Cisco Virtual Security Gateway System Management


This chapter describes how to manage the Cisco Virtual Security Gateway (VSG).

This chapter includes the following sections:

Information About VSG System Management

Changing the Cisco VSG Instance Name

Configuring a Message of the Day

Verifying the Cisco VSG Configuration

Saving a Configuration

Erasing a Configuration

Displaying a Cisco VSG Instance

Information About VSG System Management

The Cisco Virtual Security Gateway (VSG) enables you to use command-line interface (CLI) configuration commands to do standard system management functions such as the following:

Changing the hostname

Configuring messages of the day

Displaying, saving, and erasing configuration files

Providing a single interface to all file systems including:

Flash memory

FTP and TFTP

Running configuration

Any other endpoint for reading and writing data

Identifying users connected to the Cisco VSG

Sending messages to single users or all users

Changing the Cisco VSG Instance Name

You can change the Cisco VSG instance name or prompt. If you have multiple instances of Cisco VSGs, you can use this procedure to uniquely identify each Cisco VSG.

BEFORE YOU BEGIN

Before beginning this procedure, you must know or do the following:

You are logged in to the CLI in global configuration mode.

SUMMARY STEPS

1. configure

2. hostname

DETAILED STEPS

 
Command
Purpose

Step 1 

configure

Example:

vsg# configure

Places you in global configuration mode.

Step 2 

hostname host-name

Example:

vsg(config)# hostname vsg100

Changes the host prompt. The host-name argument can have a maximum of 32 alphanumeric characters.

This example shows how to change the hostname (name of the Cisco VSG):

vsg# configure

vsg(config)# hostname metro

vsg(config)# exit

metro#

Configuring a Message of the Day

You can configure a message of the day (MOTD) to display at the login prompt.

The banner message can be up to 40 lines with up to 80 characters per line.

Use the following guidelines when choosing your delimiting character:

Do not use the delimiting-character in the message string.

Do not use " and % as delimiters.

The following tokens can be used in the the message of the day:

$(hostname) displays the hostname for the switch.

$(line) displays the vty or tty line or name.

BEFORE YOU BEGIN

Before beginning this procedure, you must know or do the following:

You are logged in to the CLI in configuration mode.

SUMMARY STEPS

1. configure

2. banner motd

3. show banner motd

DETAILED STEPS

 
Command
Purpose

Step 1 

configure

Example:

vsg# configure

Places you in global configuration mode.

Step 2 

banner motd [delimiting-character message delimiting-character]

Example:

vsg(config)# banner motd #Hello#

Configures an MOTD with the following limits:

Up to 40 lines

Up to 80 characters per line

Enclosed in a delimiting character, such as #

Can span multiple lines

Can use tokens

Step 3 

show banner motd

Example:

vsg(config)# show banner motd

Displays the configured banner message.

This example shows how to configure an MOTD:

vsg# configure
vsg(config)# banner motd #December 12, 2010 Welcome to the VSG#
vsg(config)# show banner motd
December 12, 2010 Welcome to the VSG
vsg(config)#

Verifying the Cisco VSG Configuration

This section includes the following topics on verifying the Cisco VSG configuration:

Verifying the Software and Hardware Versions

Verifying the Running Configuration

Comparing the Startup and Running Configurations

Displaying Interface Configurations

Verifying the Software and Hardware Versions

You can view the versions of software and hardware on your system.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show version

DETAILED STEPS

 
Command
Description

Step 1 

show version

Example:

vsg# show version

Displays the versions of system software and hardware that are currently running on the Cisco VSG.

This example shows how to display and verify the system software and hardware version information for the Cisco VSG:

 
   
vsg# show version
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2011, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained herein are owned by
other third parties and are used and distributed under license.
Some parts of this software are covered under the GNU Public
License. A copy of the license is available at
http://www.gnu.org/licenses/gpl.html.
 
   
Software
  loader:    version unavailable [last: image booted through mgmt0]
  kickstart: version 4.2(1)VSG1(2) [build 4.2(1)VSG1(2.398)]
  system:    version 4.2(1)VSG1(2) [build 4.2(1)VSG1(2.398)] 
  kickstart image file is: [not present on supervisor]
 
   
  kickstart compile time:  07/12/2011 17:00:00
  system image file is:    bootflash:/nexus-1000v-mz.VSG1.0.398.bin
  system compile time:     07/17/2011 17:00:00 [07/17/2011 13:03:38]
 
   
Hardware
  cisco Nexus 1000VF Chassis ("Nexus VSN Virtual Firewall")
  Intel(R) Xeon(R) CPU         with 1944668 kB of memory.
  Processor Board ID T5056BB0072
 
   
  Device name: vsg
  bootflash:    2059572 kB
 
   
Kernel uptime is 1 day(s), 5 hour(s), 47 minute(s), 4 second(s)
 
   
plugin
  Core Plugin, Virtualization Plugin, Ethernet Plugin

Verifying the Running Configuration

You can view the configuration currently running on the system.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show running-config

DETAILED STEPS

 
Command
Description

Step 1 

show running-config

Example:

vsg# show running-config

Displays the versions of system software and hardware that are currently running on the Cisco VSG.

