Configuring System Management

This chapter contains the following sections:

Information About Cisco VSG System Management

Cisco Virtual Security Gateway (VSG) enables you to use command-line interface (CLI) configuration commands to do standard system management functions such as the following:

  • Changing the hostname

  • Configuring messages of the day

  • Displaying, saving, and erasing configuration files

  • Providing a single interface to all file systems including:

    • Flash memory

    • FTP and TFTP

    • Running configuration

    • Any other endpoint for reading and writing data

  • Identifying users connected to the Cisco VSG

  • Sending messages to single users or all users

Changing the Cisco VSG Instance Name

You can change the Cisco VSG instance name or prompt. If you have multiple instances of Cisco VSGs, you can use this procedure to uniquely identify each Cisco VSG.

Before You Begin

Before beginning this procedure, log in to the CLI in global configuration mode.

SUMMARY STEPS

    1.    vsg# configure

    2.    vsg(config)# hostname host-name


DETAILED STEPS
     Command or ActionPurpose
    Step 1 vsg# configure
     

    Places you in global configuration mode.

     
    Step 2vsg(config)# hostname host-name
     

    Changes the host prompt. The host-name argument can have a maximum of 32 alphanumeric characters.

     
    This example shows how to change the hostname (name of the Cisco VSG):
    vsg# configure
    vsg(config)# hostname metro
    vsg(config)# exit

    Configuring a Message of the Day

    You can configure a message of the day (MOTD) to display at the login prompt.

    • The banner message can be up to 40 lines with up to 80 characters per line.

    • Use the following guidelines when choosing your delimiting character:

      • Do not use the delimiting character in the message string.

      • Do not use " and % as delimiters.

    • The following tokens can be used in the message of the day:

      • $(hostname) displays the hostname for the switch.

      • $(line) displays the vty or tty line or name.

    Before You Begin

    Before beginning this procedure, log in to the CLI in configuration mode.

    SUMMARY STEPS

      1.    vsg# configure

      2.    vsg(config)# banner motd [delimiting-character message delimiting-character ]

      3.    vsg(config)# show banner motd


    DETAILED STEPS
       Command or ActionPurpose
      Step 1 vsg# configure
       

      Places you in global configuration mode.

       
      Step 2vsg(config)# banner motd [delimiting-character message delimiting-character ]
       
      Configures an MOTD with the following limits:
      • Up to 40 lines

      • Up to 80 characters per line

      • Enclosed in a delimiting character, such as #

      • Can span multiple lines

      • Can use tokens

       
      Step 3vsg(config)# show banner motd
       

      Displays the configured banner message.

       

      This example shows how to configure an MOTD:

      vsg# configure
      vsg(config)# banner motd December 12, 2010 Welcome to the VSG 
      vsg(config)# show banner motd
      December 12, 2010 Welcome to the VSG

      Verifying the Cisco VSG Configuration

      To verify the Cisco VSG configuration, enter the following commands:

      Command Purpose

      vsg# show version

      Displays the versions of system software and hardware that are currently running on Cisco VSG.

      vsg# show running-config

      Displays the versions of system software and hardware that are currently running on Cisco VSG.

      vsg# show running-config diff

      Displays the difference between the startup configuration and the running configuration.

      Example of show version

      vsg# show version
      Cisco Nexus Operating System (NX-OS) Software
      TAC support: http://www.cisco.com/tac
      Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved.
      The copyrights to certain works contained herein are owned by
      other third parties and are used and distributed under license.
      Some parts of this software are covered under the GNU Public
      License. A copy of the license is available at
      http://www.gnu.org/licenses/gpl.html.
      kickstart: version 5.2(1)VSG2(1) [build 5.2(1)VSG2(1.398)]
      system: version 5.2(1)VSG2(1) [build 5.2(1)VSG2(1.398)]
      kickstart image file is: [not present on supervisor]
      kickstart compile time: 07/12/2014 17:00:00
      system image file is: bootflash:/nexus-1000v-mz.VSG2.1.298.bin
      system compile time: 07/17/2014 17:00:00 [07/17/2011 13:03:38]
      Hardware
      cisco Nexus 1000VF Chassis ("Nexus VSN Virtual Firewall")
      Intel(R) Xeon(R) CPU with 1944668 kB of memory.
      Processor Board ID T5056BB0072
      Device name: vsg
      bootflash: 2059572 kB
      Kernel uptime is 1 day(s), 5 hour(s), 47 minute(s), 4 second(s)
      plugin
      Core Plugin, Virtualization Plugin, Ethernet Plugin

