- Index
- New and Changed Information
- Preface
- Cisco Virtual Security Gateway Overview
- Cisco Virtual Security Gateway Command-Line Interface
- Configuring the Cisco Virtual Security Gateway
- Cisco Virtual Security Gateway System Management
- Cisco Virtual Security Gateway High Availability
- Cisco Virtual Security Gateway Firewall Profiles and Policy Objects
- Information About VSG System Management
- Changing the Cisco VSG Instance Name
- Configuring a Message of the Day
- Verifying the Cisco VSG Configuration
- Navigating the File System
- Copying and Backing Up Files
- Creating a Directory
- Removing an Existing Directory
- Moving Files
- Deleting Files or Directories
- Compressing Files
- Uncompressing Files
- Directing Command Output to a File
- Verifying a Configuration File Before Loading
- Reverting to a Previous Configuration
- Displaying Files
- Displaying the Current User Access
- Sending a Message to Users
Cisco Virtual Security Gateway System Management
This chapter describes how to manage the Cisco Virtual Security Gateway (VSG).
This chapter includes the following sections:
•Information About VSG System Management
•Changing the Cisco VSG Instance Name
•Configuring a Message of the Day
•Verifying the Cisco VSG Configuration
•Displaying a Cisco VSG Instance
Information About VSG System Management
The Cisco Virtual Security Gateway (VSG) enables you to use command-line interface (CLI) configuration commands to do standard system management functions such as the following:
•Changing the hostname
•Configuring messages of the day
•Displaying, saving, and erasing configuration files
•Providing a single interface to all file systems including:
–Flash memory
–FTP and TFTP
–Running configuration
–Any other endpoint for reading and writing data
•Identifying users connected to the Cisco VSG
•Sending messages to single users or all users
Changing the Cisco VSG Instance Name
You can change the Cisco VSG instance name or prompt. If you have multiple instances of Cisco VSGs, you can use this procedure to uniquely identify each Cisco VSG.
BEFORE YOU BEGIN
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in global configuration mode.
SUMMARY STEPS
1. configure
2. hostname
DETAILED STEPS
This example shows how to change the hostname (name of the Cisco VSG):
vsg# configure
vsg(config)# hostname metro
vsg(config)# exit
metro#
Configuring a Message of the Day
You can configure a message of the day (MOTD) to display at the login prompt.
•The banner message can be up to 40 lines with up to 80 characters per line.
•Use the following guidelines when choosing your delimiting character:
–Do not use the delimiting-character in the message string.
–Do not use " and % as delimiters.
•The following tokens can be used in the the message of the day:
–$(hostname)
displays the hostname for the switch.
–$(line)
displays the vty or tty line or name.
BEFORE YOU BEGIN
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in configuration mode.
SUMMARY STEPS
1. configure
2. banner motd
3. show banner motd
DETAILED STEPS
This example shows how to configure an MOTD:
vsg# configure
vsg(config)# banner motd #December 12, 2010 Welcome to the VSG#
vsg(config)# show banner motd
December 12, 2010 Welcome to the VSG
vsg(config)#
Verifying the Cisco VSG Configuration
This section includes the following topics on verifying the Cisco VSG configuration:
•Verifying the Software and Hardware Versions
•Verifying the Running Configuration
•Comparing the Startup and Running Configurations
•Displaying Interface Configurations
Verifying the Software and Hardware Versions
You can view the versions of software and hardware on your system.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show version
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show version
Example: vsg# show version |
Displays the versions of system software and hardware that are currently running on the Cisco VSG. |
This example shows how to display and verify the system software and hardware version information for the Cisco VSG:
vsg# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2011, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.
Software
loader: version unavailable [last: image booted through mgmt0]
kickstart: version 4.2(1)VSG1(2) [build 4.2(1)VSG1(2.398)]
system: version 4.2(1)VSG1(2) [build 4.2(1)VSG1(2.398)]
kickstart image file is: [not present on supervisor]
kickstart compile time: 07/12/2011 17:00:00
system image file is: bootflash:/nexus-1000v-mz.VSG1.0.398.bin
system compile time: 07/17/2011 17:00:00 [07/17/2011 13:03:38]
Hardware
cisco Nexus 1000VF Chassis ("Nexus VSN Virtual Firewall")
Intel(R) Xeon(R) CPU with 1944668 kB of memory.
