Cisco Enhanced Device Interface User's Guide, 2.1
Using Cisco E-DI
Downloads: This chapterpdf (PDF - 437.0KB) | Feedback

Using Cisco E-DI

Table Of Contents

Using Cisco E-DI

Setting up the Terminal

Customizing the Default Prompt

Keyboard Shortcuts

Cisco E-DI Services

Commonly Used Commands

Using the GUI

Translating CatOS Commands Using the GUI

Translating CatOS commands to Cisco IOS Commands Using the GUI

Using Session Based Device Authentication

Using IP Aliasing

File System Commands

Comparing Files

Restarting the Server or a Device


Using Cisco E-DI


This chapter details how to configure and use Cisco E-DI features:

Setting up the Terminal

Customizing the Default Prompt

Keyboard Shortcuts

Cisco E-DI Services

Commonly Used Commands

Using the GUI

Translating CatOS Commands Using the GUI

Using Session Based Device Authentication

Using IP Aliasing

File System Commands

Comparing Files

Restarting the Server or a Device

Setting up the Terminal

The commands used to set up the terminal are detailed in Table 2-1. The commands can be given in server or network mode.

Table 2-1 Commands to Setup the Terminal 

Action
Command

To set the terminal color mode.

You can also use the key combination Ctrl-T from the server EXEC level to toggle between gray and color modes.

[SRV:/server|NET:/network]# terminal color          

The terminal display settings can be configured to use either hostname, DNS name, or the IP address of the device.

[SRV:/server|NET:/network]# terminal device-id 
{dns-name | dns-name-short| ip | name}

To define the FTP Authentication credentials.

The credentials created using this command are used for downloading a file from an FTP site and for data backup and restore using FTP.

[SRV:/server|NET:/network]# terminal ftp-auth 
username {word}
Password

To define the HTTP Authentication credentials.

The credentials created using this command are used for downloading a file from a website.

[SRV:/server|NET:/network]# terminal http-auth 
username {word}
Password

To make the session interactive.

[SRV:/server|NET:/network]# terminal 
interactive 

To specify the number of lines that are displayed on the terminal.

[SRV:/server|NET:/network]# terminal length 
{0-1} | {2-256}

When terminal monitor is enabled, any action on the Cisco E-DI server carried out on another session is displayed on the terminal.

[SRV:/server|NET:/network]# terminal monitor 
message filter {word}

To disable the relevant terminal mode.

[SRV:/server|NET:/network]# terminal no {color 
| http-auth | interactive | monitor | monitor 
message-filter | skip-locked | skip-unauth | 
status-codes | suppress-repeats}

To enable cursor wrap to next line on reaching the end of the line (in some terminals, for example Putty).

[SRV:/server|NET:/network]# terminal [no] 
cursor-wrap

To set the terminal environment variable value.

[SRV:/server|NET:/network]# terminal set 
{word}{word} 

To skip all devices locked by some other user.

[SRV:/server|NET:/network]# terminal 
skip-locked   

To skip all devices that are not authorized to be included in a task.

[SRV:/server|NET:/network]# terminal 
skip-unauth   

To display the status code after command implementation.

[SRV:/server|NET:/network]# terminal 
status-codes 

To set the terminal stream control type.

The xml-data-channel option converts the terminal from CLI mode to XML mode (NETCONF). Refer to Cisco Enhanced Device Interface Programmer's Guide, 2.1 for more details on establishing XML sessions with Cisco E-DI.

[SRV:/server|NET:/network]# terminal stream-ctl 
{xml-data-channel {word}}

To turn the toggle options using the Ctrl key on and off.

[SRV:/server|NET:/network]# terminal 
supress-repeats 

To unset the terminal environment variable.

[SRV:/server|NET:/network]# terminal unset 
{word} 

To specify the text width displayed on the screen.

Note The default terminal width is 80. The default terminal length is 24.

[SRV:/server|NET:/network]# terminal width 
{16-256} 

To format the output of show commands with pre-defined column width (default setting).