This example shows how to display the versions of system software and hardware running on the Cisco VSG:

vsg# show running-config
 
   
!Command: show running-config
!Time: Sun Jul 17 17:42:59 2011
 
   
version 4.2(1)VSG1(2)
no feature telnet
no feature http-server
 
   
username admin password 5 $1$RU5OIPU7$SYvoK9S5rOMRE9WBWZLsA.  role network-admin
 
   
banner motd #Nexus VSN#
 
   
ssh key rsa 2048
ip domain-lookup
ip domain-lookup
hostname vsg
snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 
0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
 
   
vrf context management
  ip route 0.0.0.0/0 10.193.72.1
vlan 1
port-channel load-balance ethernet source-mac
port-profile default max-ports 32
 
   
vdc vsg id 1
  limit-resource vlan minimum 16 maximum 2049
  limit-resource monitor-session minimum 0 maximum 2
  limit-resource vrf minimum 16 maximum 8192
  limit-resource port-channel minimum 0 maximum 768
  limit-resource u4route-mem minimum 32 maximum 32
  limit-resource u6route-mem minimum 16 maximum 16
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8
 
   
interface mgmt0
  ip address 10.193.73.118/21
 
   
interface data0
  ip address 118.1.1.1/8
line console
boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG1.0.1.bin sup-1
boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-1
boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG1.0.1.bin sup-2
boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-2
  ha-pair id 23
 
   
security-profile sp1
  policy p1
rule r1
  action 10 permit
policy p1
  rule r1 order 10
vnm-policy-agent
  policy-agent-image
  registration-ip 0.0.0.0
  shared-secret **********
  log-level info
 
   
vsg#

Comparing the Startup and Running Configurations

You can view the differences between the startup configuration and running configuration.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show running-config diff

DETAILED STEPS

 
Command
Description

Step 1 

show running-config diff

Example:

vsg# show running-config diff

Displays the difference between the startup configuration and the running configuration.

This example shows how to display the difference between the startup configuration and the running configuration:

 
   
vsg# show running-config diff
*** Startup-config
--- Running-config
***************
*** 14,34 ****
  banner motd #Nexus VSG#
 
   
  ssh key rsa 2048
  ip domain-lookup
  ip domain-lookup
! switchname G-VSG-116-1
  snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 
0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
  snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed 
priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey
 
   
  vrf context management
    ip route 0.0.0.0/0 10.193.72.1
  vlan 1
  port-channel load-balance ethernet source-mac
  port-profile default max-ports 32
 
   
! vdc G-VSG-116-1 id 1
    limit-resource vlan minimum 16 maximum 2049
    limit-resource monitor-session minimum 0 maximum 2
    limit-resource vrf minimum 16 maximum 8192
    limit-resource port-channel minimum 0 maximum 768
    limit-resource u4route-mem minimum 32 maximum 32
--- 13,33 ----
  banner motd #Nexus VSG#
 
   
  ssh key rsa 2048
  ip domain-lookup
  ip domain-lookup
! hostname vsg
  snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 
0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
  snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed 
priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey
 
   
  vrf context management
    ip route 0.0.0.0/0 10.193.72.1
  vlan 1
  port-channel load-balance ethernet source-mac
  port-profile default max-ports 32
 
   
! vdc vsg id 1
    limit-resource vlan minimum 16 maximum 2049
    limit-resource monitor-session minimum 0 maximum 2
    limit-resource vrf minimum 16 maximum 8192
    limit-resource port-channel minimum 0 maximum 768
    limit-resource u4route-mem minimum 32 maximum 32
vsg#

Displaying Interface Configurations

This section includes the following procedures:

Displaying a Brief View of a Specific Interface Configuration

Displaying a Detailed View of a Specific Interface Configuration

Displaying a Brief View of All Interfaces

Verifying the Running Configuration for All Interfaces

Displaying a Brief View of a Specific Interface Configuration

You can display a brief view of a specific interface configuration.

BEFORE YOU BEGIN

Before using this procedure, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show interface brief

DETAILED STEPS

 
Command
Description

Step 1 

show interface {type} {name} brief

Example:

vsg# show interface brief

Displays a brief view of a specific interface configuration.