Processor Board ID T5056BB0072
Device name: vsg
bootflash: 2059572 kB
Kernel uptime is 1 day(s), 5 hour(s), 47 minute(s), 4 second(s)
plugin
Core Plugin, Virtualization Plugin, Ethernet Plugin
Verifying the Running Configuration
You can view the configuration currently running on the system.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show running-config
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show running-config
Example: vsg# show running-config |
|
This example shows how to display the versions of system software and hardware running on the Cisco VSG:
vsg# show running-config
!Command: show running-config
!Time: Sun Jul 17 17:42:59 2011
version 4.2(1)VSG1(2)
no feature telnet
no feature http-server
username admin password 5 $1$RU5OIPU7$SYvoK9S5rOMRE9WBWZLsA. role network-admin
banner motd #Nexus VSN#
ssh key rsa 2048
ip domain-lookup
ip domain-lookup
hostname vsg
snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
vrf context management
ip route 0.0.0.0/0 10.193.72.1
vlan 1
port-channel load-balance ethernet source-mac
port-profile default max-ports 32
vdc vsg id 1
limit-resource vlan minimum 16 maximum 2049
limit-resource monitor-session minimum 0 maximum 2
limit-resource vrf minimum 16 maximum 8192
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 32 maximum 32
limit-resource u6route-mem minimum 16 maximum 16
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8
interface mgmt0
ip address 10.193.73.118/21
interface data0
ip address 118.1.1.1/8
line console
boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG1.0.1.bin sup-1
boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-1
boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG1.0.1.bin sup-2
boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-2
ha-pair id 23
security-profile sp1
policy p1
rule r1
action 10 permit
policy p1
rule r1 order 10
vnm-policy-agent
policy-agent-image
registration-ip 0.0.0.0
shared-secret **********
log-level info
vsg#
Comparing the Startup and Running Configurations
You can view the differences between the startup configuration and running configuration.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show running-config diff
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show running-config diff
Example: vsg# show running-config diff |
Displays the difference between the startup configuration and the running configuration. |
This example shows how to display the difference between the startup configuration and the running configuration:
vsg# show running-config diff
*** Startup-config
--- Running-config
***************
*** 14,34 ****
banner motd #Nexus VSG#
ssh key rsa 2048
ip domain-lookup
ip domain-lookup
! switchname G-VSG-116-1
snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey
vrf context management
ip route 0.0.0.0/0 10.193.72.1
vlan 1
port-channel load-balance ethernet source-mac
port-profile default max-ports 32
! vdc G-VSG-116-1 id 1
limit-resource vlan minimum 16 maximum 2049
limit-resource monitor-session minimum 0 maximum 2
limit-resource vrf minimum 16 maximum 8192
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 32 maximum 32
--- 13,33 ----
banner motd #Nexus VSG#
ssh key rsa 2048
ip domain-lookup
ip domain-lookup
! hostname vsg
snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey
vrf context management
ip route 0.0.0.0/0 10.193.72.1
vlan 1
port-channel load-balance ethernet source-mac
port-profile default max-ports 32
! vdc vsg id 1
limit-resource vlan minimum 16 maximum 2049
limit-resource monitor-session minimum 0 maximum 2
limit-resource vrf minimum 16 maximum 8192
limit-resource port-channel minimum 0 maximum 768
limit-resource u4route-mem minimum 32 maximum 32
vsg#
Displaying Interface Configurations
This section includes the following procedures:
•Displaying a Brief View of a Specific Interface Configuration
•Displaying a Detailed View of a Specific Interface Configuration
•Displaying a Brief View of All Interfaces
•Verifying the Running Configuration for All Interfaces
Displaying a Brief View of a Specific Interface Configuration
You can display a brief view of a specific interface configuration.
BEFORE YOU BEGIN
Before using this procedure, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show interface brief
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show interface {type} {name} brief
Example: vsg# show interface brief |
Displays a brief view of a specific interface configuration. |
This example shows how to display a brief view of a specific interface configuration:
vsg# show interface brief
--------------------------------------------------------------------------------
Port VRF Status IP Address Speed MTU
--------------------------------------------------------------------------------
mgmt0 -- up 10.193.73.10 1000 1500
--------------------------------------------------------------------------------
Port VRF Status IP Address Speed MTU
--------------------------------------------------------------------------------
data0 -- up 10.10.10.10 1000 1500
vsg#
---------------------------------------------------------------------------------
Displaying a Detailed View of a Specific Interface Configuration
You can display a detailed view of a specific interface configuration.