[SRV:/server|NET:/network]# terminal 
format-report

To disable the pre-defined column width based formatting for reports. This command is useful in scripting.

[SRV:/server|NET:/network]# terminal no 
format-report

Customizing the Default Prompt

The commands used to customize the default Cisco E-DI prompt are detailed in Table 2-2. The commands can be given in server mode.

Table 2-2 Commands to Customize the Default Cisco E-DI Prompt 

Action
Command

To customize the default Cisco E-DI prompt. This prompt is configured by the system administrator, and will be applicable for all users. It is saved to the running configuration.

The prompt can include characters and function names as follows:

ServerName—Hostname of Cisco E-DI Server

User—Login ID of user

DIR—Current directory (ex: ~/)

ContextType—SRV or GRP or DEV or NET (entire network)

Context—Device IP address/name or Group name (existing prompt component) with status (when color is enabled)

Status—Alarm Code for the context (OK, Offline, P1, P2 .. P5)

DeviceIP—Device IP address (for single device)

DeviceName—Device Hostname (for single device)

PartialDir—Part of the directory ( In device context, "/network/devices/" and "/network/groups/" in the current directory replaced with ~/.)

Note The prompt is limited to 75 characters. Ctrl characters are not allowed.

A function is contained within %{ and } in the prompt definition. Once the prompt expression is defined the functions are evaluated and displayed in the prompt. Any character that is not enclosed within %{ and } will be displayed in the terminal prompt.

For example, if the prompt is customized as terminal prompt %{DeviceIp}-on- EDI-%{ServerName} and the DeviceIP (1.1.1.1) and ServerName (Dev-1) are the functions to be applied, the customized prompt will be 1.1.1.1-on-EDI-Dev-1.

To include a space in the prompt, you should specify the <prompt expression> in double quotes (" ").

[SRV:/server] (config)# system prompt <prompt 
expression>

To clear the customized prompt, and return to the default Cisco E-DI prompt.

[SRV:/server] (config)# no system prompt

To customize the default terminal prompt. This prompt is user defined, and applicable for that terminal only. It is valid for that session only. The prompt can include the characters and functions described above.

This prompt has the highest priority. It will override the default Cisco E-DI prompt and the system defined prompt.

[SRV:/server]# terminal prompt <prompt 
expression>

To clear the customized terminal prompt, and return to the default prompt.

[SRV:/server]# terminal no prompt

To save the terminal preferences set in the current session to a profile that will be stored in the user's home directory.

Terminal properties like prompt, color, suppress-repeats, width, and length are saved to the profile. Other terminal properties such as auth-type and skip-unauth are not saved.

[SRV:/server]# terminal save properties

Keyboard Shortcuts

Table 2-3 details the keyboard shortcuts available in Cisco E-DI.

Table 2-3 Keyboard Shortcuts and Associated Actions 

Shortcut
Action

?

Opens context sensitive help

Ctrl A

The cursor goes to the beginning of the line

Ctrl B

The cursor moves one character to the left

Ctrl C

Discards the current line

Ctrl D

Deletes the character at the cursor

Ctrl E

The cursor goes to the end of line

Ctrl F

The cursor moves one character to the right

Ctrl G

Displays the devices selected, the knowledge base applied and the applicability of the command to the devices selected in device configuration mode

Ctrl K

Deletes all characters from the cursor to the end of the command line

Ctrl N

Returns more recent commands in the history buffer after recalling commands with Ctrl-P or the Up Arrow key

Ctrl P

Recalls commands in the history buffer, beginning with the most recent command

Ctrl R

Refreshes the current line

Ctrl T

Toggles between terminal color display

Ctrl U

Deletes all characters before the cursor to the beginning of the command line

Ctrl W

Deletes the word to the left of the cursor

Ctrl X

Deletes all characters before the cursor to the beginning of the command line

Ctrl Z

Exit from configuration mode

Enter

For paginated messages (more than one page), message scrolls one line up

Space bar

For paginated messages (more than one page), message scrolls one page up (equal to terminal length)

Tab

Completes a partial command


Cisco E-DI Services

Cisco E-DI includes a number of services, see Table 2-4. These services can be enabled or disabled, see Table 2-5.


