設定清除步驟與重新開機
|
Starting sysmgr processes.. Please
wait...Done!!!
switch login: admin
Password:
Cisco Application Control Software (ACSW)
TAC support: http://www.cisco.com/tac
Copyright (c) 1985-2012 by Cisco Systems,
Inc. All rights reserved.
The copyrights to certain works contained
herein are owned by
other third parties and are used and
distributed under license.
Some parts of this software are covered
under the GNU Public
License. A copy of the license is
available at
http://www.gnu.org/licenses/gpl.html.
switch/Admin#
switch/Admin# ?
Exec commands:
backup Backup commands
capture Capture packets on
one or more interfaces
changeto Changeto another
context
checkpoint Checkpoint/Rollback
commands
clear Reset functions
clock Manage the system
clock
compare Compare checkpoint
config with running config
configure Enter configuration
mode
copy Copy from one file
to another
crypto Execute PKI related
commands
debug Debugging functions
delete Remove files -1
dir Directory listing
for files
dm Device mgr commands
for internal use
exit Exit from the EXEC
format Format a device with
FAT16 file system
ft Fault-tolerant
switchover
gunzip Uncompresses LZ77
coded files
invoke Invoke commands in
other contexts from admin context
license Licensing specific
commands
load Load plug-in image
mkdir Create new directory
move Move files
ping Send echo messages
reload Halt and perform a
cold restart
restore Restore commands
rmdir Remove existing
directory
set Set various asic
registers
setup Run the basic SETUP
command facility
show Show running system
information
sleep Sleep some time for
vsh script
ssh SSH to another
system
system System management
commands
tac-pac Save tac information
to a specific location
telnet Telnet to another
system
terminal Set terminal line
parameters
traceroute Trace route to
destination
undebug Disable Debugging
functions (See also debug)
untar Untar the given file
write Write current
configuration
xml-show Display xmlized show
command result in xml
switch/Admin# clear st
startup-config stats sticky
switch/Admin# clear startup-config
Warning: This command will erase the startup-configuration.
Do you wish to proceed anyway? (y/n) [n] y
switch/Admin# reload
This command will reboot the system
Save configurations for all the contexts.
Save? [yes/no]: [yes] no
Validating system image...
Perform system reload. [yes/no]: [yes]
switch/Admin#
|
以上步驟結束後,等待重新開機。
|
kernel=(hd0,1)/c4710ace-t1k9-mz.A5_1_2.bin
ro root=LABEL=/ auto console=ttyS0,9
600n8 quiet bigphysarea=32768
[Linux-bzImage, setup=0x1400, size=0xe75a16c]
INIT: version 2.85 booting
b4 lspci
1 Cavium device(s) found.
Bringing up NP 0
Downloading U-Boot to NP card 0
Downloading DP image to NP card 0
Starting DP image on NP card on all
cores
DP image started on NP card
Setting up dynamic memory size
Initializing Shared Memory
INIT: Entering runlevel: 3
Testing PCI path for Octeon(0)....
This may take some time, Please wait
....
PCI test loop , count 0
PCI path is ready
Starting services...
Waiting for 3 seconds to enter setup
mode...
Certificate & key are up to date
[yes]
. itch/Admin# Unmounting ext3
filesystems...
Unmounting Other filesystems...
Installing MySQLRestarting system.
groupadd: group nobody exists
useradd: user nobody exists
MySQL Installed
Installing JRE
JRE Installed
Starting sysmgr processes.. Please
wait...Done!!!
switch login: admin
Password:
Admin user is allowed to login only from
console until the default password is changed.
www user is allowed to login only after the
default password is changed.
Enter the new password for user
"admin":
Confirm the new password for user
"admin":
admin user password successfully changed.
Enter the new password for user
"www":
Confirm the new password for user
"www":
www user password successfully changed.
Cisco Application Control Software (ACSW)
TAC support: http://www.cisco.com/tac
Copyright (c) 1985-2012 by Cisco Systems,
Inc. All rights reserved.
The copyrights to certain works contained
herein are owned by
other third parties and are used and
distributed under license.
Some parts of this software are covered
under the GNU Public
License. A copy of the license is
available at
http://www.gnu.org/licenses/gpl.html.
ACE>
This script will perform the configuration necessary for a user to
manage the ACE Appliance using the ACE Device Manager.The management
port is a designated Ethernet port which has access to the same
network as your management tools including the ACE Device Manager.