BEFORE YOU BEGIN
Before using the command in this section, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show interface
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show interface {type} {name}
Example: vsg# show interface mgmt 0 |
Displays a detailed version of a specific interface connection. |
This example shows how to display a detailed version of a specific interface connection:
vsg# show interface mgmt 0
mgmt0 is up
Hardware: Ethernet, address: 0050.5689.3321 (bia 0050.5689.3321)
Internet Address is 172.23.232.141/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA
full-duplex, 1000 Mb/s
Auto-Negotiation is turned on
4961 packets input, 511995 bytes
0 multicast frames, 0 compressed
0 input errors, 0 frame, 0 overrun, 0 fifo
245 packets output, 35853 bytes
0 underrun, 0 output errors, 0 collisions
0 fifo, 0 carrier errors
vsg#
Displaying a Brief View of All Interfaces
You can display a brief view of all interfaces.
BEFORE YOU BEGIN
Before using this procedure, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show interface brief
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show interface brief
Example: vsg# show interface brief |
Displays a brief view of all interfaces. |
This example shows how to display a brief view of all the interfaces on the Cisco VSG:
vsg# show interface brief
--------------------------------------------------------------------------------
Port VRF Status IP Address Speed MTU
--------------------------------------------------------------------------------
mgmt0 -- up 10.23.232.141 1000 1500
--------------------------------------------------------------------------------
Ethernet VLAN Type Mode Status Reason Speed Port
Interface Ch #
--------------------------------------------------------------------------------
Eth3/2 1 eth trunk up none 1000(D) --
Eth3/3 262 eth access up none 1000(D) --
--------------------------------------------------------------------------------
Interface VLAN Type Mode Status Reason MTU
--------------------------------------------------------------------------------
Veth81 630 virt access up none 1500
Veth82 630 virt access up none 1500
Veth224 631 virt access up none 1500
Veth225 1 virt access nonPcpt nonParticipating 1500
vsg#
Verifying the Running Configuration for All Interfaces
You can verify the running configuration for all interfaces.
Note The output for the show running-config interface command differs from that of the show interface command.
BEFORE YOU BEGIN
Before using this procedure, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show running-config interface
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show running-config interface
Example: vsg# show running-config interface |
Displays the running configuration for all interfaces on your system. |
This example shows how to display the running configuration for all the interfaces on the Cisco VSG:
vsg# show running-config interface
!Command: show running-config interface
!Time: Sun Jul 17 16:29:08 2011
version 4.2(1)VSG1(2)
interface mgmt0
ip address 10.193.73.10/16
interface data0
ip address 10.10.10.10/24
vsg#
Saving a Configuration
You can save the running configuration to the startup configuration, so that your changes are retained in the startup configuration file the next time you start up the Cisco VSG.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. copy running-config startup-config
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
copy running-config startup-configure
Example: vsg# copy running-config startup-configure |
Saves the running configuration to the startup configuration. |
This example shows how to save the running configuration to your startup configuration:
vsg(config)# copy running-config startup-config
[########################################] 100%
vsg(config)#
Erasing a Configuration
You can erase a startup configuration.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
•The following parameters are used with this command:
–boot—Erases the boot variables and the mgmt0 IP configuration.
–debug—Erases the debug configuration.
SUMMARY STEPS
1. write erase [boot | debug]
DETAILED STEPS
This example shows how to erase a debug startup configuration:
vsg(config)# write erase debug
Warning: This command will erase the startup-configuration.
Do you wish to proceed anyway? (y/n) [y]
[########################################] 100%
vsg(config)#
Displaying a Cisco VSG Instance
You can display a Cisco VSG instance.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
SUMMARY STEPS
1. show vsg
DETAILED STEPS
This example shows how to display the Cisco VSG model, HA ID, software version and build, and the Cisco VNMC IP address:
vsg# show vsg
Model: VSG
HA ID: 10
VSG Software Version: 4.2(1)VSG1(1) build [4.2(1)VSG1(0.396)]
VNMC IP: 10.193.20.12
vsg#
Navigating the File System
This section describes how to navigate the file system.
This section includes the following topics:
•Identifying Your Current Working Directory
•Listing the Files in a File System
•Identifying Available File Systems for Copying Files
Specifying File Systems
The syntax for specifying a file system is <file system name>:[//server/]. Table 4-1 describes the file system syntax.