Note You can configure services in Cisco E-DI according to the category of inventory data required, see Table 7-1.


Table 2-4 Cisco E-DI Services 

Service
Default
Description

asset

Enabled

Device asset collection service.

Periodically collects information on device hardware assets such as chassis, cards, slot, power-supply, and fans.

editor

Enabled

Text editor service for CLI.

Allows editing/creating files on Cisco E-DI using a vi editor.

exec-cmd

Enabled

Direct network EXEC command service.

Enables implementing commands on a device using exec-cmd command.

ftp-server

Disabled

FTPD server service.

Enables/disables Cisco E-DI accessibility through FTP.

perl-scripting

Disabled

Perl scripting service for CLI.

Enables implementation of perl scripts using perl command.

telnet

Disabled

Enable/disable Telnet service.

Enables login to the Cisco E-DI server using Telnet.

trap-receiver

Enabled

SNMP trap receiver service.

Enables the receiving and processing of SNMP traps.


Table 2-5 Commands to Enable Cisco E-DI Services 

Action
Command

To enable the device asset collection service

[SVR:/server] (config)# service asset

To enable the text editor service for the CLI

[SVR:/server] (config)# service editor

To enable the direct network EXEC command service

Note The behavior of this command changes when session based device authentication is enabled. See Using Session Based Device Authentication for a full explanantion of the command behavior.

[SVR:/server] (config)# service exec-cmd

To enable the FTP server service

[SVR:/server] (config)# service ftp-server

To enable perl-scripting for the CLI

[SVR:/server] (config)# service perl-scripting

To enable the telnet service

[SVR:/server] (config)# service telnet

To enable the SNMP trap receiver service

[SVR:/server] (config)# service trap-receiver


Commonly Used Commands

Table 2-6 details commands which are commonly used in Cisco E-DI.

Table 2-6 Commonly Used Commands 

Action
Command

To enter the configure setup mode.

Note The behavior of this command changes when session based device authentication is enabled. See Using Session Based Device Authentication for a full explanantion of the command behavior.

config setup

To enter the configure terminal mode.

config t

To perform various diagnostic activities on the network.

diag

To download files using HTTP or FTP onto Cisco E-DI.

download

To exit out of the configuration mode.

You can also use Ctrl-Z

end

To exit from the current configuration view and move to the parent view.

exit

To find the managed devices that match a certain criteria.

find

To show help on different topics based on the text input.

help

To put the discovered devices into the managed state.

import

To collect device(s) inventory. Used in network mode.

Note The behavior of this command changes when session based device authentication is enabled. See Using Session Based Device Authentication for a full explanantion of the command behavior.

inventory

To logout of the server.

logout

To query a DNS server to lookup and find IP address information for a host or device.

dnslookup

To ping a element in the network using its IP address or name.

ping

To check the status of management operations in Cisco E-DI when session based device authentication is enabled.

This command displays the status of the credentials for performing different management operations. It can be used to find out why an operation is not happening. These credentials are not validated with the device, instead the status indicates whether the required credentials are configured by the user or not.

show devices 
manageability

To synchronize the file system, device configuration and archives on the devices and the server.

sync

To trace a route to a network element using its IP address or name.

traceroute

To save the server running configuration to start-up configuration.

write

Using the GUI

The GUI provides two applications to view and edit a configuration before applying the changes to the device:

Visual Configuration Editor

File Editor

You can launch the GUI as follows:


Note The recommended browsers for the Cisco E-DI GUI are Windows Internet Explorer 6.0 or higher, and Mozilla Firefox 1.0.7 or higher.



Step 1 The GUI is launched from a Windows client. There are two launch options:

To view all the devices—Enter http://<server-address> where <server-address> is either the IP address or the hostname of Cisco E-DI server.