This example shows how to display a brief view of a specific interface configuration:

vsg# show interface brief
 
   
--------------------------------------------------------------------------------
Port     VRF          Status IP Address                            Speed    MTU
--------------------------------------------------------------------------------
mgmt0    --           up     10.193.73.10                          1000     1500
 
   
--------------------------------------------------------------------------------
Port     VRF          Status IP Address                            Speed    MTU
--------------------------------------------------------------------------------
data0    --           up     10.10.10.10                           1000     1500
vsg#
---------------------------------------------------------------------------------

Displaying a Detailed View of a Specific Interface Configuration

You can display a detailed view of a specific interface configuration.

BEFORE YOU BEGIN

Before using the command in this section, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show interface

DETAILED STEPS

 
Command
Description

Step 1 

show interface {type} {name}

Example:

vsg# show interface mgmt 0

Displays a detailed version of a specific interface connection.

This example shows how to display a detailed version of a specific interface connection:

vsg# show interface mgmt 0
mgmt0 is up
  Hardware: Ethernet, address: 0050.5689.3321 (bia 0050.5689.3321)
  Internet Address is 172.23.232.141/24
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA
  full-duplex, 1000 Mb/s
  Auto-Negotiation is turned on
    4961 packets input, 511995 bytes
    0 multicast frames, 0 compressed
    0 input errors, 0 frame, 0 overrun, 0 fifo
    245 packets output, 35853 bytes
    0 underrun, 0 output errors, 0 collisions
    0 fifo, 0 carrier errors
vsg# 

Displaying a Brief View of All Interfaces

You can display a brief view of all interfaces.

BEFORE YOU BEGIN

Before using this procedure, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show interface brief

DETAILED STEPS

 
Command
Description

Step 1 

show interface brief

Example:

vsg# show interface brief

Displays a brief view of all interfaces.

This example shows how to display a brief view of all the interfaces on the Cisco VSG:

vsg# show interface brief
 
   
--------------------------------------------------------------------------------
Port     VRF          Status IP Address                     Speed    MTU
--------------------------------------------------------------------------------
mgmt0     --           up     10.23.232.141                 1000     1500
--------------------------------------------------------------------------------
Ethernet      VLAN   Type Mode   Status  Reason                   Speed     Port
Interface                                                                   Ch #
--------------------------------------------------------------------------------
Eth3/2        1      eth  trunk  up      none                       1000(D) --
Eth3/3        262    eth  access up      none                     1000(D) --
--------------------------------------------------------------------------------
Interface     VLAN   Type Mode   Status  Reason                   MTU
--------------------------------------------------------------------------------
Veth81        630    virt access up      none                     1500 
Veth82        630    virt access up      none                     1500 
Veth224       631    virt access up      none                     1500 
Veth225       1      virt access nonPcpt nonParticipating         1500 
vsg# 

Verifying the Running Configuration for All Interfaces

You can verify the running configuration for all interfaces.


Note The output for the show running-config interface command differs from that of the show interface command.


BEFORE YOU BEGIN

Before using this procedure, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show running-config interface

DETAILED STEPS

 
Command
Description

Step 1 

show running-config interface

Example:

vsg# show running-config interface

Displays the running configuration for all interfaces on your system.

This example shows how to display the running configuration for all the interfaces on the Cisco VSG:

vsg# show running-config interface
 
   
!Command: show running-config interface
!Time: Sun Jul 17 16:29:08 2011
 
   
version 4.2(1)VSG1(2)
 
   
interface mgmt0
  ip address 10.193.73.10/16
 
   
interface data0
  ip address 10.10.10.10/24
 
   
vsg#

Saving a Configuration

You can save the running configuration to the startup configuration, so that your changes are retained in the startup configuration file the next time you start up the Cisco VSG.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. copy running-config startup-config

DETAILED STEPS

 
Command
Description

Step 1 

copy running-config startup-configure

Example:

vsg# copy running-config startup-configure

Saves the running configuration to the startup configuration.

This example shows how to save the running configuration to your startup configuration:

vsg(config)# copy running-config startup-config
[########################################] 100%
vsg(config)#

Erasing a Configuration

You can erase a startup configuration.


Caution The write erase command erases the entire startup configuration with the exception of loader functions.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

The following parameters are used with this command:

boot—Erases the boot variables and the mgmt0 IP configuration.

debug—Erases the debug configuration.

SUMMARY STEPS

1. write erase [boot | debug]

DETAILED STEPS

 
Command
Description

Step 1 

write erase [boot | debug]

Example:

vsg# write erase debug

Erases the existing startup configuration and reverts all settings to their factory defaults.

The running configuration is not affected.

This example shows how to erase a debug startup configuration:

vsg(config)# write erase debug
Warning: This command will erase the startup-configuration.
Do you wish to proceed anyway? (y/n)  [y]
[########################################] 100%
vsg(config)#

Displaying a Cisco VSG Instance

You can display a Cisco VSG instance.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

SUMMARY STEPS

1. show vsg

DETAILED STEPS

 
Command
Description

Step 1 

show vsg

Example:

vsg# show vsg

Displays the particulars of the Cisco VSG—including the model, the high availability (HA) ID, the Cisco VSG software version and build, and the Cisco Virtual Network Management Center (VNMC) IP address.