Identifying Your Current Working Directory
You can display the directory name of your current location in the CLI.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
SUMMARY STEPS
1. pwd
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
pwd
Example: vsg# pwd |
Displays the directory name of your current location in the CLI. |
This example shows how to display the directory name of your current location in the Cisco VSG CLI:
vsg# pwd
bootflash:
Changing Your Directory
You can change directories in the CLI.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
•The Cisco VSG CLI defaults to the bootflash: file system.
Note Any file saved in the volatile: file system is erased when the Cisco VSG reboots.
SUMMARY STEPS
1. pwd
2. cd directory_name
DETAILED STEPS
This example shows how to display the directory name of the current Cisco VSG CLI location and how to change the CLI location to the specified directory:
vsg# pwd
bootflash:
vsg# cd volatile:
vsg# pwd
volatile:
vsg#
Listing the Files in a File System
You can display the contents of a directory or file.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. dir [directory | filename]
DETAILED STEPS
This example shows how to display the contents of a directory:
vsg# dir lost+found/
49241 Jul 01 09:30:00 2008 diagclient_log.2613
12861 Jul 01 09:29:34 2008 diagmgr_log.2580
31 Jul 01 09:28:47 2008 dmesg
1811 Jul 01 09:28:58 2008 example_test.2633
89 Jul 01 09:28:58 2008 libdiag.2633
42136 Jul 01 16:34:34 2008 messages
65 Jul 01 09:29:00 2008 otm.log
741 Jul 01 09:29:07 2008 sal.log
87 Jul 01 09:28:50 2008 startupdebug
Usage for log://sup-local
51408896 bytes used
158306304 bytes free
209715200 bytes total
vsg#
Identifying Available File Systems for Copying Files
You can identify the file systems that you can copy to or from.
BEFORE YOU BEGIN
Before using this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
SUMMARY STEPS
1. copy ?
2. copy filename ?
DETAILED STEPS
This example shows how to display the source file systems available to the copy command:
vsg# copy ?
bootflash: Select source filesystem
core: Select source filesystem
debug: Select source filesystem
ftp: Select source filesystem
licenses Backup license files
log: Select source filesystem
nvram: Select source filesystem
running-config Copy running configuration to destination
scp: Select source filesystem
sftp: Select source filesystem
startup-config Copy startup configuration to destination
system: Select source filesystem
tftp: Select source filesystem
volatile: Select source filesystem
This example shows how to display the destination file systems available to the copy command for the specific file named:
vsg# copy filename ?
bootflash: Select destination filesystem
debug: Select destination filesystem
ftp: Select destination filesystem
log: Select destination filesystem
modflash: Select destination filesystem
nvram: Select destination filesystem
running-config Copy from source to running configuration
scp: Select destination filesystem
sftp: Select destination filesystem
startup-config Copy from source to startup configuration
system: Select destination filesystem
tftp: Select destination filesystem
volatile: Select destination filesystem
Using Tab Completion
You can have the CLI complete a partial filename in a command.
BEFORE YOU BEGIN
Before using this procedure, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
SUMMARY STEPS
1. show file filesystem name: partial filename <Tab>
2. show file bootflash:c <Tab>
DETAILED STEPS
This example shows how to display a selection of available files when you press Tab after you have typed enough characters that are unique to a file or set of files:
VSG# show file bootflash:nex<Tab>
bootflash:nexus-1000v-dplug-mzg.VSG1.0.1.bin
bootflash:nexus-1000v-kickstart-mzg.VSG1.0.1.bin
bootflash:nexus-1000v-mzg.VSG1.0.1.bin
bootflash:nexus-1000v-mzg.VSG1.0.2.bin
This example shows how to complete a command by pressing the Tab key when you have already entered the first unique characters of a command:
vsg# show file bootflash:c<Tab>
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDSq93BrlHcg3bX1jXDMY5c9+yZSST3VhuQBqogvCPDGeLecA+j
...
...
vsg#
Copying and Backing Up Files
You can copy a file, such as a configuration file, to save it or reuse it at another location. If your internal file systems are corrupted, you could potentially lose your configuration. Save and back up your configuration files periodically. Also, before installing or migrating to a new software configuration, back up the existing configuration files.
BEFORE YOU BEGIN
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in any command mode.