To view a specific device—The GUI can be launched directly for devices supported by the IP aliasing feature in conjunction with DNS mapping, enter http://<aliased-device-ip-address> or http://<dns-mapped-device-address>. The address <aliased-device-ip-address> should be pre-configured in the Cisco E-DI server using IP aliasing. The address <dns-mapped-device-address> should be pre-configured in the DNS server, and it should be mapped to the address <aliased-device-ip-address>.

Step 2 The client workstation must have the correct Java Webstart application environment to run the Cisco E-DI GUI applications. If the Java Runtime Environment is not correct, you will see the following message:

Your client workstation does not have required Java Webstart. Install Java Runtime 
Environment (v1.4.2) from Windows JRE Installer and reload this page. 

Click the link to download the JRE installer package. Install the software. You will need to restart your machine to update the application environment.

Step 3 Click Launch.

The Java Webstart application launches.

Figure 2-1 Java Webstart Window

Step 4 When you launch the GUI, you see a Security dialog which asks you if you want to proceed. Click Yes or Always to proceed. Click More details to view the security certificate.

Step 5 The login page is displayed.

Figure 2-2 Login Window

When you launch the GUI using http://<edi-server-address>:

When session based device authentication is enabled but an AAA server is not used—Use the username and password which was set up during configuration, where all the managed devices have the same username and password as the Cisco E-DI server.

When session based device authentication is enabled and an AAA server is used—Use the username and password which was set up during configuration, when the AAA server has the same username and password for the Cisco E-DI server and managed devices.

When session based device authentication is disabled—Use the Cisco E-DI username and password.

When you launch the GUI using http://<aliased-device-ip-address>:

When session based device authentication is enabled but an AAA server is not used—Use the username and password which was set up during configuration, where all the managed devices have the same username and password as the Cisco E-DI server.

When session based device authentication is enabled and an AAA server is used—Use the username and password which was set up during configuration, when the AAA server has the same username and password for the Cisco E-DI server and managed devices.

After login, the user privilege is verified, this can be administrator, network operator, or read-only user.

Step 6 Check the Secure Connection check box if you want communication between the client and Cisco E-DI to be an SSH connection. If this check box is unchecked, the connection will be through Telnet which is less secure. Click Login.

Step 7 The Cisco E-DI Visual Config Editor window opens. If you chose to view all devices in the network, this window displays a list of devices managed by the Cisco E-DI server in the left pane. An asterisk (*) indicates that the device is not supported in Cisco E-DI. The left pane displays the device properties of the selected device.

If you chose to view one device, details for that device only are displayed.

You can choose to display the device list using IP addresses or device names, select the option from the drop-down list.

You can search for a specific device.

Figure 2-3 Cisco E-DI Visual Config Editor Window

Step 8 Click Launch Visual Config Editor or Launch File Editor to open the applications. See "Configuring Devices" for information about managing configuration files using the GUI.


To close the GUI, click the Close button.

Translating CatOS Commands Using the GUI

You can use the Cisco E-DI GUI to to translate the Catalyst Operating System (CatOS) configuration commands to Cisco IOS configuration commands. The Cisco Catalyst 6500 Series Switches currently support two types of operating systems:

Catalyst Operating System (CatOS)

Cisco IOS software

Cisco E-DI has knowledge of both the CatOS and the Cisco IOS devices' CLIs through an automated learning process. The translation tool is used while a device is still running CatOS to create a Cisco OS version of the configuration file. The commands can be translated using CLI commands (refer to the Cisco Enhanced Device Interface 2.1 Quick Start Guide) or by using the GUI.


Note The translation is one way only. There is no translation from Cisco IOS to CatOS.


You can edit any running configuration file or startup configuration file for Cisco Catalyst devices running Cisco IOS and supported by Cisco E-DI. You cannot edit a running configuration file or a startup configuration file for Cisco Catalyst devices running CatOS. You can invoke the Tools/Translate to IOS Commands function.