      Example of show running-config

      vsg# show running-config
      !Command: show running-config
      !Time: Sun Jul 17 17:42:59 2014
      version 5.2(1)VSG2(1.2)
      no feature telnet
      no feature http-server
      username adminbackup password 5 $1$Oip/C5Ci$oOdx7oJSlBCFpNRmQK4na. role network-operator
      username admin password 5 $1$RU5OIPU7$SYvoK9S5rOMRE9WBWZLsA. role network-admin
      username vsnbetauser password 5 $1$Fg4u8MCf$xr8cSVV1gBb0ATZU8eVbB. role network-admin
      banner motd #Nexus VSN#
      ssh key rsa 2048
      ip domain-lookup
      ip domain-lookup
      hostname vsg
      snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv
      0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
      snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed
      priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey
      vrf context management
      ip route 0.0.0.0/0 10.193.72.1
      vlan 1
      port-channel load-balance ethernet source-mac
      port-profile default max-ports 32
      vdc vsg id 1
      limit-resource vlan minimum 16 maximum 2049
      limit-resource monitor-session minimum 0 maximum 2
      limit-resource vrf minimum 16 maximum 8192
      limit-resource port-channel minimum 0 maximum 768
      limit-resource u4route-mem minimum 32 maximum 32
      limit-resource u6route-mem minimum 16 maximum 16
      limit-resource m4route-mem minimum 58 maximum 58
      limit-resource m6route-mem minimum 8 maximum 8
      interface mgmt0
      ip address 10.193.73.118/21
      interface data0
      ip address 118.1.1.1/8
      line console
      boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG2.1.2.bin sup-1
      boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-1
      boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG2.1.2.bin sup-2
      boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-2
      ha-pair id 23
      security-profile sp1
      policy p1
      rule r1
      action 10 permit
      policy p1
      rule r1 order 10
      nsc-policy-agent
      policy-agent-image
      registration-ip 0.0.0.0
      shared-secret **********
      log-level info

      Example of show running-config diff

      vsg# show running-config diff
      *** Startup-config
      --- Running-config
      ***************
      *** 14,34 ****
      banner motd #Nexus VSG#
      ssh key rsa 2048
      ip domain-lookup
      ip domain-lookup
      ! switchname G-VSG-116-1
      snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv
      0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
      snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed
      priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey
      vrf context management
      ip route 0.0.0.0/0 10.193.72.1
      vlan 1
      port-channel load-balance ethernet source-mac
      port-profile default max-ports 32
      ! vdc G-VSG-116-1 id 1
      limit-resource vlan minimum 16 maximum 2049
      limit-resource monitor-session minimum 0 maximum 2
      limit-resource vrf minimum 16 maximum 8192
      limit-resource port-channel minimum 0 maximum 768
      limit-resource u4route-mem minimum 32 maximum 32
      --- 13,33 ----
      banner motd #Nexus VSG#
      ssh key rsa 2048
      ip domain-lookup
      ip domain-lookup
      ! hostname vsg
      snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv
      0x5ed3cfea7c44550ac3d18475f28b118b localizedkey
      snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed
      priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey
      vrf context management
      ip route 0.0.0.0/0 10.193.72.1
      vlan 1
      port-channel load-balance ethernet source-mac
      port-profile default max-ports 32
      ! vdc vsg id 1
      limit-resource vlan minimum 16 maximum 2049
      limit-resource monitor-session minimum 0 maximum 2
      limit-resource vrf minimum 16 maximum 8192
      limit-resource port-channel minimum 0 maximum 768
      limit-resource u4route-mem minimum 32 maximum 32

      Displaying Interface Configurations

      To display interface configurations, enter the following commands:

      Command Purpose

      vsg# show interface mgmt

      Displays a detailed information for a specific interface.

      vsg# show interface brief

      Displays a brief view of all interfaces.

      vsg# show running-config interface

      Displays the running configuration for all interfaces on your system.

