Step 1
|
Power on the switch. Switches in the Cisco MDS 9000 Family boot
automatically.
|
Step 2
|
Enter
yes (yes is the
default) to enable secure password standard.
Do you want to enforce secure password standard (yes/no): yes
Note
|
You can also enable secure password standard using the
password strength-check command. A secure
password should contain characters from at least three of the classes: lower
case letters, upper case letters, digits, and special characters.
|
|
Step 3
|
Enter the new password for the administrator.
Enter the password for admin: admin-password
Confirm the password for admin: admin-password
Tip
|
If a password is trivial (short, easy-to-decipher), your
password configuration is rejected. Be sure to configure a strong password as
shown in the sample configuration. Passwords are case-sensitive.
|
|
Step 4
|
Enter
yes to enter the setup mode.
This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.
*Note: setup is mainly used for configuring the system initially,
when no configuration is present. So setup always assumes system
defaults and not the current system configuration values.
Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.
Would you like to enter the basic configuration dialog (yes/no): yes
The setup utility guides you through the basic configuration
process. Press
Ctrl-C at any prompt to end the
configuration process.
|
Step 5
|
Enter
yes (no is the default)
if you do not wish to create additional accounts.
Create another login account (yes/no) [no]: yes
While configuring your initial setup, you can create an
additional user account (in the network-admin role) besides the administrator's
account.
Note
|
User login IDs must contain non-numeric characters.
|
-
Enter the user login ID.
Enter the user login ID: user_name
-
Enter and confirm the user password.
Enter the password for user_name: user-password
Confirm the password for user_name: user-password
-
Assign the user role
network-admin
(network-operator is the default).
Enter the user role [network-operator]: network-admin
|
Step 6
|
Configure the read-only or read-write SNMP community string.
-
Enter
yes (no is the
default) to avoid configuring the read-only SNMP community string.
Configure read-only SNMP community string (yes/no) [n]: yes
-
Enter the SNMP community string.
SNMP community string: snmp_community
|
Step 7
|
Enter a name for the switch.
Note
|
The switch name is limited to 32 alphanumeric characters. The
default is
switch.
|
Enter the switch name: switch_name
|
Step 8
|
Enter
yes (yes is the
default) at the configuration prompt to configure out-of-band management.
Continue with Out-of-band (mgmt0) management configuration? [yes/no]: yes
-
Enter the mgmt0 IPv4 address.
Mgmt0 IPv4 address: ip_address
-
Enter the mgmt0 IPv4 subnet mask.
Mgmt0 IPv4 netmask: subnet_mask
|
Step 9
|
Enter
yes (yes is the
default) to configure the default gateway.
Configure the default-gateway: (yes/no) [y]: yes
-
Enter the default gateway IP address.
IP address of the default gateway: default_gateway
|
Step 10
|
Enter
yes (no is the default)
to configure advanced IP options such as in-band management, static routes,
default network, DNS, and domain name.
Configure Advanced IP options (yes/no)? [n]: yes
-
Enter
no (no is the
default) at the in-band management configuration prompt.
Continue with in-band (VSAN1) management configuration? (yes/no) [no]: no
-
Enter
yes (yes is the
default) to enable IPv4 routing capabilities.
Enable ip routing capabilities? (yes/no) [y]: yes
-
Enter
yes (yes is the
default) to configure a static route.
Configure static route: (yes/no) [y]: yes
Enter the destination prefix.
Destination prefix: dest_prefix
Enter the destination prefix mask.
Destination prefix mask: dest_mask
Enter the next hop IP address.
Next hop ip address: next_hop_address
Note
|
Be sure to configure the IP route, the default network IP
address, and the default gateway IP address to enable SNMP access. If IP
routing is enabled, the switch uses the IP route and the default network IP
address. If IP routing is disabled, the switch uses the default gateway IP
address.
|
-
Enter
yes (yes is the
default) to configure the default network.
Configure the default-network: (yes/no) [y]: yes
Enter the default network IPv4 address.
Note
|
The default network IPv4 address is the destination prefix
provided in Step 10c.
Default network IP address [dest_prefix]: dest_prefix
|
-
Enter
yes (yes is the
default) to configure the DNS IPv4 address.
Configure the DNS IP address? (yes/no) [y]: yes
Enter the DNS IP address.
DNS IP address: name_server
-
Enter
yes (no is the
default) to skip the default domain name configuration.
Configure the default domain name? (yes/no) [n]: yes
Enter the default domain name.
Default domain name: domain_name
|
Step 11
|
Enter
yes (yes is the
default) to enable the SSH service.
Enabled SSH service? (yes/no) [n]: yes
Enter the SSH key type.