The running configuration is not affected.

This example shows how to display the Cisco VSG model, HA ID, software version and build, and the Cisco VNMC IP address:

vsg# show vsg
Model: VSG
HA ID: 10
VSG Software Version: 4.2(1)VSG1(1) build [4.2(1)VSG1(0.396)]
VNMC IP: 10.193.20.12
vsg#

Navigating the File System

This section describes how to navigate the file system.

This section includes the following topics:

Specifying File Systems

Identifying Your Current Working Directory

Changing Your Directory

Listing the Files in a File System

Identifying Available File Systems for Copying Files

Using Tab Completion

Specifying File Systems

The syntax for specifying a file system is <file system name>:[//server/]. Table 4-1 describes the file system syntax.

Table 4-1 File System Syntax Components 

File System Name
Server
Description

bootflash:

sup-active
sup-local
sup-1
module-1

Internal memory located on the active supervisor used for storing system images, configuration files, and other miscellaneous files. The CLI defaults to the bootflash: file system.

sup-standby
sup-remote
sup-2
module-2

Internal memory located on the standby supervisor used for storing system images, configuration files, and other miscellaneous files.

volatile:

Volatile random-access memory (VRAM) located on a supervisor module used for temporary or pending changes.


Identifying Your Current Working Directory

You can display the directory name of your current location in the CLI.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

SUMMARY STEPS

1. pwd

DETAILED STEPS

 
Command
Purpose

Step 1 

pwd

Example:

vsg# pwd

Displays the directory name of your current location in the CLI.

This example shows how to display the directory name of your current location in the Cisco VSG CLI:

vsg# pwd
bootflash:

Changing Your Directory

You can change directories in the CLI.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

The Cisco VSG CLI defaults to the bootflash: file system.


Note Any file saved in the volatile: file system is erased when the Cisco VSG reboots.


SUMMARY STEPS

1. pwd

2. cd directory_name

DETAILED STEPS

 
Command
Purpose

Step 1 

pwd

Example:

vsg# pwd

Displays the directory name of your current CLI location.

Step 2 

cd directory_name

Example:

vsg# cd bootflash:

Changes your CLI location to the specified directory.

This example shows how to display the directory name of the current Cisco VSG CLI location and how to change the CLI location to the specified directory:

vsg# pwd
bootflash:
vsg# cd volatile:
vsg# pwd
volatile:
vsg#

Listing the Files in a File System

You can display the contents of a directory or file.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. dir [directory | filename]

DETAILED STEPS

 
Command
Purpose

Step 1 

dir [directory | filename]
 
        

Example:

vsg# dir TenantA/

Displays the contents of a directory or file. Ending an argument with a slash indicates a directory and displays the contents of that directory.

This example shows how to display the contents of a directory:

vsg# dir lost+found/
      49241     Jul 01 09:30:00 2008  diagclient_log.2613
      12861     Jul 01 09:29:34 2008  diagmgr_log.2580
         31     Jul 01 09:28:47 2008  dmesg
       1811     Jul 01 09:28:58 2008  example_test.2633
         89     Jul 01 09:28:58 2008  libdiag.2633
      42136     Jul 01 16:34:34 2008  messages
         65     Jul 01 09:29:00 2008  otm.log
        741     Jul 01 09:29:07 2008  sal.log
         87     Jul 01 09:28:50 2008  startupdebug
 
   
Usage for log://sup-local
   51408896 bytes used
  158306304 bytes free
  209715200 bytes total
vsg#

Identifying Available File Systems for Copying Files

You can identify the file systems that you can copy to or from.

BEFORE YOU BEGIN

Before using this procedure, you must know or do the following:

You are logged in to the CLI in EXEC mode.

SUMMARY STEPS

1. copy ?

2. copy filename ?

DETAILED STEPS

 
Command
Purpose

Step 1 

copy ?

Example:

vsg# copy ?

Displays the source file systems available to the copy command.

Step 2 

copy filename ?

Example:

vsg# copy filename ?

Displays the destination file systems available to the copy command for a specific file.