You will be prompted for the Port Number, IP Address, Netmask and
Default Route (optional).
Enter 'ctrl-c' at any time to quit the script
ACE>Would you like to enter the basic
configuration dialog (yes/no) [y]: no
switch/Admin#
|
ACE清除設定後的預設帳密為
Account: admin
Password: admin
輸入後會要求修改admin與www兩帳號的密碼,請符合密碼原則輸入。
之後ACE會詢問是否要進行互動式設定
ACE>Would you like to enter the basic
configuration dialog (yes/no) [y]: no
預設回答為Yes;如果不需要請輸入No。
附帶一提,如果事後仍覺得需要進行互動式設定,可以輸入Setup指令執行之。
|
switch/Admin# setup
ACE>
This script will perform the configuration necessary for a user to
manage the ACE Appliance using the ACE Device Manager.The management
port is a designated Ethernet port which has access to the same
network as your management tools including the ACE Device Manager.
You will be prompted for the Port Number, IP Address, Netmask and
Default Route (optional).
Enter 'ctrl-c' at any time to quit the script
ACE>Would you like to enter the basic
configuration dialog (yes/no) [y]:
|
以下是互動式選項的設定方式的範例,供參考。
|
ACE>Would you like to enter the basic
configuration dialog (yes/no) [y]:
ACE> Enter the Ethernet port number to be used as the management
port (1-4):? [1]:
ACE> Enter the management port IP Address (n.n.n.n):
[192.168.1.10]: 192.168.1.144
ACE> Enter the management port Netmask(n.n.n.n): [255.255.255.0]:
ACE> Enter the default route next hop IP Address (n.n.n.n) or
ACE> Summary of entered values:
Management Port: 1
Ip address 192.168.1.144
Netmask: 255.255.255.0
Default Route: 192.168.1.254
ACE>Submit the configuration including security settings to the ACE
Appliance? (yes/no/details) [y]:
ACE> Configuration successfully
applied. You can now manage this
ACE Appliance by entering the url
'http://192.168.1.144' into a
web browser to access the Device Manager
GUI.
|
利用指令建立context
|
switch/Admin# conf t
Enter configuration commands, one per
line. End with CNTL/Z.
switch/Admin(config)# context ?
Admin
switch/Admin(config)# context Bridge
switch/Admin(config-context)#
switch/Admin# sh context
Number of Contexts = 2
Name: Admin , Id: 0
Config count: 25
Description:
Resource-class: default
Name: Bridge , Id: 1
Config count: 0
Description:
Resource-class: default
Vlans:
switch/Admin#
|
進入選定的context進行設定
|
switch/Admin# changeto bridge
Error: context not found
switch/Admin# changeto Bridge
switch/Bridge#
|
請注意!所建立的Context名稱有區分大小寫。
還有是否成功切換所在位置的context請看/後面的context是否以切換。
不同context間的設定完全獨立,不會互通,需要個別儲存之。
檢查interface狀態
|
switch/Admin# sh interface
vlan1000 is up, VLAN up on the physical
port
Hardware type is VLAN
MAC address is 00:1b:24:78:7f:4c
Mode : routed
IP address is 192.168.0.10 netmask is 255.255.255.0
FT status is non-redundant
Description:not set
MTU: 1500 bytes
Last cleared: never
Last Changed: Sun Jan 5
22:40:45 2014
No of transitions: 1
Alias IP address not set
Peer IP address not set
Assigned on the physical port, up on the physical port
633 unicast packets input, 189322 bytes
400 multicast, 25 broadcast
0 input errors, 0 unknown, 0 ignored, 0 unicast RPF drops
1396 unicast packets output, 1671574 bytes
0 multicast, 1 broadcast
0 output errors, 0 ignored
GigabitEthernet Port 1/1 is UP, line
protocol is UP
Hardware is ACE Appliance 1000Mb 802.3,
address is 00:1b:24:78:7f:4c
Description:
MTU 9216 bytes
Full-duplex, 1000Mb/s
COS bits based QoS is disabled
input flow-control is off, output
flow-control is off
1063 packets input, 195505 bytes, 0 dropped
Received 132 broadcasts (405 multicasts)
0 runts , 0 giants
0 FCS/Align errors , 0 runt FCS, 0 giant FCS
1397 packets output, 1671574 bytes