Type the SSH key you would like to generate (dsa/rsa)? rsa
Enter the number of key bits within the specified range.
Enter the number of key bits? (768-2048) [1024]: 2048
|
Step 12
|
Enter
yes (no is the default)
to disable the Telnet service.
Enable the telnet service? (yes/no) [n]: yes
|
Step 13
|
Enter yes (yes is the default) to configure congestion or no_credit drop for FC interfaces.
Configure congestion or no_credit drop for fc interfaces? (yes/no) [q/quit] to quit [y]:yes
|
Step 14
|
Enter con(con is the default) to configure congestion or no_credit drop.
Enter the type of drop to configure congestion/no_credit drop? (con/no) [c]:con
|
Step 15
|
Enter a value from 100 to 1000 (d is the default) to calculate the number of milliseconds for congestion or no_credit drop.
Enter number of milliseconds for congestion/no_credit drop[100 - 1000] or [d/default] for default:100
|
Step 16
|
Enter a mode for congestion or no_credit drop.
Enter mode for congestion/no_credit drop[E/F]:
|
Step 17
|
Enter
yes (no is the default)
to configure the NTP server.
Configure NTP server? (yes/no) [n]: yes
Enter the NTP server IPv4 address.
NTP server IP address: ntp_server_IP_address
|
Step 18
|
Enter
shut (shut is the
default) to configure the default switch port interface to the shut (disabled)
state.
Configure default switchport interface state (shut/noshut) [shut]: shut
Note
|
The management Ethernet interface is not shut down at this
point. Only the Fibre Channel, iSCSI, FCIP, and Gigabit Ethernet interfaces are
shut down.
|
|
Step 19
|
Enter
on (off is the default)
to configure the switch port trunk mode.
Configure default switchport trunk mode (on/off/auto) [off]: on
|
Step 20
|
Enter
yes (yes is the
default) to configure the switchport mode F.
Configure default switchport mode F (yes/no) [n]: y
|
Step 21
|
Enter
on (off is the default)
to configure the PortChannel auto-create state.
Configure default port-channel auto-create state (on/off) [off]: on
|
Step 22
|
Enter
permit (deny is the
default) to deny a default zone policy configuration.
Configure default zone policy (permit/deny) [deny]: permit
Permits traffic flow to all members of the default zone.
Note
|
If you are executing the setup script after issuing a
write erase command, you must explicitly
change the default zone policy to permit for VSAN 1 after finishing the script
using the following commands:
switch# configure terminal
switch(config)# zone default-zone permit vsan 1
|
|
Step 23
|
Enter
yes (no is the default)
to disable a full zone set distribution.
Enable full zoneset distribution (yes/no) [n]: yes
Overrides the switch-wide default for the full zone set
distribution feature.
You see the new configuration. Review and edit the configuration
that you have just entered.
Note
|
If you are executing the setup script after issuing a
write erase command, you must explicitly
change the default zone policy to permit for VSAN 1 after finishing the script
using the following commands:
switch# configure terminal
switch(config)# zoneset distribute full vsan 1
|
|
Step 24
|
Enter
enhanced (basic is the
default) to configure default-zone mode as enhanced.
Configure default zone mode (basic/enhanced) [basic]: enhanced
Overrides the switch-wide default zone mode as enhanced.
Note
|
If you are executing the setup script after issuing a
write erase command, you must explicitly
change the default zoning mode to enhanced for VSAN 1 after finishing the
script using the following commands:
switch# configure terminal
switch(config)# zone mode enhanced vsan 1
|
|
Step 25
|
Enter
no (no is the default)
if you are satisfied with the configuration.
The following configuration will be applied:
username admin password admin_pass role network-admin
username user_name password user_pass role network-admin
snmp-server community snmp_community ro
switchname switch
interface mgmt0
ip address ip_address subnet_mask
no shutdown
ip routing
ip route dest_prefix dest_mask dest_address
ip default-network dest_prefix
ip default-gateway default_gateway
ip name-server name_server
ip domain-name domain_name
telnet server disable
ssh key rsa 2048 force
ssh server enable
ntp server ipaddr ntp_server
system default switchport shutdown
system default switchport trunk mode on
system default switchport mode F
system default port-channel auto-create
zone default-zone permit vsan 1-4093
zoneset distribute full vsan 1-4093
system default zone mode enhanced
Would you like to edit the configuration? (yes/no) [n]: n
|
Step 26
|
Enter
yes (yes is default) to
use and save this configuration.
Use this configuration and save it? (yes/no) [y]: yes
Caution
|
If you do not save the configuration at this point, none of
your changes are updated the next time the switch is rebooted. Type
yes to save the new configuration. This
ensures that the kickstart and system images are also automatically configured.
|
|