      Example of show interface

      vsg# show interface mgmt 0
      mgmt0 is up
        Hardware: Ethernet, address: 3a00.0100.000b (bia 3a00.0100.000b)
        Internet Address is 10.37.29.3/16
        MTU 1352 bytes, BW 1000000 Kbit, DLY 10 usec
        reliability 255/255, txload 1/255, rxload 1/255
        Encapsulation ARPA
        auto-duplex, auto-speed
        Auto-Negotiation is turned on
        1 minute input rate 2672 bits/sec, 3 packets/sec
        1 minute output rate 1152 bits/sec, 1 packets/sec
        Rx
          2349928 input packets 106216 unicast packets 351159 multicast packets
          1892553 broadcast packets 182855323 bytes
        Tx
          52446 output packets 18796 unicast packets 16849 multicast packets
          16801 broadcast packets 6126844 bytes
      
      firewall-1#

      Example of show interface brief

      firewall# show interface brief
      
      --------------------------------------------------------------------------------
      Port     VRF          Status IP Address                            Speed    MTU
      --------------------------------------------------------------------------------
      mgmt0    --           up     10.37.29.3                            --       1352
      
      --------------------------------------------------------------------------------
      Port     VRF          Status IP Address                            Speed    MTU
      --------------------------------------------------------------------------------
      data0 --           up     41.10.10.20                           --       9000
      
      NOTE : * Denotes ports on modules which are currently offline on VSM
      firewall#

      Example of show running-config interface

      vsg# show running-config interface
      
      !Command: show running-config interface
      !Time: Mon Sep 29 02:17:32 2014
      
      version 5.2(1)VSG2(1.1)
      
      interface mgmt0
        ip address 10.37.29.3/16
      
      interface data0
        no snmp trap link-status
        ip address 14.10.10.20/24
      
      firewall-1#

      Saving a Configuration

      You can save the running configuration to the startup configuration, so that your changes are retained in the startup configuration file the next time you start up the Cisco VSG.

      Before You Begin

      Before beginning this procedure, you must be logged in to the CLI in any command mode.

      SUMMARY STEPS

        1.    vsg(config)# copy running-config startup-config


      DETAILED STEPS
         Command or ActionPurpose
        Step 1vsg(config)# copy running-config startup-config
         

        Saves the running configuration to the startup configuration.

         

        This example shows how to save a configuration.

        vsg(config)# copy running-config startup-config
        [########################################] 100%

        Erasing a Configuration

        You can erase a startup configuration.


        Caution


        The write erase command erases the entire startup configuration with the exception of loader functions.


        Before You Begin

        Before beginning this procedure, you must know or do the following:

        • You are logged in to the CLI.

        • The following parameters are used with this command:

          • debug—Erases the debug configuration.

        SUMMARY STEPS

          1.    vsg(config)# write erase [debug]


        DETAILED STEPS
           Command or ActionPurpose
          Step 1 vsg(config)# write erase [debug]
           

          Erases the existing startup configuration and reverts all settings to their factory defaults. The running configuration is not affected.

           

          This is an example of write erase command:

          vsg(config)# write erase debug
          Warning: This command will erase the startup-configuration.
          Do you wish to proceed anyway? (y/n) [y]
          [########################################] 100%

          Displaying Intercloud Fabric Firewall Instance

          You can display Intercloud Fabric(ICF) Firewall(VSG) instance.

          Before You Begin

          Before beginning this procedure, you must be logged in to the CLI.

          SUMMARY STEPS

            1.    vsg# show vsg


          DETAILED STEPS
             Command or ActionPurpose
            Step 1vsg# show vsg
             

            Displays the ICF VSG model, software version and build, and the Prime Network Services Controller (PNSC) IP address.

             

            This example shows how to display the ICF VSG model and software version and build, and the PNSC IP address:

            firewall(config)# show vsg
            Model: VSG
            VSG software version: 5.2(1)VSG2(1.2) build [5.2(1)VSG2(1.2)]
            NSC IP: 10.2.65.213
            NSC PA version: 2.1(2a)-vsg
            

            Navigating the File System

            Specifying File Systems

            The syntax for specifying a file system is <file system name>:[//server/].