See Using the GUI for details of how to launch the GUI.

See Table 2-8 for messages you may see when using the GUI.

Translating CatOS commands to Cisco IOS Commands Using the GUI

To use the Visual Configuration Editor to translate Catalyst Operating System (CatOS) running configuration commands to Cisco IOS startup configuration commands:


Step 1 Select the device in the left pane.

An asterisk (*) indicates that the device is not supported in Cisco E-DI. The right pane displays the device properties of the selected device. You can choose to display the device list using IP addresses or device names, select the option from the drop-down list.

Step 2 Click Launch Visual Config Editor to open the running configuration or click Launch File Editor to open a file or to create a new file. The Command File Editor opens in another window and displays the device type and OS version for that device.


Note Access to edit a device configuration is only available to a user with full control access including permission to change that device configuration.


The Visual Config Editor includes menu and toolbar options to Cut, Copy and Paste text.

You can lock the file so that other users cannot make changes to the device, choose Tools > Lock. A padlock is shown on the Status bar. Choose Tools > Clear Lock to unlock the file.

You can search for a word or phrase, choose Search > Incremental Find Forward, or press Ctrl+E, or Search > Incremental Find Backwards, or press Ctrl-Shift-E.

You can choose to undo or redo edits.

You can choose to edit by inserting new text or overwriting existing text. Press the Insert key to toggle between Insert and Overwrite. The mode is shown in the Status bar. The Status bar also identifies the position of the cursor using the line and column number.

The Editor includes the option to check the command syntax based on the knowledge base for that device. The CLI syntax is checked automatically whenyou choose a different device type. The comments will be shown in a different syntax color and font as syntax checking feedback. This is a tool for checking whether one configuration file can be applied to another device type or not. It can also be used as a training or learning aid, or to compare commands.

The device details and version are shown in the Status bar. The content text in the editing pane can be color coded to give visual feedback as follows:

Table 2-7 Syntax Colors

Command Text
Color
Font Type
Example

Known command keywords

Dark Blue

Bold

interface

Incomplete command keywords

Black

Italic

interf

Valid parameter words

Green

Normal

FastEthernet0/0

Unknown command keywords

Dark Orange

Normal

itnerface

Comments

Grey

Normal

! comments


You can turn off the color coding, choose Enable Syntax Colors.

A different color is used to distinguish submode blocks, for example username cisco password 0 cisco.

Press ? to see hints on the commands and parameters.

Press the Tab key to complete a command.

Step 3 To display a list of the translations supported by Cisco E-DI, enter:

[SVR:/server]# show server translate-packages

Step 4 Enter the CatOS commands.


Note To translate port related commands, the translate file command requires that the file contains the necessary #module lines. The full CatOS running configuration file already contains this, but you must include it when translating part of a CatOS command.


Step 5 Choose Tools > Translate to IOS Commands. Select the version of Cisco IOS you want the translated commands to be. Click OK.

Figure 2-4 Translation Target Selection Window

Step 6 Save the translated commands to a file, choose Save As.

Figure 2-5 Translation Preview Tool Window

The generated Cisco IOS file contains the device type and OS version information in the first line. The File Editor uses this information to select the proper device type and OS version. This file can then be opened in the File Editor to edit it further. You can continue to change the commands in the file to check the syntax, and save the translated commands to the file.

Because the CatOS configuration is 100% compatible or translatable to Cisco IOS, the translated commands need to be reviewed and might require additional editing in the Cisco IOS configuration editor before it can be used as the final startup configuration of the migrated device.

After the commands are converted from CatOS to Cisco IOS, you can open the running configuration file for the device using the Visual Configuration Editor, which will show IOS commands. Compare these commands with the translated file open in the File Editor. You can copy commands from the File Editor to the Visual Configuration Editor to apply the translated commands to the device configuration.