•If you are copying to a remote location, make sure that your device has a route to the destination. Your device and the remote destination must be in the same subnetwork if you do not have a router or default gateway to route traffic between subnets.
•Usie the ping command to make sure that your device has connectivity to the destination.
•Make sure that the source configuration file is in the correct directory on the remote server.
•Make sure that the permissions on the source file are set correctly. Permissions on the file should be set to world-read.
Note Use the dir command to ensure that enough space is available in the destination file system. If enough space is not available, use the delete command to remove unneeded files.
SUMMARY STEPS
1. copy [source filesystem:] filename [destination filesystem:] filename
DETAILED STEPS
This example shows how to copy a file from a specified source location and move it to a specified destination location:
vsg# copy system:running-config tftp://10.10.1.1/home/configs/vsg3-run.cfg
Enter vrf (If no input, current vrf 'default' is considered):
Trying to connect to tftp server......
Connection to Server Established.
TFTP put operation succesful
vsg#
Creating a Directory
You can create a directory at the current directory level or at a specified directory level.
BEFORE YOU BEGIN
Before beginning this procedure, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. mkdir {bootflash: | debug: | volatile:} directory-name
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
mkdir {bootflash: | debug: | volatile:} directory-name Example: vsg# mkdir bootflash:new-directory |
Creates a directory at the current directory level. |
This example shows how to create a directory called test in the bootflash: directory:
vsg# mkdir bootflash:test
vsg#
This example shows how to create a directory called test at the current directory level:
vsg# mkdir test
vsg#
Removing an Existing Directory
You can remove an existing directory from the flash file system.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
•This command is only valid on flash file systems.
•Before you can remove it, the directory must be empty.
SUMMARY STEPS
1. rmdir {bootflash: | debug: | volatile:} directory
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
rmdir {bootflash: | debug: | volatile:} directory
Example: vsg# rmdir bootflash:new-directory |
Removes a directory as long as the directory is empty. |
This example shows how to remove the directory called test in the bootflash: directory:
vsg# rmdir bootflash:test
vsg#
This example shows how to remove the directory called test at the current directory level:
vsg# rmdir test
vsg#
Moving Files
You can move a file from one location to another location.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
•The copy does not complete if there is not enough space in the destination directory.
SUMMARY STEPS
1. move {source path and filename} {destination path and filename}
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
move {source path and filename} {destination path and filename} Example: vsg# move bootflash:file1 bootflash:mystuff/file1 |
Moves a directory. |
This example shows how to move a file from one directory to another in the same file system:
vsg# move bootflash:samplefile bootflash:mystorage/samplefile
This example shows how to move a file from one directory to another in the current file system:
vsg# move samplefile mystorage/samplefile
Deleting Files or Directories
You can delete files or directories on a Flash memory device.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•If you try to delete the configuration file or image specified by the CONFIG_FILE or BOOTLDR environment variable, the system prompts you to confirm the deletion.
•If you try to delete the last valid system image specified in the BOOT environment variable, the system prompts you to confirm the deletion.
SUMMARY STEPS
1. delete [bootflash: | debug: | log: | volatile:] filename or directory name
DETAILED STEPS
This example shows how to delete the named file from the current working directory:
vsg# delete bootflash:dns_config.cfg
This example shows how to delete the named directory and its contents:
vsg# delete log:my-log
Compressing Files
You can compress (zip) a specified file using LZ77 coding.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
SUMMARY STEPS
1. show command > [path] filename
2. dir
3. gzip [path] filename
DETAILED STEPS
