Use a serial cable to connect on Cisco switch:
– Bits per second: 9600 – Data bits: 8 – Parity: none – Stop bits: 1 – Flow control: None
Login is admin and old password was admin, but on new version, you 'll be prompt for a new password with enhanced policies:
login as: admin User Access Verification Using keyboard-interactive authentication. Password: Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2008, Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained in this software are owned by other third parties and used and distributed under license. Certain components of this software are licensed under the GNU General Public License (GPL) version 2.0 or the GNU Lesser General Public License (LGPL) Version 2.1. A copy of each such license is available at http://www.opensource.org/licenses/gpl-2.0.php and http://www.opensource.org/licenses/lgpl-2.1.php mds9222i-2# setup ---- Basic System Configuration Dialog ----This setup utility will guide you through the basic configuration of the system. Setup configures only enough connectivity for management of the system. *Note: setup is mainly used for configuring the system initially, when no configuration is present. So setup always assumes system defaults and not the current system configuration values. Press Enter at anytime to skip a dialog. Use ctrl-c at anytime to skip the remaining dialogs. Would you like to enter the basic configuration dialog (yes/no): yes Do you want to enforce secure password standard (yes/no)[y]: Create another login account (yes/no) [n]: Configure read-only SNMP community string (yes/no) [n]: Configure read-write SNMP community string (yes/no) [n]: Enter the switch name : mds9222i-2 Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]: Mgmt0 IPv4 address : 9.43.86.148 Mgmt0 IPv4 netmask : 255.255.252.0 Configure the default gateway? (yes/no) [y]: IPv4 address of the default gateway : 9.43.85.1 Configure advanced IP options? (yes/no) [n]: y Continue with In-band (vsan1) management configuration? (yes/no) [n]: Enable IP routing? (yes/no) [n]: Configure static route? (yes/no) [n]: Configure the default network? (yes/no) [n]: Configure the DNS IPv4 address? (yes/no) [n]: Configure the default domain name? (yes/no) [n]: Enable the telnet service? (yes/no) [n]: Enable the ssh service? (yes/no) [y]: Type of ssh key you would like to generate (dsa/rsa) : dsa Configure clock? (yes/no) [n]: Configure timezone? (yes/no) [n]: y Enter timezone config :WEST Configure summertime? (yes/no) [n]: Configure the ntp server? (yes/no) [n]: Configure default switchport interface state (shut/noshut) [shut]: Configure default switchport trunk mode (on/off/auto) [on]: Configure default switchport port mode F (yes/no) [n]: Configure default zone policy (permit/deny) [deny]: Enable full zoneset distribution? (yes/no) [n]: Configure default zone mode (basic/enhanced) [basic]: The following configuration will be applied: password strength-check switchname mds9222i-2 interface mgmt0 ip address 9.43.86.148 255.255.252.0 no shutdown ip default-gateway 9.43.85.1 no telnet server enable ssh key dsa force ssh server enable clock timezone PST system default switchport shutdown system default switchport trunk mode on no system default zone default-zone permit no system default zone distribute full no system default zone mode enhanced Would you like to edit the configuration? (yes/no) [n]: Use this configuration and save it? (yes/no) [y]: y
Check the switch serial number, it will be useful to register by Cisco and downloading software:
mds9222i-2# show license host-id License hostid: VDH=FOX111504SL
<box 100% blue | Assign an IP address on management port>
switch# config terminal switch(config)# interface mgmt0 switch(config)# ip address 10.16.1.2 255.255.255.0 switch(config-if)# no shutdown switch(config-if)# exit switch(config)# switch(config)# ip default-gateway 1.1.1.4 switch(config)# exit switch# copy running-config startup-config
</box>
<box 100% blue | Create a new VSAN with ID 2>
switch# config t switch(config)# interface vsan 2 switch(config-if)# no shutdown
</box>
<box 100% blue |Change Time Zone to France / Luxembourg, with summer time>
clock timezone CET 1 # Corresponding to GMT +1 clock summer-time CEST recurring # Automatically switch to summer time
ntp server 192.168.0.1 prefer # First NTP server ntp server 192.168.0.2 # Next NTP server
</box>
Sample for Europe/Paris for v5:
cisco8(config)# clock timezone CET 1 0 cisco8(config)# clock summer-time CEST 5 Sun 03 02:00 5 Sun 10 03:00 60
Before starting zoning or configuring SAN, you have to enable DVPM, else
switch# config t switch(config)# feature dpvm switch(config)# end
For information, to disable DVPM:
switch(config)# no feature dpvm
Configuring DPVM Config and Pending Databases
To create and populate the DPVM config and pending databases, follow these steps:
Step 1
switch# config t switch(config)#
Enables enhanced device alias mode. This is required for device-alias configuration in the DPVM database.