Figure 2-6 Visual Configuration Editor Window


Table 2-8 Possible Messages When Using the GUI 

Message
Details
Are you sure you want to apply configuration to the Running 
Config of following devices? + device address list

Confirmation to apply incremental config to running config

Are you sure you want to apply changes to the Running Config 
of following device? + device address

Confirmation to apply configlet to running config

Are you sure you want to write Running Configuration to 
Startup Configuration of the following device? + device 
address

Confirmation to write mem operation (copy running config to startup config)

Proceed to lock the device?

Confirmation to lock operation

Proceed to clear lock?

Confirmation to unlock operation

Server copy of Running Config has been updated. Do you want 
to refresh current editor content?
Server copy of Startup Config has been updated. Do you want 
to refresh current editor content? 

Update notification and confirm refresh

Do you want to save modified edit contents to a file before 
proceed? 

Warning for modified contents and confirmation to Save (usually when closing or changing edit mode)

Server may be in the process of synchronization with the 
device.
The Configlet was generated based on the server copy of 
Running Config which may be outdated.

Warning for server using cached copy of device running config (may get this message when clicking Apply to running config, or view configlet)

Error while creating config change list. 

Error message while getting configlet

Please check User Name and Password, and then try again.

Error during login (including blank user name or password)

Error while obtaining device type name from translation 
target string 
Error while obtaining os version from translation target 
string

Error messages when generating translations


Using Session Based Device Authentication

Session based device authentication is used in an environment where there is an external AAA server. This mode requires a user to enter a login and password when running the commands in Table 2-9. The behavior of these commands changes when session based device authentication is enabled, see Table 2-9 for details.

Session based device authentication is enabled by default. If it has been disabled, it can be enabled by entering the following command in server configuration mode:

[SVR:/server](config)# device-auth session-based 

To disable session based device authentication, enter the following command in server configuartion mode:

[SVR:/server](config)# no device-auth session-based 

To specify the session credentials after session based device authentication is enabled, enter the following command in either server or network mode:

[NET:/network]# terminal device-auth login <login val>


Note It is not recommended that you change the device authentication mode after you have started managing devices. If you need to change the mode, you should first clear all previous connections, enter the command clear status connections. Then change the authentication mode.


Table 2-9 Command Behavior When Session Based Device Authentication Is Enabled 

Commands
Command Behavior When Session Based Device Authentication is Enabled

In EXEC Mode

diag connectivity

If the command is run within a scheduled job, the Telnet/SSH connectivity test fails.

When the command is run, the Telnet/SSH connectivity test uses the session's credential set for login and password. The enable password is taken from the credential set used to manage the device. If the session is not configured with device credentials, the following message appears for the login test:

Device credentials are not configured for this session

Configure the device credentials for this session, enter terminal device-auth

diag device

If the command is run within a scheduled job, the Telnet/SSH connectivity test fails.

When the command is run, the Telnet/SSH connectivity test uses the session's credential set for login and password. The enable password is taken from the credential set used to manage the device. If the session is not configured with device credentials, the following message appears for the login test:

Device credentials are not configured for this session

Configure the device credentials for this session, enter terminal device-auth

config setup

If the device credentials for the session are not configured, the following message appears before entering config-setup mode:

%WARNING: System is setup to use session based device authentication. Your current 
session is not configured with device credentials.

Configure the device credentials for this session, enter terminal device-auth

If you proceed with the configuration, the commit command will display the following error message:

%System is configured to use session based device authentication. Your current 
session is not configured with device credentials

Configure the device credentials for this session, enter terminal device-auth

If the session is configured with device credentials, the commit operation would use the session's credential to establish a Telnet/SSH connection with the device and issue a copy tftp://ediserver/ running-config command on the device.

In session based device authentication mode, device configuration cannot be scheduled as a job.

sync config {fg|bg}

If this command is run within a scheduled job, it will use SNMP Write operation to synchronize the configuration. If the SNMP Write community is not configured, this command will fail.

