Getting Started


Getting Started
 
The system is shipped with no active configuration file. As a result, you must configure the software after the hardware is fully installed and the installation verified.
This chapter provides instructions for connecting to the console port and for creating the initial Local context management configuration. It includes the following sections:
 
Configuration
The first time power is applied to the system, the System Management Card (SMC) installed in chassis slot 8 automatically launches a Quick Setup Wizard on its console port.
The console port is located at the upper-rear of the chassis on the Switch Processor Input/Output (SPIO) Line Card installed in slot 24. The purpose of this wizard is to guide you through the initial configuration of the system.
You can choose not to use the wizard and perform the initial configuration by issuing commands to the command line interface (CLI).
The following sections describe how to configure the system.
Using the Quick Setup Wizard
The Quick Setup Wizard consists of three parts:
 
The following figure and table provides a flow diagram that shows the logic of the wizard and additional information and notes.
 
System Quick Setup Wizard Logic Diagram
System Quick Setup Wizard Logic Diagram Callout Descriptions
Enter no at the prompt to automatically be directed to the system’s CLI. Proceed to the Using the CLI for Initial Configuration section for instructions on performing an initial system configuration with the CLI.
Enter setup at the command prompt to re-invoke the wizard.
Important: For maximum security, it is recommended that you use only SSH v2.
3.
Optional. Repeat step 1 and step 2 to modify additional settings.
 
SPIO Interfaces
config
system hostname <hostname>
context local
administrator <admin_name> password <passwd>
interface spio1
ip address <ip_address> subnet
#exit
ip route 0.0.0.0 0.0.0.0 <gw_address> spio1
ssh key <v1_key>
ssh key <v2_rsa_key>
ssh key <v2_dsa_key>
server sshd
subsystem sftp
#exit
no server telnetd
server ftpd
no server telnetd
#exit
port ethernet 24/1
bind interface spio1 local
no shutdown
media rj45
#exit
end
Important: Once configuration using the wizard is complete, proceed to instructions on configuring other system parameters.
 
Using the CLI for Initial Configuration
 
The initial configuration consists of the following:
 
This section provides instructions for performing these tasks using the CLI.
Step 1
 
configure
The following prompt appears:
 
[local]host_name(config)#
Step 2
 
context local
The local context is the system’s management context. Contexts allow you to logically group services or interfaces. A single context can consist of multiple services and can be bound to multiple interfaces.
The following prompt appears:
 
[local]host_name(config-ctx)#
Step 3
 
administrator <name> { password <password> | encrypted password <enc_password> } [ ftp ] [ no-cli ] [ timeout-absolute <absolute_time> ] [ timeout-idle <idle_time> ]
<name>
password <password>
Important: Use this keyword in conjunction with the ftp keyword to allow access to the system with FTP only.
Important: You must configure a context-level security administrator during the initial configuration. After you complete the initial configuration process and end the CLI session, if you have not configured a security administrator, CLI access will be locked.
Step 4
 
exit
The following prompt appears:
 
[local]host_name(config)#
Step 5
 
system hostname <host_name>
<host_name> is the name by which the system will be recognized on the network. The hostname can be up to 63 alpha and/or numeric characters and is case sensitive.
Step 6
Step a
 
context local
The following prompt appears:
 
[local]host_name(config-ctx)#
Step b
 
interface <interface_name>
<interface_name> is the name of the interface. The interface name can be between 1 and 79 alpha and/or numeric characters and is case sensitive.
The following prompt appears as the system enters the Ethernet Interface Configuration mode:
 
[local]host_name(config-if-eth)#
Step c
 
ip address <ipaddress> <subnetmask>
Important: If you are executing this command to correct an address or subnet that was mis-configured with the Quick Setup Wizard, you must verify the default route and port binding configuration. Use step 11 and step 6 of this procedure. If there are issues, perform steps 7e through 7k to reconfigure the information.
Step d
 
exit
The following prompt appears:
 
[local]host_name(config-ctx)#
Step e
 
ip route 0.0.0.0 0.0.0.0 <gw_address> <interface_name>
Step f
 
exit
The following prompt appears:
 