            Table 1 File System Syntax Components
            File System Name Server Description
            bootflash:

            sup-active

            sup-local

            sup-1

            module-1

            Internal memory located on the active supervisor used for storing system images, configuration files, and other miscellaneous files. The CLI defaults to the bootflash: file system.

             

            sup-standby

            sup-remote

            sup-2

            module-2

            Internal memory located on the standby supervisor used for storing system images, configuration files, and other miscellaneous files.

            volatile: Volatile random-access memory (VRAM) located on a supervisor module used for temporary or pending changes.

            Identifying Your Current Working Directory

            You can display the directory name of your current location in the CLI.

            Before You Begin

            Before beginning this procedure, you must be logged in to the CLI.

            SUMMARY STEPS

              1.    firewall# pwd


            DETAILED STEPS
               Command or ActionPurpose
              Step 1 firewall# pwd
               

              Displays the directory name of your current location in the CLI.

               

              This example shows how to display the directory name of your current location in the Intercloud Fabric VSG CLI:

              firewall# pwd
              bootflash:

              Changing Your Directory

              You can change directories in the CLI.

              Before You Begin
              Before beginning this procedure, you must know or do the following:
              • You are logged in to the CLI in any command mode.

              • The Cisco VSG CLI defaults to the bootflash: file system.


              Note


              Any file saved in the volatile: file system is erased when the Cisco VSG reboots.


              SUMMARY STEPS

                1.    vsg# pwd

                2.    vsg# cd directory_name


              DETAILED STEPS
                 Command or ActionPurpose
                Step 1 vsg# pwd
                 

                Displays the directory name of your current CLI location.

                 
                Step 2vsg# cd directory_name
                 

                Changes your CLI location to the specified directory.

                 

                This example shows how to display the directory name of the current Cisco VSG CLI location and how to change the CLI location to the specified directory:

                vsg# pwd
                bootflash:
                vsg# cd volatile:
                vsg# pwd
                volatile:

                Listing the Files in a File System

                You can display the contents of a directory or file.

                Before You Begin

                Log in to the CLI in any command mode.

                SUMMARY STEPS

                  1.    firewall# dir[directory | filename]


                DETAILED STEPS
                   Command or ActionPurpose
                  Step 1 firewall# dir[directory | filename]
                   

                  Displays the contents of a directory or file. Ending an argument with a slash indicates a directory and displays the contents of that directory.

                   

                  This example shows how to display the contents of a directory:

                  firewall# dir lost+found/
                  49241 Jan 11 09:30:00 2015 diagclient_log.2613
                  12861 Jan 11 09:33:04 2015 diagmgr_log.2580
                  31 Jan 11 09:35:21 2015 dmesg
                  1811 Jan 11 09:38:46 2015 example_test.2633
                  89 Jan 11 09:40:10 2015 libdiag.2633
                  42136 Jan 11 09:40:55 2015 messages
                  65 Jan 11 09:43:50 2015 otm.log
                  741 Jan 11 09:48:23 2015 sal.log
                  87 Jan 11 09:50:43 2015 startupdebug
                  Usage for log://sup-local
                  51408896 bytes used
                  158306304 bytes free
                  209715200 bytes total

                  Identifying Available File Systems for Copying Files

                  You can identify the file systems that you can copy to or from.

                  Before You Begin

                  Log in to the CLI in EXEC mode.

                  SUMMARY STEPS

                    1.    vsg# copy ?

                    2.    vsg# copy filename ?


                  DETAILED STEPS
                     Command or ActionPurpose
                    Step 1vsg# copy ?
                     

                    Displays the source file systems available to the copy command.

                     
                    Step 2vsg# copy filename ?
                     

                    Displays the destination file systems available to the copy command for a specific file.