Step 2
switch(config)# device-alias mode enhanced switch(config)# device-alias commit
Creates the DPVM config database.
Step 3
switch(config)# dpvm database switch(config-dpvm-db)# exit switch(config)# dpvm activate
If you have trouble to activate the dvpm database due to conflict with other switches, then use the force option:
switch(config)# dpvm activate force
Or delete the DVPM database, and recreate it:
switch(config)# no dpvm database
Enable ssh:
cisco8# conf t Enter configuration commands, one per line. End with CNTL/Z. cisco8(config)# ssh key rsa 1024 force deleting old rsa key..... generating rsa key(1024 bits)..... . generated rsa key cisco8(config)# feature ssh cisco8(config)# end cisco8# show ssh server ssh is enabled version 2 enabled cisco8# show ssh key ************************************** rsa Keys generated:Tue Jan 14 09:34:48 2014 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAI+UHnDNCYYU80t4hGn8OLmt5tLqDRbWZ3QQVnHT5v5lSqrTDojyLCt2a5fYfxA22kGPU 0sxJOZodYqVElwG4QGK57/OkIR2mxqeHoMCkXYNCm+hO3rFfFLv2xHauyd1U= bitcount:1024 fingerprint: db:c3:42:e2:e8:1c:5f:ee:dd:96:af:18:01:65:df:aa ************************************** could not retrieve dsa key information ************************************** cisco8# copy running-config startup-config [########################################] 100%
Enable telnet:
cisco8# conf t Enter configuration commands, one per line. End with CNTL/Z. cisco8(config)# feature telnet cisco8(config)# end cisco8# show telnet server telnet service enabled cisco8# copy running-config startup-config [########################################] 100%
Create a file on a unix server with name <username>.rc.cli, and put it into your bootflash: on your Cisco using copy command
root@nim - /root # cat admin.rc.cli terminal color
On Cisco switch:
mds-1# copy ftp://10.10.4.11/root/admin.rc.cli bootflash: mds-1# dir bootflash: 15 Jun 28 14:17:43 2013 admin.rc.cli ...
First check the current VSAN Status:
switch# show zone status vsan xx (where xx = the VSAN number)
The first line of the status output command should contain: VSAN: xx default-zone: deny distribute: active only Interop: off (where xx = the VSAN number)
Enter configuration mode and set the zoneset distribution to full for the specific VSAN
switch# config t switch (config)# zoneset distribute full vsan xx (where xx = the VSAN number)
Exit configuration mode and then recheck the VSAN Status:
switch# show zone status vsan xx (where xx = the VSAN number)
The first line of the status output command should show the distribution attribute changed to full:
VSAN: xx default-zone: deny distribute: full Interop: off (where xx = the VSAN number)
The above operation enables Full Zoneset Distributions but does not distribute the Full Zoneset. To perform a Full Zoneset Distribution, you must now Activate the specific VSAN Zoneset:
switch# config t switch (config)# zoneset activate name <zoneset name> vsan xx (where xx = the VSAN number)