This example shows how to display the source file systems available to the copy command:

vsg# copy ?
bootflash: Select source filesystem
core: Select source filesystem
debug: Select source filesystem
ftp: Select source filesystem
licenses Backup license files
log: Select source filesystem
nvram: Select source filesystem
running-config Copy running configuration to destination
scp: Select source filesystem
sftp: Select source filesystem
startup-config Copy startup configuration to destination
system: Select source filesystem
tftp: Select source filesystem
volatile: Select source filesystem
 
   

This example shows how to display the destination file systems available to the copy command for the specific file named:

vsg# copy filename ?
  bootflash:      Select destination filesystem
  debug:          Select destination filesystem
  ftp:            Select destination filesystem
  log:            Select destination filesystem
  modflash:       Select destination filesystem
  nvram:          Select destination filesystem
  running-config  Copy from source to running configuration
  scp:            Select destination filesystem
  sftp:           Select destination filesystem
  startup-config  Copy from source to startup configuration
  system:         Select destination filesystem
  tftp:           Select destination filesystem
  volatile:       Select destination filesystem

Using Tab Completion

You can have the CLI complete a partial filename in a command.

BEFORE YOU BEGIN

Before using this procedure, you must know or do the following:

You are logged in to the CLI in EXEC mode.

SUMMARY STEPS

1. show file filesystem name: partial filename <Tab>

2. show file bootflash:c <Tab>

DETAILED STEPS

 
Command
Purpose

Step 1 

show file filesystem name: partial filename <Tab>

Example:

vsg# show file bootflash:sanfrancisc

Completes the filename when Tab is pressed, if the characters you typed are unique to a single file.

If not, the CLI lists a selection of filenames that match the characters you typed.

You can then retype enough characters to make the filename unique. The CLI completes the filename for you.

Step 2 

show file bootflash:c <Tab>
 
        

Example:

vsg# show file bootflash:c

Completes the filename for you.

This example shows how to display a selection of available files when you press Tab after you have typed enough characters that are unique to a file or set of files:

VSG# show file bootflash:nex<Tab>
bootflash:nexus-1000v-dplug-mzg.VSG1.0.1.bin
bootflash:nexus-1000v-kickstart-mzg.VSG1.0.1.bin
bootflash:nexus-1000v-mzg.VSG1.0.1.bin
bootflash:nexus-1000v-mzg.VSG1.0.2.bin
 
   

This example shows how to complete a command by pressing the Tab key when you have already entered the first unique characters of a command:

vsg# show file bootflash:c<Tab> 
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDSq93BrlHcg3bX1jXDMY5c9+yZSST3VhuQBqogvCPDGeLecA+j
...
...
vsg#

Copying and Backing Up Files

You can copy a file, such as a configuration file, to save it or reuse it at another location. If your internal file systems are corrupted, you could potentially lose your configuration. Save and back up your configuration files periodically. Also, before installing or migrating to a new software configuration, back up the existing configuration files.

BEFORE YOU BEGIN

Before beginning this procedure, you must know or do the following:

You are logged in to the CLI in any command mode.

If you are copying to a remote location, make sure that your device has a route to the destination. Your device and the remote destination must be in the same subnetwork if you do not have a router or default gateway to route traffic between subnets.

Usie the ping command to make sure that your device has connectivity to the destination.

Make sure that the source configuration file is in the correct directory on the remote server.

Make sure that the permissions on the source file are set correctly. Permissions on the file should be set to world-read.


Note Use the dir command to ensure that enough space is available in the destination file system. If enough space is not available, use the delete command to remove unneeded files.


SUMMARY STEPS

1. copy [source filesystem:] filename [destination filesystem:] filename

DETAILED STEPS

 
Command
Purpose

Step 1 

copy [source filesystem:] filename 
[destination filesystem:] filename
 
        

Example:

vsg# copy system:running-config tftp://10.10.1.1./home/configs/vsg2.cfg

Copies a file from the specified source location to the specified destination location.

This example shows how to copy a file from a specified source location and move it to a specified destination location:

vsg# copy system:running-config tftp://10.10.1.1/home/configs/vsg3-run.cfg
Enter vrf (If no input, current vrf 'default' is considered):
Trying to connect to tftp server......
Connection to Server Established.
TFTP put operation succesful
vsg#

Creating a Directory

You can create a directory at the current directory level or at a specified directory level.

BEFORE YOU BEGIN

Before beginning this procedure, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. mkdir {bootflash: | debug: | volatile:} directory-name

DETAILED STEPS

 
Command
Purpose

Step 1 

mkdir {bootflash: | debug: | 
volatile:} directory-name
 
        

Example:

vsg# mkdir bootflash:new-directory

Creates a directory at the current directory level.

This example shows how to create a directory called test in the bootflash: directory:

vsg# mkdir bootflash:test

vsg#
 
   

This example shows how to create a directory called test at the current directory level:

vsg# mkdir test
vsg#

Removing an Existing Directory

You can remove an existing directory from the flash file system.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

This command is only valid on flash file systems.

Before you can remove it, the directory must be empty.

SUMMARY STEPS

1. rmdir {bootflash: | debug: | volatile:} directory

DETAILED STEPS

 
Command
Purpose

Step 1 

rmdir {bootflash: | debug: | volatile:} directory

Example:

vsg# rmdir bootflash:new-directory

Removes a directory as long as the directory is empty.