This example shows how to display and then compress a specified file:
vsg# show system internal sysmgr event-history errors > errorsfile
vsg# dir
1480264 Nov 03 08:38:21 2001 1
77824 Dec 08 11:17:45 2001 accounting.log
4096 Nov 30 14:35:15 2001 core/
3220 Dec 09 16:33:05 2001 errorsfile
4096 Nov 30 14:35:15 2001 log/
16384 Nov 03 08:32:09 2001 lost+found/
7456 Dec 08 11:17:41 2001 mts.log
1480264 Nov 03 08:33:27 2001 nexus-1000v-dplug-mzg.VSG1.0.1.bin
20126720 Nov 03 08:33:27 2001 nexus-1000v-kickstart-mzg.VSG1.0.1.bin
45985810 Dec 01 14:30:00 2001 nexus-1000v-mzg.VSG1.0.1.bin
46095447 Dec 07 11:32:00 2001 nexus-1000v-mzg.VSG1.0.396.bin
1714 Dec 08 11:17:33 2001 system.cfg.new
4096 Nov 03 08:33:54 2001 vdc_2/
4096 Nov 03 08:33:54 2001 vdc_3/
4096 Nov 03 08:33:54 2001 vdc_4/
Usage for bootflash://
631246848 bytes used
5772722176 bytes free
6403969024 bytes total
This example shows how to compress the specified file:
vsg# gzip bootflash:errorsfile
vsg# dir
1480264 Nov 03 08:38:21 2001 1
77824 Dec 08 11:17:45 2001 accounting.log
4096 Nov 30 14:35:15 2001 core/
861 Dec 09 16:33:05 2001 errorsfile.gz
4096 Nov 30 14:35:15 2001 log/
16384 Nov 03 08:32:09 2001 lost+found/
7456 Dec 08 11:17:41 2001 mts.log
1480264 Nov 03 08:33:27 2001 nexus-1000v-dplug-mzg.VSG1.0.1.bin
20126720 Nov 03 08:33:27 2001 nexus-1000v-kickstart-mzg.VSG1.0.1.bin
45985810 Dec 01 14:30:00 2001 nexus-1000v-mzg.VSG1.0.1.bin
46095447 Dec 07 11:32:00 2001 nexus-1000v-mzg.VSG1.0.396.bin
1714 Dec 08 11:17:33 2001 system.cfg.new
4096 Nov 03 08:33:54 2001 vdc_2/
4096 Nov 03 08:33:54 2001 vdc_3/
4096 Nov 03 08:33:54 2001 vdc_4/
Usage for bootflash://
631246848 bytes used
5772722176 bytes free
6403969024 bytes total
vsg#
Uncompressing Files
You can uncompress (unzip) a specified file that is compressed using LZ77 coding.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
SUMMARY STEPS
1. gunzip [path] filename
2. dir
DETAILED STEPS
This example shows how to uncompress a specified file:
vsg# gunzip bootflash:errorsfile.gz
vsg# dir bootflash:
1480264 Nov 03 08:38:21 2001 1
77824 Dec 08 11:17:45 2001 accounting.log
4096 Nov 30 14:35:15 2001 core/
3220 Dec 09 16:33:05 2001 errorsfile
4096 Nov 30 14:35:15 2001 log/
16384 Nov 03 08:32:09 2001 lost+found/
7456 Dec 08 11:17:41 2001 mts.log
1480264 Nov 03 08:33:27 2001 nexus-1000v-dplug-mzg.VSG1.0.1.bin
20126720 Nov 03 08:33:27 2001 nexus-1000v-kickstart-mzg.VSG1.0.1.bin
45985810 Dec 01 14:30:00 2001 nexus-1000v-mzg.VSG1.0.1.bin
46095447 Dec 07 11:32:00 2001 nexus-1000v-mzg.VSG1.0.396.bin
1714 Dec 08 11:17:33 2001 system.cfg.new
4096 Nov 03 08:33:54 2001 vdc_2/
4096 Nov 03 08:33:54 2001 vdc_3/
4096 Nov 03 08:33:54 2001 vdc_4/
Usage for bootflash://sup-local
631246848 bytes used
5772722176 bytes free
6403969024 bytes total
Directing Command Output to a File
You can direct command output to a file.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. show running-config > [path | filename]
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show running-config > [path | filename]
Example: vsg# show running-config > bootflash:vsg1-run.cfg |
Directs the output of the command to a path and file name. |
This example shows how to direct the output of the command to the file vsg1-run.cfg in the volatile: directory:
vsg# show running-config > volatile:vsg1-run.cfg
This example shows how to direct the output of the command to the file vsg2-run.cfg in the bootflash: directory:
vsg# show running-config > bootflash:vsg2-run.cfg
Verifying a Configuration File Before Loading
You can verify the integrity of an image before loading it.
Note The copy command can be used for both the system and kickstart images.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
SUMMARY STEPS
1. copy source path and file system:running-config
2. show version image [bootflash: | modflash: |volatile:]
DETAILED STEPS
This example shows how to copy the source file to the running configuration:
vsg# copy tftp://10.10.1.1/home/configs/vsg1-run.cfg system:running-config
This example shows how to validate the specified image:
vsg# show version image bootflash:nexus-1000v-mz.VSG1.0.401.bin
image name: nexus-1000v-mz.VSG1.0.401.bin
bios: version unavailable
system: version 4.2(1)VSG1(1) [build 4.2(1)VSG1(0.401)]
compiled: 12/9/2010 2:00:00 [12/09/2010 15:20:50]
vsg#
Reverting to a Previous Configuration
You can recover your configuration from a previously saved version.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in any command mode.