1 broadcast, 0 multicast, 0 control output packets
0 underflow, 0 single collision, 0 multiple collision output packets
0 excessive collision and dropped, 0 Excessive Deferral and
dropped
GigabitEthernet Port 1/2 is ADMIN DOWN,
line protocol is DOWN
Hardware is ACE Appliance 1000Mb 802.3,
address is 00:1b:24:78:7f:4c
Description:
MTU 0 bytes
Auto-duplex, Auto-speed
COS bits based QoS is disabled
input flow-control is off, output
flow-control is off
0 packets input, 0 bytes, 0 dropped
Received 0 broadcasts (0 multicasts)
0 runts , 0 giants
0 FCS/Align errors , 0 runt FCS, 0 giant FCS
0 packets output, 0 bytes
0 broadcast, 0 multicast, 0 control output packets
0 underflow, 0 single collision, 0 multiple collision output packets
0 excessive collision and dropped, 0 Excessive Deferral and
dropped
GigabitEthernet Port 1/3 is ADMIN DOWN,
line protocol is DOWN
Hardware is ACE Appliance 1000Mb 802.3,
address is 00:1b:24:78:7f:4c
Description:
MTU 0 bytes
Auto-duplex, Auto-speed
COS bits based QoS is disabled
input flow-control is off, output
flow-control is off
0 packets input, 0 bytes, 0 dropped
Received 0 broadcasts (0 multicasts)
0 runts , 0 giants
0 FCS/Align errors , 0 runt FCS, 0 giant FCS
0 packets output, 0 bytes
0 broadcast, 0 multicast, 0 control output packets
0 underflow, 0 single collision, 0 multiple collision output packets
0 excessive collision and dropped, 0 Excessive Deferral and
dropped
GigabitEthernet Port 1/4 is ADMIN DOWN,
line protocol is DOWN
Hardware is ACE Appliance 1000Mb 802.3,
address is 00:1b:24:78:7f:4c
Description:
MTU 0 bytes
Auto-duplex, Auto-speed
COS bits based QoS is disabled
input flow-control is off, output
flow-control is off
0 packets input, 0 bytes, 0 dropped
Received 0 broadcasts (0 multicasts)
0 runts , 0 giants
0 FCS/Align errors , 0 runt FCS, 0 giant FCS
0 packets output, 0 bytes
0 broadcast, 0 multicast, 0 control output packets
0 underflow, 0 single collision, 0 multiple collision output packets
0 excessive collision and dropped, 0 Excessive Deferral and dropped
|
|
switch/Admin# sh ip int bri
Interface IP-Address Status Protocol
vlan1000 192.168.0.10 up up
gigabitEthernet1/1 unassigned up up
gigabitEthernet1/2 unassigned administratively down down
gigabitEthernet1/3 unassigned administratively down down
gigabitEthernet1/4 unassigned administratively down down
|
|
檢查Port up/down狀態
|
|
檢查configuration設定
|
|
switch/Admin# sh running-config
Generating configuration....
boot system
image:c4710ace-t1k9-mz.A5_1_2.bin
interface gigabitEthernet 1/1
switchport access vlan 1000
no shutdown
interface gigabitEthernet 1/2
shutdown
interface gigabitEthernet 1/3
shutdown
interface gigabitEthernet 1/4
shutdown
access-list ALL line 8 extended permit ip
any any
class-map type management match-any
remote_access
2
match protocol xml-https any
3
match protocol icmp any
4
match protocol telnet any
5
match protocol ssh any
6
match protocol http any
7
match protocol https any
8
match protocol snmp any
policy-map type management first-match
remote_mgmt_allow_policy
class remote_access
permit
interface vlan 1000
ip address 192.168.0.10 255.255.255.0
access-group input ALL
service-policy input remote_mgmt_allow_policy
no shutdown
ip route 0.0.0.0 0.0.0.0 192.168.1.254
context Bridge
username admin password 5
$1$.HBIfcex$OzUi5Uv7eTEylxAf3NEPs/
role Admin domain
default-domain
username www password 5
$1$.wH9fZJd$X1MvFbstxWIWTCcHh9PjR0
role Admin domain de
fault-domain
ssh key rsa 1024 force
switch/Admin#
|
進到這邊,通常你就可以用Web介面去連接和管理ACE 4710了。重點是你連接ACE 4710的第一個Port網卡要設成跟它同網段。
沒有留言:
張貼留言