                     

                    This example shows how to display the source file systems available to the copy command and how to display the destination file systems available to the copy command for the specified file name:

                    vsg# copy ?
                    bootflash: Select source filesystem
                    core: Select source filesystem
                    debug: Select source filesystem
                    ftp: Select source filesystem
                    licenses Backup license files
                    log: Select source filesystem
                    nvram: Select source filesystem
                    running-config Copy running configuration to destination
                    scp: Select source filesystem
                    sftp: Select source filesystem
                    startup-config Copy startup configuration to destination
                    system: Select source filesystem
                    tftp: Select source filesystem
                    volatile: Select source filesystem
                    
                    vsg# copy filename ?
                    bootflash: Select destination filesystem
                    debug: Select destination filesystem
                    ftp: Select destination filesystem
                    log: Select destination filesystem
                    modflash: Select destination filesystem
                    nvram: Select destination filesystem
                    running-config Copy from source to running configuration
                    scp: Select destination filesystem
                    sftp: Select destination filesystem
                    startup-config Copy from source to startup configuration
                    system: Select destination filesystem
                    tftp: Select destination filesystem
                    volatile: Select destination filesystem

                    Using Tab Completion

                    You can have the CLI complete a partial filename in a command.


                    Note


                    Before using this procedure, you must be logged in to the CLI in EXEC mode.


                    Command Purpose

                    vsg# show file filesystem name: partial filename <TAB>

                    Completes the filename when Tab is pressed, if the characters you typed are unique to a single file.

                    If not, the CLI lists a selection of filenames that match the characters you typed.

                    You can then retype enough characters to make the filename unique. The CLI completes the filename for you.

                    vsg# show file bootflash:c <TAB>

                    Completes the filename for you.

                    This example shows how to display a selection of available files when you press the Tab key after you have typed enough characters that are unique to a file or set of files:

                    vsg# show file bootflash:nex<Tab>
                    bootflash:nexus-1000v-dplug-mzg.VSG2.1.2a.bin
                    bootflash:nexus-1000v-kickstart-mzg.VSG2.1.2a.bin
                    bootflash:nexus-1000v-mzg.VSG2.1.2a.bin
                    bootflash:nexus-1000v-mzg.VSG2.1.2a.bin

                    This example shows how to complete a command by pressing the Tab key when you have already entered the first unique characters of a command:

                    vsg# show file bootflash:c<Tab>
                    -----BEGIN RSA PRIVATE KEY-----
                    MIICXgIBAAKBgQDSq93BrlHcg3bX1jXDMY5c9+yZSST3VhuQBqogvCPDGeLecA+j
                    ...
                    ...

                    Copying and Backing Up Files

                    You can copy a file, such as a configuration file, to save it or reuse it at another location. If your internal file systems are corrupted, you could potentially lose your configuration. Save and back up your configuration files periodically. Also, before installing or migrating to a new software configuration, back up the existing configuration files.

                    Before You Begin
                    Before beginning this procedure, you must know or do the following:
                    • You are logged in to the CLI in any command mode.

                    • If you are copying to a remote location, make sure that your device has a route to the destination. Your device and the remote destination must be in the same subnetwork if you do not have a router or default gateway to route traffic between subnets.

                    • The ping command to make sure that your device has connectivity to the destination.

                    • Make sure that the source configuration file is in the correct directory on the remote server.

                    • Make sure that the permissions on the source file are set correctly. Permissions on the file should be set to world-read.


                    Note


                    Use the dir command to ensure that enough space is available in the destination file system. If enough space is not available, use the delete command to remove unneeded files.


                    SUMMARY STEPS

                      1.    firewall# copy [source filesystem:] filename [destination filesystem:] filename


                    DETAILED STEPS
                       Command or ActionPurpose
                      Step 1firewall# copy [source filesystem:] filename [destination filesystem:] filename
                       

                      Copies a file from the specified source location to the specified destination location.

                       

                      This example shows how to copy a file from a specified source location and move it to a specified destination location:

                      firewall# copy system:running-config tftp://10.10.1.1/home/configs/vsg3-run.cfg
                      Enter vrf (If no input, current vrf 'default' is considered):
                      Trying to connect to tftp server......
                      Connection to Server Established.
                      TFTP put operation successful

                      Creating a Directory

                      You can create a directory at the current directory level or at a specified directory level.

                      Before You Begin

                      Before beginning this procedure, you must be logged in to the CLI in any command mode.