Note Each time that you enter the copy running-config startup-config command, a binary file is created and the ASCII file is updated. A valid binary configuration file reduces the overall boot time significantly. A binary file cannot be uploaded, but its contents can be used to overwrite the existing startup configuration. Enter the write erase command to clear the binary file.
SUMMARY STEPS
1. copy running-config bootflash: {filename}
2. copy bootflash: {filename} startup-configure
DETAILED STEPS
This example shows how to revert to a snapshot copy of a previously saved running configuration:
vsg# copy running-config bootflash:January03-Running
This example shows how to revert to a configuration copy that was previously saved in the bootflash: directory:
vsg# copy bootflash:my-configure startup-configure
Displaying Files
This section describes how to display information about files and includes the following topics:
•Displaying Directory Contents
•Displaying the Last Lines in a File
Displaying File Contents
You can display the contents of a specified file.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
SUMMARY STEPS
1. show file [bootflash: | debug: | volatile:] filename
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show file [bootflash: | debug: | volatile:] filename
Example: vsg# show file bootflash:sample_file.txt |
Displays the contents of the specified file. |
This example shows how to displays the contents of the specified file:
vsg# show file bootflash:sample_file.txt
security-profile sp1
policy p1
rule r1
action 10 permit
policy p1
rule r1 order 10
vsg#
Displaying Directory Contents
You can display the contents of a directory or file system.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
SUMMARY STEPS
1. pwd
2. dir
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
pwd
Example: vsg# pwd |
Displays the current working directory. |
Step 2 |
dir
Example: vsg# dir |
Displays the contents of the directory. |
This example shows how to display your current working directory:
vsg# pwd
bootflash:
This example shows how to display the contents of a directory:
vsg# dir
Usage for volatile://
0 bytes used
20971520 bytes free
20971520 bytes total
vsg#
Displaying File Checksums
You can display checksums for checking file integrity.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
SUMMARY STEPS
1. show file filename [cksum | md5sum]
DETAILED STEPS
This example shows how to provide the checksum or MD5 checksum of the file for comparison with the original file.
vsg# show file bootflash:sample_file.txt cksum
750206909
vsg#
This example shows how to provide the MD5 checksum of the file:
vsg# show file bootflash:sample_file.txt md5sum
aa163ec1769b9156614c643c926023cf
vsg#
Displaying the Last Lines in a File
You can display the last lines of a specified file.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
SUMMARY STEPS
1. tail {path}[filename] {number-of-lines}
DETAILED STEPS
This example shows how to display the requested number of lines from the end of a specified file:
vsg# tail bootflash:errorsfile 5
(20) Event:E_DEBUG, length:34, at 171590 usecs after Tue Jul 1 09:29:05 2008
[102] main(326): stateless restart
vsg#
Displaying the Current User Access
You can display all users currently accessing the Cisco VSG.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI in EXEC mode.
SUMMARY STEPS
1. show users
DETAILED STEPS
|
|
|
---|---|---|
Step 1 |
show users
Example: vsg# show users |
Displays a list of users who are currently accessing the Cisco VSG. |
This example shows how to display a list of users who are currently accessing the Cisco VSG:
vsg# show users
NAME LINE TIME IDLE PID COMMENT
admin pts/0 Jul 1 04:40 03:29 2915 (::ffff:64.103.145.136)
admin pts/2 Jul 1 10:06 03:37 6413 (::ffff:64.103.145.136)
admin pts/3 Jul 1 13:49 . 8835 (171.71.55.196)*
vsg#
Sending a Message to Users
You can send a message to all active users currently using the Cisco VSG.
BEFORE YOU BEGIN
Before using this command, you must know or do the following:
•You are logged in to the CLI.
SUMMARY STEPS
1. send {session device} line
DETAILED STEPS
This example shows how to send a message to all users:
vsg# send Hello. Shutting down the system in 10 minutes.
Broadcast Message from admin@vsg (/dev/pts/34) at 8:58 ...
Hello. Shutting down the system in 10 minutes.
vsg#