This example shows how to remove the directory called test in the bootflash: directory:

vsg# rmdir bootflash:test
vsg#
 
   

This example shows how to remove the directory called test at the current directory level:

vsg# rmdir test
vsg#

Moving Files

You can move a file from one location to another location.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

The copy does not complete if there is not enough space in the destination directory.


Caution If a file with the same name already exists in the destination directory, that file is overwritten by the file that you move.

SUMMARY STEPS

1. move {source path and filename} {destination path and filename}

DETAILED STEPS

 
Command
Purpose

Step 1 

move {source path and filename} {destination path and filename}

 
        

Example:

vsg# move bootflash:file1 bootflash:mystuff/file1

Moves a directory.

This example shows how to move a file from one directory to another in the same file system:

vsg# move bootflash:samplefile bootflash:mystorage/samplefile
 
   

This example shows how to move a file from one directory to another in the current file system:

vsg# move samplefile mystorage/samplefile

Deleting Files or Directories

You can delete files or directories on a Flash memory device.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

If you try to delete the configuration file or image specified by the CONFIG_FILE or BOOTLDR environment variable, the system prompts you to confirm the deletion.

If you try to delete the last valid system image specified in the BOOT environment variable, the system prompts you to confirm the deletion.

SUMMARY STEPS

1. delete [bootflash: | debug: | log: | volatile:] filename or directory name

DETAILED STEPS

 
Command
Purpose

Step 1 

delete [bootflash: | debug: | log: | volatile:] filename or directory name

Example:

vsg# delete log:test-log

Deletes a specified file or directory and everything in the directory.

This example shows how to delete the named file from the current working directory:

vsg# delete bootflash:dns_config.cfg
 
   

This example shows how to delete the named directory and its contents:

vsg# delete log:my-log

Compressing Files

You can compress (zip) a specified file using LZ77 coding.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

SUMMARY STEPS

1. show command > [path] filename

2. dir

3. gzip [path] filename

DETAILED STEPS

 
Command
Purpose

Step 1 

show command > [path] filename

Example:

vsg# show pwd > pwdfile

Directs show command output to a file.

Step 2 

dir

Example:

vsg# dir

Displays the contents of the current directory, including the new file created in the first step.

Step 3 

gzip [path] filename

Example:

vsg# gzip bootflash:errorsfile

Compresses the specified file.

This example shows how to display and then compress a specified file:

vsg# show system internal sysmgr event-history errors > errorsfile
vsg# dir
    1480264     Nov 03 08:38:21 2001  1
      77824     Dec 08 11:17:45 2001  accounting.log
       4096     Nov 30 14:35:15 2001  core/
       3220     Dec 09 16:33:05 2001  errorsfile
         4096     Nov 30 14:35:15 2001  log/
      16384     Nov 03 08:32:09 2001  lost+found/
       7456     Dec 08 11:17:41 2001  mts.log
    1480264     Nov 03 08:33:27 2001  nexus-1000v-dplug-mzg.VSG1.0.1.bin
   20126720     Nov 03 08:33:27 2001  nexus-1000v-kickstart-mzg.VSG1.0.1.bin
   45985810     Dec 01 14:30:00 2001  nexus-1000v-mzg.VSG1.0.1.bin
   46095447     Dec 07 11:32:00 2001  nexus-1000v-mzg.VSG1.0.396.bin
       1714     Dec 08 11:17:33 2001  system.cfg.new
       4096     Nov 03 08:33:54 2001  vdc_2/
       4096     Nov 03 08:33:54 2001  vdc_3/
       4096     Nov 03 08:33:54 2001  vdc_4/
 
   
Usage for bootflash://
  631246848 bytes used
5772722176 bytes free
6403969024 bytes total
 
   

This example shows how to compress the specified file:

vsg# gzip bootflash:errorsfile
vsg# dir
    1480264     Nov 03 08:38:21 2001  1
      77824     Dec 08 11:17:45 2001  accounting.log
       4096     Nov 30 14:35:15 2001  core/
        861     Dec 09 16:33:05 2001  errorsfile.gz
         4096     Nov 30 14:35:15 2001  log/
      16384     Nov 03 08:32:09 2001  lost+found/
       7456     Dec 08 11:17:41 2001  mts.log
    1480264     Nov 03 08:33:27 2001  nexus-1000v-dplug-mzg.VSG1.0.1.bin
   20126720     Nov 03 08:33:27 2001  nexus-1000v-kickstart-mzg.VSG1.0.1.bin
   45985810     Dec 01 14:30:00 2001  nexus-1000v-mzg.VSG1.0.1.bin
   46095447     Dec 07 11:32:00 2001  nexus-1000v-mzg.VSG1.0.396.bin
       1714     Dec 08 11:17:33 2001  system.cfg.new
       4096     Nov 03 08:33:54 2001  vdc_2/
       4096     Nov 03 08:33:54 2001  vdc_3/
       4096     Nov 03 08:33:54 2001  vdc_4/
 
   
Usage for bootflash://
  631246848 bytes used
5772722176 bytes free
6403969024 bytes total
vsg#

Uncompressing Files

You can uncompress (unzip) a specified file that is compressed using LZ77 coding.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

SUMMARY STEPS

1. gunzip [path] filename

2. dir

DETAILED STEPS

 
Command
Purpose

Step 1 

gunzip [path] filename

Example:

vsg# gunzip bootflash:errorsfile.gz

Uncompresses the specified file.