                      SUMMARY STEPS

                        1.    firewall# mkdir {bootflash: | debug: | volatile:} directory-name


                      DETAILED STEPS
                         Command or ActionPurpose
                        Step 1firewall# mkdir {bootflash: | debug: | volatile:} directory-name
                         

                        Creates a directory at the current directory level.

                         

                        This example shows how to create a directory called test in the bootflash: directory:

                        firewall# mkdir bootflash:test

                        Removing an Existing Directory

                        You can remove an existing directory from the flash file system.

                        Before You Begin

                        Before beginning this procedure, you must know or do the following:

                        • You are logged in to the CLI.

                        • This command is valid only on flash file systems.

                        • Before you can remove it, the directory must be empty.

                        SUMMARY STEPS

                          1.    firewall# rmdir {bootflash: | debug: | volatile:} directory_name


                        DETAILED STEPS
                           Command or ActionPurpose
                          Step 1 firewall# rmdir {bootflash: | debug: | volatile:} directory_name
                           

                          Removes a directory as long as the directory is empty.

                           

                          This example shows how to remove the directory called test in the bootflash: directory:

                          firewall# rmdir bootflash:test

                          Moving Files

                          You can move a file from one location to another location.

                          Before You Begin

                          Before beginning this procedure, you must know or do the following:

                          • You are logged in to the CLI.

                          • The copy does not complete if there is not enough space in the destination directory.


                          Caution


                          If a file with the same name already exists in the destination directory, that file is overwritten by the file that you move.


                          SUMMARY STEPS

                            1.    firewall# move {source_path_and_filename} {destination_path_and_filename}


                          DETAILED STEPS
                             Command or ActionPurpose
                            Step 1firewall# move {source_path_and_filename} {destination_path_and_filename}
                             

                            Moves a file from the source directory to the destination directory.

                             

                            This example shows how to move a file from one directory to another in the same file system:

                            firewall# move bootflash:samplefile bootflash:mystorage/samplefile
                            vsg# move samplefile mystorage/samplefile

                            Deleting Files or Directories

                            You can delete files or directories on a Flash memory device.

                            Before You Begin

                            Before beginning this procedure, you must know or do the following:

                            • If you try to delete the configuration file or image specified by the CONFIG_FILE or BOOTLDR environment variable, the system prompts you to confirm the deletion.

                            • If you try to delete the last valid system image specified in the BOOT environment variable, the system prompts you to confirm the deletion.

                            SUMMARY STEPS

                              1.    firewall# delete [bootflash: | debug: | log: | volatile:] filename | directory_name


                            DETAILED STEPS
                               Command or ActionPurpose
                              Step 1 firewall# delete [bootflash: | debug: | log: | volatile:] filename | directory_name
                               

                              Deletes a specified file or directory and everything in the directory.

                               

                              This example shows how to delete the named file from the current working directory and how to delete a named directory and its content:

                              firewall# delete bootflash:dns_config.cfg
                              vsg# delete log:my-log

                              Compressing Files

                              You can compress (zip) a specified file using LZ77 coding.

                              Before You Begin

                              Before beginning this procedure, you must be logged in to the CLI.

                              SUMMARY STEPS

                                1.    firewall# show command > [path] filename

                                2.    firewall# dir

                                3.    firewall# gzip [path] filename


                              DETAILED STEPS
                                 Command or ActionPurpose
                                Step 1 firewall# show command > [path] filename
                                 

                                Directs show command output to a file.

                                 
                                Step 2firewall# dir
                                 

                                Displays the contents of the current directory, including the new file created in the first step.

                                 
                                Step 3firewall# gzip [path] filename
                                 

                                Compresses the specified file.

                                 

                                This example shows how to compress a specified file:

                                firewall# show system internal sysmgr event-history errors > errorsfile
                                firewall# dir
                                1480264 Jan 03 08:38:21 2015 1
                                77824 Jan 08 11:17:45 2015 accounting.log
                                4096 Jan 30 14:35:15 2015 core/
                                3220 Jan 09 16:33:05 2015 errorsfile
                                4096 Jan 30 14:35:15 2015 log/
                                16384 Jan 03 08:32:09 2015 lost+found/
                                7456 Jan 08 11:17:41 2015 mts.log
                                1480264 Jan 03 08:33:27 2015 nexus-1000v-dplug-mzg.VSG2.1.2a.bin
                                20126720 Jan 03 08:33:27 2015 nexus-1000v-kickstart-mzg.VSG2.1.2a.bin
                                45985810 Jan 01 14:30:00 2015 nexus-1000v-mzg.VSG2.1.2a.bin
                                46095447 Jan 07 11:32:00 2015 nexus-1000v-mzg.VSG2.1.2a.bin
                                1714 Jan 08 11:17:33 2015 system.cfg.new
                                4096 Jan 03 08:33:54 2015 vdc_2/
                                4096 Jan 03 08:33:54 2015 vdc_3/
                                4096 Jan 03 08:33:54 2015 vdc_4/
                                Usage for bootflash://
                                631246848 bytes used
                                5772722176 bytes free
                                6403969024 bytes total
                                
                                firewall# gzip bootflash:errorsfile
                                firewall# dir
                                1480264 Jan 03 08:38:21 2015 1
                                77824 Jan 08 11:17:45 2015 accounting.log
                                4096 Jan 30 14:35:15 2015 core/
                                861 Jan 09 16:33:05 2015 errorsfile.gz
                                4096 Jan 30 14:35:15 2015 log/
                                16384 Jan 03 08:32:09 2015 lost+found/
                                7456 Jan 08 11:17:41 2015 mts.log
                                1480264 Jan 03 08:33:27 2015 nexus-1000v-dplug-mzg.VSG1.0.1.bin
                                20126720 Jan 03 08:33:27 2015 nexus-1000v-kickstart-mzg.VSG1.0.1.bin
                                45985810 Jan 01 14:30:00 2015 nexus-1000v-mzg.VSG1.0.1.bin
                                46095447 Jan 07 11:32:00 2015 nexus-1000v-mzg.VSG1.0.396.bin
                                1714 Jan 08 11:17:33 2015 system.cfg.new
                                4096 Jan 03 08:33:54 2015 vdc_2/
                                4096 Jan 03 08:33:54 2015 vdc_3/
                                4096 Jan 03 08:33:54 2015 vdc_4/
                                Usage for bootflash://
                                631246848 bytes used
                                5772722176 bytes free
                                6403969024 bytes total

                                Uncompressing Files

                                You can uncompress (unzip) a specified file that is compressed using LZ77 coding.

                                Before You Begin

                                Before beginning this procedure, you must be logged in to the CLI.

                                SUMMARY STEPS

                                  1.    firewall# gunzip [path] filename

                                  2.    firewall# dir


                                DETAILED STEPS
                                   Command or ActionPurpose
                                  Step 1 firewall# gunzip [path] filename
                                   

                                  Uncompresses the specified file.

                                   
                                  Step 2firewall# dir
                                   

                                  Displays the contents of a directory, including the newly uncompressed file.

                                   

                                  This example shows how to uncompress a specified file:

                                  firewall# gunzip bootflash:errorsfile.gz
                                  firewall# dir bootflash:
                                  1480264 Jan 03 08:38:21 2015 1
                                  77824 Jan 08 11:17:45 2015 accounting.log
                                  4096 Jan 30 14:35:15 2015 core/
                                  3220 Jan 09 16:33:05 2015 errorsfile
                                  4096 Jan 30 14:35:15 2015 log/
                                  16384 Jan 03 08:32:09 2015 lost+found/
                                  7456 Jan 08 11:17:41 2015 mts.log
                                  1480264 Jan 03 08:33:27 2015 nexus-1000v-dplug-mzg.VSG2.1.2a.bin
                                  20126720 Jan 03 08:33:27 2015 nexus-1000v-kickstart-mzg.VSG2.1.2a.bin
                                  45985810 Jan 01 14:30:00 2015 nexus-1000v-mzg.VSG2.1.2a.bin
                                  46095447 Jan 07 11:32:00 2015 nexus-1000v-mzg.VSG2.1.296.bin
                                  1714 Jan 08 11:17:33 2015 system.cfg.new
                                  4096 Jan 03 08:33:54 2015 vdc_2/
                                  4096 Jan 03 08:33:54 2015 vdc_3/
                                  4096 Jan 03 08:33:54 2015 vdc_4/
                                  Usage for bootflash://sup-local
                                  631246848 bytes used
                                  5772722176 bytes free
                                  6403969024 bytes total

                                  Directing Command Output to a File

                                  You can direct command output to a file.

