Catalyst2960の初期設定

Cisco IOS

検証機(は?)をゲットしてみたので
色々と弄ってみたログを残してみた


初期化(いわゆる工場出荷状態)になって手元に届いたので
電源投入すると、setupモードになっておった

Would you like to terminate autoinstall? [yes]:


         --- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: no
Switch>

対話形式モードでのセットアップなんぞしないので、noで抜ける

Switch>show version
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(35)SE1, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Tue 19-Dec-06 09:29 by antonino
Image text-base: 0x00003000, data-base: 0x00C18000

ROM: Bootstrap program is C2960 boot loader
BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)SEE6, RELEASE SOFTWARE (fc1)

Switch uptime is 4 minutes
System returned to ROM by power-on
System image file is "flash:c2960-lanbase-mz.122-35.SE1/c2960-lanbase-mz.122-35.SE1.bin"

cisco WS-C2960-48TC-L (PowerPC405) processor (revision F0) with 61440K/4088K bytes of memory.
Processor board ID ***********
Last reset from power-on
1 Virtual Ethernet interface
48 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

64K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : **:**:**:**:**:**
Motherboard assembly number     : 73-9835-09
Power supply part number        : 341-0097-02
Motherboard serial number       : ***********
Power supply serial number      : ***********
Model revision number           : F0
Motherboard revision number     : A0
Model number                    : WS-C2960-48TC-L
System serial number            : ************
Top Assembly Part Number        : 800-26672-04
Top Assembly Revision Number    : A0
Version ID                      : V04
CLEI Code Number                : **********
Hardware Board Revision Number  : 0x02


Switch   Ports  Model              SW Version              SW Image
------   -----  -----              ----------              ----------
*    1   50     WS-C2960-48TC-L    12.2(35)SE1             C2960-LANBASE-M


Configuration register is 0xF

Switch>



ホスト名の設定

Switch>enable
Switch#
Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#
Switch(config)#hostname cat2960
cat2960(config)#
cat2960(config)#



管理インターフェース(vlan1)の設定

cat2960(config)#
cat2960(config)#interface vlan 1
cat2960(config-if)#ip address 192.168.10.254 255.255.255.0
cat2960(config-if)#no shutdown
cat2960(config-if)#



取り敢えず面倒臭いから全物理インターフェースを起動

cat2960(config)#interface range fastEthernet 0/1-48
cat2960(config-if-range)#no shutdown
cat2960(config-if-range)#
cat2960(config-if-range)#exit
cat2960(config)#
cat2960(config)#interface range gigabitEthernet 0/1-2
cat2960(config-if-range)#no shutdown
cat2960(config-if-range)#



Timezone及び時刻同期設定

cat2960(config)#clock timezone JST 9
cat2960(config)#ntp server 210.173.160.27
cat2960(config)#
cat2960(config)#exit
cat2960#show clock detail
.20:51:11.270 JST Thu Aug 28 2014
Time source is NTP
cat2960#
cat2960#
cat2960#show ntp associations

  address         ref clock       st   when   poll reach  delay  offset   disp
*~210.173.160.27  172.29.3.50      2      3     64   177  5.871 1188.84  3.747
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured
cat2960#



NTPサーバーがない場合は、手動で時刻を投入

cat2960#clock set 13:32:00 23 July 2001



セキュリティの為に、consoleログインでもパスワードを要求するように設定

cat2960(config)#
cat2960(config)#
cat2960(config)#line console 0
cat2960(config-line)#password <password>
cat2960(config-line)#login
cat2960(config-line)#



telnetで接続できるようにする為にvtyとパスワードの設定

cat2960(config)#
cat2960(config)#line vty 0 15
cat2960(config-line)#password <password>
cat2960(config-line)#login
cat2960(config-line)#



telnet接続時に特権execモードへ移行できるようにするために、パスワードの設定
但し、passwordで設定するとconfig上で見えてしまう為に、secretコマンドで設定するのが推奨!

cat2960(config)#enable secret <password>
cat2960(config)#



設定した config をセーブ

cat2960#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
cat2960#

Catalyst2960のFirmware Update

Cisco IOS

tftpサーバーをPCに立てて取りにいく感じ
1.PCでtftpサーバーを起動
2.Catalystで以下を実行

cat2960#dir flash:
Directory of flash:/

  545  drwx         192   Mar 1 1993 02:08:00 +00:00  c2960-lanbase-mz.122-35.SE1

32514048 bytes total (24193536 bytes free)
cat2960#
cat2960#archive download-sw /leave-old-sw tftp://192.168.10.25/c2960-lanbasek9-tar.150-2.SE6.tar