The command uses the session's device credentials to establish a Telnet/SSH connection and downloads the configuration of the device to Cisco E-DI using TFTP transport.

If the device credentials for the session are not configured, the command fails with the following message:

%System is setup to use session based device authentication. Your current session is 
not configured with device credentials.

Configure the device credentials for this session, enter terminal device-auth

sync filesystem 
{fg|bg}

If this command is run within a scheduled job, it will fail.

The command will use the session's device credentials to establish a Telnet/SSH connection and retrieve the device file system.

If the device credentials for the session are not configured, the command fails with the following message:

%System is setup to use session based device authentication. Your current session is 
not configured with device credentials.

Configure the device credentials for this session, enter terminal device-auth

inventory

There is no change to basic inventory and asset inventory.

The inventory command internally issues sync config and sync filesystem commands, the behavior of those commands within the inventory job is similar to the behavior describe above.

connect exec-mode

exec-cmd <cmd>

These commands cannot be run from a scheduled job.

These commands use the session's device credentials to establish a Telnet/SSH connection and run the specified command.

If the device credentials for the session are not configured, the command fails with the following message:

%System is setup to use session based device authentication. Your current session is 
not configured with device credentials.

Configure the device credentials for this session, enter terminal device-auth

more <device-filename>

copy <from-device> 
<to-server> 

If this command is run within a scheduled job, it uses the SNMP Write operation to synchronize downloading the file from the device to Cisco E-DI using TFTP transport. If the SNMP Write community is not configured, this command will fail.

The command uses the session's device credentials to establish a Telnet/SSH connection, and downloads the file from the device to Cisco E-DI using TFTP transport.

If the device credentials for the session are not configured, the command fails with the following message:

%System is setup to use session based device authentication. Your current session is 
not configured with device credentials.

Configure the device credentials for this session, enter terminal device-auth

copy <from-server> 
<to-device>

If this command is run within a scheduled job, it will fail.

The command uses the session's device credentials to establish a Telnet/SSH connection and downloads the file from Cisco E-DI to the device using TFTP transport.

If the device credentials for the session are not configured, the command fails with the following message:

%System is setup to use session based device authentication. Your current session is 
not configured with device credentials.

Configure the device credentials for this session, enter terminal device-auth

write mem

If the device credentials for the session are not configured, the command fails with the following message:

%WARNING: System is setup to use session based device authentication. 
Your current session is not configured with device credentials. 
You must use 'terminal device-auth' command to configure device credentials before 
executing this command. 

The command uses the session's device credentials to establish a Telnet/SSH connection and tftp transport to transfer files between Cisco E-DI and the device.

reload device

This is applicable in the network EXEC mode.

If the device credentials for the session are not configured, the command fails with the following message:

%WARNING: System is setup to use session based device authentication. 
Your current session is not configured with device credentials. 
You must use 'terminal device-auth' command to configure device credentials before 
executing this command. 

The command uses the session's device credentials to establish a Telnet/SSH connection to reload the managed device.

In Config mode

login <login>

password <passwd>

enable-password 
<enpassword>

If the user attempts to configure any of these parameters in credential-set submode, Cisco E-DI will generate the following warning message:

% Warning: This parameter is not applicable when session based device authentication 
is enabled
subscribe syslog

Syslog auto subscription cannot be enabled in session based device authentication mode.

When the user enters the device-auth session-based command, syslog auto subscription will be turned off.

Note The subscribe syslog feature will remain off if the user switches the mode back to non-session based authentication.


Using IP Aliasing

Cisco E-DI provides the capability through the CLI configuration mode to do one-to-one mapping from a virtual (sub-interface) IP address to a managed device or group.


Note IP aliasing is only available when session based device authentication is enabled.


Table 2-10 Commands to Setup IP Aliasing 

Action
Command

To enable IP aliasing.

Session based device authentication must be enabled

[SVR:/server] (config) #server ip-aliasing

To create a sub-interface on the active NIC.

This maintains the sub-interface address and device IP address/group name mapping in the cache.