Step 2 

dir

Example:

vsg# dir

Displays the contents of a directory, including the newly uncompressed file.

This example shows how to uncompress a specified file:

vsg# gunzip bootflash:errorsfile.gz
vsg# dir bootflash:
    1480264     Nov 03 08:38:21 2001  1
      77824     Dec 08 11:17:45 2001  accounting.log
       4096     Nov 30 14:35:15 2001  core/
       3220     Dec 09 16:33:05 2001  errorsfile
       4096     Nov 30 14:35:15 2001  log/
      16384     Nov 03 08:32:09 2001  lost+found/
       7456     Dec 08 11:17:41 2001  mts.log
    1480264     Nov 03 08:33:27 2001  nexus-1000v-dplug-mzg.VSG1.0.1.bin
   20126720     Nov 03 08:33:27 2001  nexus-1000v-kickstart-mzg.VSG1.0.1.bin
   45985810     Dec 01 14:30:00 2001  nexus-1000v-mzg.VSG1.0.1.bin
   46095447     Dec 07 11:32:00 2001  nexus-1000v-mzg.VSG1.0.396.bin
       1714     Dec 08 11:17:33 2001  system.cfg.new
       4096     Nov 03 08:33:54 2001  vdc_2/
       4096     Nov 03 08:33:54 2001  vdc_3/
       4096     Nov 03 08:33:54 2001  vdc_4/
 
   
Usage for bootflash://sup-local
  631246848 bytes used
5772722176 bytes free
6403969024 bytes total

Directing Command Output to a File

You can direct command output to a file.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. show running-config > [path | filename]

DETAILED STEPS

 
Command
Purpose

Step 1 

show running-config > [path | filename]

Example:

vsg# show running-config > bootflash:vsg1-run.cfg

Directs the output of the command to a path and file name.

This example shows how to direct the output of the command to the file vsg1-run.cfg in the volatile: directory:

vsg# show running-config > volatile:vsg1-run.cfg
 
   

This example shows how to direct the output of the command to the file vsg2-run.cfg in the bootflash: directory:

vsg# show running-config > bootflash:vsg2-run.cfg

Verifying a Configuration File Before Loading

You can verify the integrity of an image before loading it.


Note The copy command can be used for both the system and kickstart images.


BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.

SUMMARY STEPS

1. copy source path and file system:running-config

2. show version image [bootflash: | modflash: |volatile:]

DETAILED STEPS

 
Command
Purpose

Step 1 

copy source path and file system:running-config

Example:

vsg# copy tftp://10.10.1.1./home/configs/vsg1-run.cfg system:running-config

Copies the source file to the running configuration.

Step 2 

show version image [bootflash: | modflash: |volatile:]

Example:

vsg# show version image

Validates the specified image.

This example shows how to copy the source file to the running configuration:

vsg# copy tftp://10.10.1.1/home/configs/vsg1-run.cfg system:running-config
 
   

This example shows how to validate the specified image:

vsg# show version image bootflash:nexus-1000v-mz.VSG1.0.401.bin
  image name: nexus-1000v-mz.VSG1.0.401.bin
  bios:       version unavailable
  system:     version 4.2(1)VSG1(1) [build 4.2(1)VSG1(0.401)]
  compiled:   12/9/2010 2:00:00 [12/09/2010 15:20:50]
vsg#

Reverting to a Previous Configuration

You can recover your configuration from a previously saved version.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in any command mode.


Note Each time that you enter the copy running-config startup-config command, a binary file is created and the ASCII file is updated. A valid binary configuration file reduces the overall boot time significantly. A binary file cannot be uploaded, but its contents can be used to overwrite the existing startup configuration. Enter the write erase command to clear the binary file.


SUMMARY STEPS

1. copy running-config bootflash: {filename}

2. copy bootflash: {filename} startup-configure

DETAILED STEPS

 
Command
Purpose

Step 1 

copy running-config bootflash: {filename}

Example:

vsg# copy running-config bootflash:Jan24-running

Reverts to a snapshot copy of a previously saved running configuration (binary file).