[local]host_name(config)#
Step g
 
port ethernet <slot#>/<port#>
The following prompt appears:
 
[local]host_name(config-port-<slot#/port#>)#
Step h
 
bind interface <interface_name> local
no shutdown
<interface_name> is the name of the interface that you configured in step 7b.
Step i
 
media [ rj45 | sfp ]
The SPIO is equipped with dual RJ-45 and dual SFP interfaces. The RJ-45 interfaces connect the system to the management network with CAT3 or CAT5 Ethernet cable. The SFP interfaces connect the system to the management network with 1000Base-SX optical fiber cable.
Step j
 
medium { auto | speed { 10 | 100 | 1000 } duplex { full | half } }
Important: Use 1000 Mbps only for the SFP ports on the Ethernet 1000 or SPIO Line Cards. In addition, if you manually configure the port speed, you must also configure the duplex mode.
Important: Ethernet networking rules dictate that if a device whose interface is configured to auto-negotiate is communicating with a device that is manually configured to support full duplex mode, the first device negotiates with the manually configured speed of the second device, but only communicates in half duplex mode.
Step k
 
exit
The following prompt appears:
 
[local]host_name(config)#
Important: Refer below for instructions on configuring the SPIO management interface with a second IP address.
 
Configuring the System for Remote Access
Configure the system for remote access. An administrative user may access the system from a remote location over a local area network (LAN) or wide area network (WAN):
 
Important: For maximum security, use SSH v2.
Step 1
 
context local
The following prompt appears:
 
[local]host_name(config-ctx)#
Step 2
 
server telnetd
Step 3
 
ssh generate key [ type { v1-rsa | v2-rsa | v2-dsa } ]
Important: v2-rsa is the recommended key type.
 
server sshd
Step 4
 
server ftpd
Step 5
 
server tftpd
Step 6
 
exit
The following prompt appears:
 
[local]host_name(config)#
Step 7
 
end
The following prompt appears:
 
[local]host_name#
Step 8
 
show configuration
The CLI output should be similar to the sample output:
 
  context local
interface <interface_name>
ip address <ipaddress> <subnetmask>
#exit
subscriber default
#exit
administrator <admin_name> password <admin_password>
     server telnetd
     server ftpd
     ssh generate key
     server sshd
  #exit
  port ethernet 24/1
     bind interface <interface_name> local
  #exit
  port ethernet 24/1
     no shutdown
  #exit
  snmp engine-id local 800007e580ed826c191ded2d3d
  end
Step 9
 
show ip route
The CLI output should be similar to the sample output:
 
"*" indicates the Best or Used route.
Destination Nexthop Protocol Prec Cost Interface
*0.0.0.0/0 <ipaddress> static 1 0 spio1
*<network> 0.0.0.0 connected 0 0 spio1
Step 10
 
show ip interface name <interface_name>
<interface_name> is the name of the interface that was configured in step 7b.
The CLI output should be similar to the sample output:
 
Intf Name: spio1Intf Type: Broadcast
Description:
IP State: UP (Bound to 24/1 untagged, ifIndex 402718721)
IP Address: <ipaddress> Subnet Mask: <subnetmask>
Bcast Address: <bcastaddress> MTU: 1500
Resoln Type: ARP ARP timeout: 3600 secs
L3 monitor LC-port switchover: Disabled
Number of Secondary Addresses: 0
Step 11
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
 
Configuring the SPIO Management Interface with a Second IP Address
If necessary, you can configure a second IP address on the SPIO management interface.
Step 1
 
configure
The following prompt appears:
 
[local]host_name(config)#
Step 2
 
context local
The following prompt appears:
 
[local]host-name(config-ctx)#
Step 3
 
[local]host_name(config-ctx)# 24/1
The following prompt appears:
 
[local]host_name(config-if-eth)#
Step 4
 
[local]host_name(config-if-eth)#ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx secondary
Step 5
 
[local_host]host_name(config-if-eth)#end
Step 6
 
[local_host]# show config context local
The CLI output should look similar to this example:
 
config
  context local
     interface <interface_name>
        ip address <ipaddress> <subnetmask>
        ip address <ipaddress> <subnetmask> secondary
        #exit
Step 7
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883