The sub-interface address can be created by using a different netmask.

Specifying a netmask is optional. If a netmask is not provided, the sub-interface is created using the netmask given for the active ethernet interface.

[SRV:/server] (config) #[no] ip-alias 
device|group <device ip | group name> 
sub-interface <ip> netmask <network mask>

To list the virtual IP address to device/group name mapping.

[SRV:/server|NET:/network]# show server 
ip-aliases

To remove IP aliasing for the specified virtual IP address range or all the virtual IP addresses.

This command deletes the sub-interface addresses attached to the active NIC interface, and clears the cache.

[SRV:/server|NET:/network]# clear ip-aliases 
[all | ip-range]

File System Commands

Cisco E-DI creates a virtual file system to represent the file systems on the managed devices. The virtual file system contains server, network and users directories in the root of the file system:

/server directory contains directories and files related to Cisco E-DI such as directories for storing configuration archives, images and temporary files.

/network directory contains the virtual file system representing file systems for all the devices currently managed.

This is a read-only file system. Files can be read from the devices, but cannot be written or deleted. The file systems of the devices are learned when the device is managed and are kept up-to-date with the device whenever a device inventory is performed. The file systems can also be kept up to date with the sync filesystem command.

/users directory contains one directory for each user of Cisco E-DI, which can be used to store user specific files.

Table 2-11 details commands to manage the file system.

Table 2-11 Commands to Manage the File System 

Action
Command

To change the current directory.

[SVR:/server|NET:/network]# cd 
{/}[name{/name/name.....}]

To switch to the server root directory.

[SVR:/server]# cd  /

To switch to the user's home directory.

[SVR:/server]# cd  

To display the current working directory.

[SVR:/server|NET:/network]# pwd

To create a directory with a specified name.

[SVR:/server|NET:/network]# mkdir /{server/ | 
network/} name

To remove the specified directory.

[SVR:/server|NET:/network]# rmdir /{server/ | 
network/} name

To show the contents of the current directory.

Note If the filesystem service is disabled, the dir command under the device context shows the following warning message, Warning: filesystem service is disabled. Enter sync filesystem fg to manually synchronize the data.

[SVR:/server|NET:/network]# dir

To view the contents of the specified file.

[SVR:/server|NET:/network]# more /{server/ | 
network/} name

To delete the specified file.

[SVR:/server|NET:/network]# delete {/force | 
/recursive | name}

To copy a file.

Note The behavior of this command changes when session based device authentication is enabled. See Using Session Based Device Authentication for a full explanantion of the command behavior.

[SVR:/server|NET:/network]# copy  {source 
file destination file}

To rename a file.

[SVR:/server|NET:/network]# rename name

To synchronize the file system on the server with the file system on the device. You can choose to synchronize the device in the background or the foreground.

Note The behavior of this command changes when session based device authentication is enabled. See Using Session Based Device Authentication for a full explanantion of the command behavior.

[NET:/network]# sync filesystem {bg | fg}


Note You can also manage the file system using perl scripts. See "Using Perl Scripts".


Comparing Files

Cisco E-DI gives the option to compare two files and deduce the differences with appropriate color codes. Table 2-12 details the commands.

Changes will be highlighted in color, if enabled. Additions are shown in green and deletions are shown in red. Else, deletions will be marked by "-" and additions by "+".


Note CTRL-T enables the color mode.


Table 2-12 Commands to Compare Files 

Action
Command

To compare files. File 1 is the reference.

[SVR:/server]# diff file-name1 file-name2

To compare the start-up and running configurations.

[SVR:/server]# show running-config diff-with 
startup-config

Restarting the Server or a Device

The commands to restart the Cisco E-DI server or a device are detailed in Table 2-13.

Table 2-13 Commands to Restart Server and Devices 

Description
Command

Restart the Cisco E-DI server.

[SVR:/server]# reload server

Restart the specified devices.

[SVR:/server]# reload device ip-address1 
[ip-address2........]