3.無事Updateが完了したら、bootイメージが変更されていることを確認し、 reload で再起動を実施する

cat2960#
cat2960#show flash:

Directory of flash:/

    3  drwx         256   Mar 1 1993 02:17:51 +00:00  c2960-lanbasek9-mz.150-2.SE6
  545  drwx         192   Mar 1 1993 02:08:00 +00:00  c2960-lanbase-mz.122-35.SE1

32514048 bytes total (8210944 bytes free)
cat2960#
cat2960#show boot
BOOT path-list      : flash:c2960-lanbasek9-mz.150-2.SE6/c2960-lanbasek9-mz.150-2.SE6.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
HELPER path-list    :
Auto upgrade        : yes
Auto upgrade path   :
NVRAM/Config file
      buffer size:   65536
cat2960#



5.bootイメージが変更されていなかったら以下のコマンドで変更

cat2960#configure terminal
cat2960(config)#boot system flash:c2960-lanbasek9-mz.150-2.SE6/c2960-lanbasek9-mz.150-2.SE6.bin



6.問題無く新Firmwareで起動できたら、確認

cat2960>enable
cat2960#
cat2960#show boot
BOOT path-list      : flash:c2960-lanbasek9-mz.150-2.SE6/c2960-lanbasek9-mz.150-2.SE6.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
Allow Dev Key         : yes
HELPER path-list    :
Auto upgrade        : yes
Auto upgrade path   :
NVRAM/Config file
      buffer size:   65536
Timeout for Config
          Download:    0 seconds
Config Download
       via DHCP:       disabled (next boot: disabled)
cat2960#
cat2960#show version
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 15.0(2)SE6, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Wed 09-Apr-14 03:40 by prod_rel_team

ROM: Bootstrap program is C2960 boot loader
BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)SEE6, RELEASE SOFTWARE (fc1)

cat2960 uptime is 6 minutes
System returned to ROM by power-on
System image file is "flash:c2960-lanbasek9-mz.150-2.SE6/c2960-lanbasek9-mz.150-2.SE6.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C2960-48TC-L (PowerPC405) processor (revision F0) with 65536K bytes of memory.
Processor board ID ***********
Last reset from power-on
1 Virtual Ethernet interface
48 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

64K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : **:**:**:**:**:**
Motherboard assembly number     : 73-9835-09
Power supply part number        : 341-0097-02
Motherboard serial number       : ***********
Power supply serial number      : ***********
Model revision number           : F0
Motherboard revision number     : A0
Model number                    : WS-C2960-48TC-L
System serial number            : ***********
Top Assembly Part Number        : 800-26672-04
Top Assembly Revision Number    : A0
Version ID                      : V04
CLEI Code Number                : **********
Hardware Board Revision Number  : 0x02


Switch Ports Model              SW Version            SW Image
------ ----- -----              ----------            ----------
*    1 50    WS-C2960-48TC-L    15.0(2)SE6            C2960-LANBASEK9-M


Configuration register is 0xF

cat2960#



7.新しい Firmwareで問題なく起動するようならば、古い Firmwareの削除

cat2960#dir flash:
Directory of flash:/

    3  drwx         256   Mar 1 1993 02:17:51 +00:00  c2960-lanbasek9-mz.150-2.SE6
  545  drwx         192   Mar 1 1993 02:08:00 +00:00  c2960-lanbase-mz.122-35.SE1
 1206  -rwx        2006   Mar 1 1993 00:04:37 +00:00  config.text
 1207  -rwx           5   Mar 1 1993 00:04:37 +00:00  private-config.text
 1208  -rwx        2072   Mar 1 1993 00:04:37 +00:00  multiple-fs

32514048 bytes total (8205824 bytes free)
cat2960#
cat2960#
cat2960#delete /force /recursive flash:c2960-lanbase-mz.122-35.SE1
cat2960#
cat2960#dir flash:
Directory of flash:/

    3  drwx         256   Mar 1 1993 02:17:51 +00:00  c2960-lanbasek9-mz.150-2.SE6
 1206  -rwx        2006   Mar 1 1993 00:04:37 +00:00  config.text
 1207  -rwx           5   Mar 1 1993 00:04:37 +00:00  private-config.text
 1208  -rwx        2072   Mar 1 1993 00:04:37 +00:00  multiple-fs

32514048 bytes total (16525312 bytes free)
cat2960#



Ciscoのマニュアル見ると Firmware Updateは

archive download-sw /overwrite tftp://192.168.10.25/c2960-lanbasek9-tar.150-2.SE6.tar

overwriteが推奨らしい