco

• CLI - show running-config
• CLI - Start

CLI - show running-config

Ein Beispiel von einem Cisco Switch:

switchdaf8a4#show running-config
config-file-header
switchdaf8a4
v3.2.1.1 / RCBS3.2hotfix_950_377_136
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink te
unit-type unit 2 network gi uplink te
unit-type unit 3 network gi uplink te
unit-type unit 4 network gi uplink te
unit-type-control-end
!
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
errdisable recovery cause loopback-detection
errdisable recovery cause port-security
errdisable recovery cause dot1x-src-address
errdisable recovery cause acl-deny
errdisable recovery cause stp-bpdu-guard
errdisable recovery cause stp-loopback-guard
errdisable recovery cause udld
errdisable recovery cause storm-control
no eee enable
no bonjour enable
bonjour interface range vlan 1
hostname switchdaf8a4
line console
exec-timeout 0
exit
line ssh
exec-timeout 0
exit
logging buffered debugging
logging file debugging
logging aggregation on
logging aggregation aging-time 15
username CISCO_LOGIN_USSER password encrypted $15$AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== privilege 15
ip ssh server
snmp-server server
no ip http server
ip http timeout-policy 1800 https-only
!
switchdaf8a4# 

1. Config-File-Header

• Gerätenamen und Firmware-Version:
  

  switchdaf8a4#show running-config
  config-file-header
  switchdaf8a4  # Gerätename des Switches
  v3.2.1.1 / RCBS3.2hotfix_950_377_136  #  Die Firmware- bzw. Softwareversion inklusive eines Hotfixes
  CLI v1.0   # Die Version der Kommandozeilenschnittstelle
  

  Diese Zeilen geben den Namen des Switches, die installierte Firmware/Softwareversion (inklusive eines Hotfixes) und die Version der Kommandozeilenschnittstelle an.
  
  

• Verschlüsselte Konfigurationselemente:
  

  file SSD indicator encrypted  # Weist darauf hin, dass bestimmte Konfigurationsbestandteile verschlüsselt gespeichert sein können

  Hier wird signalisiert, dass bestimmte Konfigurationsbestandteile verschlüsselt gespeichert sein können.
  
  

• Header-Abschluss:
  

  @ # Das „@“ markiert hier das Ende des Headers.

   Das „@“ markiert das Ende des Headers.

2. SSD-Control Block

3. Unit-Type-Control Block

4. Voice VLAN OUI Table

5. Fehlerbehandlung (Errdisable Recovery)

6. Energiemanagement und Bonjour

7. Hostname und Zugangskonfiguration

8. Logging

9. Benutzer und Authentifizierung

10. Netzwerkdienste

CLI - Start

Frischen Cisco Switch über CLI Configurieren

1. Anmelden

Default Login:
User: cisco
Passwd: cisco

Danach will er direkt, das du dem Switch einen neuen User und ein neues Passwort gibst.

Detected speed: 9600


User Name:cisco
Password:*****

Please change device default username AND password.
Change of credentials is required for better protection of your network.
Please note that the new password must comply to the following password complexity rules:
        1. The password must be at least 8 characters long.
        2. Password must contain at least 3 of the following types: lowercase letters, uppercase letters, numeric digits or special characters.
        3. A character can not be repeated consecutively more than 3 times.
        4. The password cannot contain more than 2 sequential characters or numbers, or the reverse value of these sequences.
        5. The password cannot contain the username or a reversed form of username.
        6. The password cannot contain the manufacturer or product name or a reversed form of such.
        7. The password cannot contain a password that is part of a predefined list of breached or dictionary based passwords.
Enter new username: Pluto10982
Enter new password: ******************************************************************
Confirm new password: ******************************************************************
Username and password were successfully updated.
switchdaf8a4#

 

2. Config anzeigen lassen

Mit show running-config kannst du dir die laufende Konfig anzeigen lassen

switchdaf8a4#show running-config 
config-file-header
switchdaf8a4
v3.2.1.1 / RCBS3.2hotfix_950_377_136
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink te
unit-type unit 2 network gi uplink te
unit-type unit 3 network gi uplink te
unit-type unit 4 network gi uplink te
unit-type-control-end
!
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya                 
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
bonjour interface range vlan 1
hostname switchdaf8a4
username Pluto10982 password encrypted $**********************************************== privilege 15
!
switchdaf8a4#