Step 2 

copy bootflash: {filename} startup-configure

Example:

vsg# copy bootflash:my-configure startup-configure

Reverts to a configuration copy that was previously saved in the bootflash: file system (ASCII file).

This example shows how to revert to a snapshot copy of a previously saved running configuration:

vsg# copy running-config bootflash:January03-Running
 
   

This example shows how to revert to a configuration copy that was previously saved in the bootflash: directory:

vsg# copy bootflash:my-configure startup-configure

Displaying Files

This section describes how to display information about files and includes the following topics:

Displaying File Contents

Displaying Directory Contents

Displaying File Checksums

Displaying the Last Lines in a File

Displaying File Contents

You can display the contents of a specified file.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in EXEC mode.

SUMMARY STEPS

1. show file [bootflash: | debug: | volatile:] filename

DETAILED STEPS

 
Command
Purpose

Step 1 

show file [bootflash: | debug: | volatile:] filename

Example:

vsg# show file bootflash:sample_file.txt

Displays the contents of the specified file.

This example shows how to displays the contents of the specified file:

vsg# show file bootflash:sample_file.txt
security-profile sp1
  policy p1
rule r1
  action 10 permit
policy p1
  rule r1 order 10
 
   
vsg#

Displaying Directory Contents

You can display the contents of a directory or file system.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in EXEC mode.

SUMMARY STEPS

1. pwd

2. dir

DETAILED STEPS

 
Command
Purpose

Step 1 

pwd

Example:

vsg# pwd

Displays the current working directory.

Step 2 

dir

Example:

vsg# dir

Displays the contents of the directory.

This example shows how to display your current working directory:

vsg# pwd
bootflash:
 
   

This example shows how to display the contents of a directory:

vsg# dir
Usage for volatile://
          0 bytes used
   20971520 bytes free
   20971520 bytes total
vsg#

Displaying File Checksums

You can display checksums for checking file integrity.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in EXEC mode.

SUMMARY STEPS

1. show file filename [cksum | md5sum]

DETAILED STEPS

 
Command
Purpose

Step 1 

show file filename [cksum | md5sum]

Example:

vsg# show file bootflash:sample_file.txt chksum

Provides the checksum or Message-Digest Algorithm 5 (MD5) checksum of the file for comparison with the original file. MD5 is an electronic fingerprint for the file

This example shows how to provide the checksum or MD5 checksum of the file for comparison with the original file.

vsg# show file bootflash:sample_file.txt cksum
750206909
vsg#
 
   

This example shows how to provide the MD5 checksum of the file:

vsg# show file bootflash:sample_file.txt md5sum
aa163ec1769b9156614c643c926023cf
vsg#

Displaying the Last Lines in a File

You can display the last lines of a specified file.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in EXEC mode.

SUMMARY STEPS

1. tail {path}[filename] {number-of-lines}

DETAILED STEPS

 
Command
Purpose

Step 1 

tail {path}[filename] {number-of-lines}

Example:

vsg# tail bootflash:errorsfile 5

Displays the requested number of lines from the end of the specified file.

The range for the number-of-lines argument is from 0 to 80.

This example shows how to display the requested number of lines from the end of a specified file:

vsg# tail bootflash:errorsfile 5
(20) Event:E_DEBUG, length:34, at 171590 usecs after Tue Jul  1 09:29:05 2008
    [102] main(326): stateless restart
vsg#

Displaying the Current User Access

You can display all users currently accessing the Cisco VSG.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI in EXEC mode.

SUMMARY STEPS

1. show users

DETAILED STEPS

 
Command
Description

Step 1 

show users

Example:

vsg# show users

Displays a list of users who are currently accessing the Cisco VSG.

This example shows how to display a list of users who are currently accessing the Cisco VSG:

vsg# show users
NAME     LINE         TIME         IDLE          PID COMMENT
admin    pts/0        Jul  1 04:40 03:29        2915 (::ffff:64.103.145.136)
admin    pts/2        Jul  1 10:06 03:37        6413 (::ffff:64.103.145.136)
admin    pts/3        Jul  1 13:49   .          8835 (171.71.55.196)*
vsg#

Sending a Message to Users

You can send a message to all active users currently using the Cisco VSG.

BEFORE YOU BEGIN

Before using this command, you must know or do the following:

You are logged in to the CLI.

SUMMARY STEPS

1. send {session device} line

DETAILED STEPS

 
Command
Description

Step 1 

send {session device} line

Example:

vsg# send System Shutdown in 10 Minutes

Sends a message to users currently logged in to the system. You can use the following keyword and argument:

session: sends the message to a specified pts/tty device type.

line is a message of up to 80 alphanumeric characters.

This example shows how to send a message to all users:

vsg# send Hello. Shutting down the system in 10 minutes.
Broadcast Message from admin@vsg (/dev/pts/34) at 8:58 ...
Hello. Shutting down the system in 10 minutes.
vsg#