                                  Before You Begin

                                  Before beginning this procedure, you must be logged in to the CLI in any command mode.

                                  SUMMARY STEPS

                                    1.    firewall# show running-config > [path | filename]


                                  DETAILED STEPS
                                     Command or ActionPurpose
                                    Step 1 firewall# show running-config > [path | filename]
                                     

                                    Directs the output of the command to a path and filename.

                                     

                                    This example shows how to direct the output of the command to the file vsg1-run.cfg in the volatile: directory:

                                    firewall# show running-config > volatile:vsg1-run.cfg

                                    Verifying a Configuration File Before Loading

                                    You can verify the integrity of an image before loading it.


                                    Note


                                    The copy command can be used for both the system and kickstart images.


                                    Before You Begin

                                    Before beginning this procedure, you must be logged in to the CLI in any command mode.

                                    SUMMARY STEPS

                                      1.    vsg# copy source_path_and_file system:running-config

                                      2.    vsg# show version image [bootflash: | modflash:| volatile:]


                                    DETAILED STEPS
                                       Command or ActionPurpose
                                      Step 1 vsg# copy source_path_and_file system:running-config
                                       

                                      Copies the source file to the running configuration.

                                       
                                      Step 2vsg# show version image [bootflash: | modflash:| volatile:]
                                       

                                      Validates the specified image.

                                       

                                      This example shows how to copy the source file to the running configuration and validate the specified image:

                                      vsg# show version image bootflash:nexus-1000v-mz.VSG2.1.201.bin
                                      image name: nexus-1000v-mz.VSG2.1.201.bin
                                      bios: version unavailable
                                      system: version 5.2(1)VSG2(1) [build 5.2(1)VSG2(1.201)]
                                      compiled: 06/6/2014 2:00:00 [06/06/2014 15:20:50]

                                      Reverting to a Previous Configuration

                                      You can recover your configuration from a previously saved version.

                                      Before You Begin

                                      Before beginning this procedure, you must be logged in to the CLI in any command mode.


                                      Note


                                      Each time that you enter the copy running-config startup-config command, a binary file is created and the ASCII file is updated. A valid binary configuration file reduces the overall boot time significantly. A binary file cannot be uploaded, but its contents can be used to overwrite the existing startup configuration. Enter the write erase command to clear the binary file.


                                      SUMMARY STEPS

                                        1.    vsg# copy running-config bootflash: {filename}

                                        2.    vsg# copy bootflash: {filename} startup-configure


                                      DETAILED STEPS
                                         Command or ActionPurpose
                                        Step 1 vsg# copy running-config bootflash: {filename}
                                         

                                        Reverts to a snapshot copy of a previously saved running configuration (binary file).

                                         
                                        Step 2vsg# copy bootflash: {filename} startup-configure
                                         

                                        Reverts to a configuration copy that was previously saved in the bootflash: file system (ASCII file).

                                         

                                        This example shows how to revert to a snapshot copy of a previously saved running configuration and how to revert to a configuration copy that was previously saved in the bootflash: directory:

                                        vsg# copy running-config bootflash:January03-Running
                                        vsg# copy bootflash:my-configure startup-configure

                                        Displaying Files

                                        To display information about files, enter the following commands:

                                        Command Purpose

                                        vsg# show file [bootflash: | debug: | volatile:] filename

                                        Displays the contents of the specified file.

                                        vsg# pwd

                                        Displays the current working directory.

                                        vsg# dir

                                        Displays the contents of the directory.

                                        vsg# show file filename [cksum | md5sum]

                                        Provides the checksum or Message-Digest Algorithm 5 (MD5) checksum of the file for comparison with the original file. MD5 is an electronic fingerprint for the file.

                                        vsg# tail {path}[filename] {number-of-lines}

                                        Displays the requested number of lines from the end of the specified file.

                                        The range for the number-of-lines argument is from 0 to 80.

                                        vsg# show users

                                        Displays a list of users who are currently accessing the Cisco VSG.

                                        Example of show file

                                        vsg# show file bootflash:sample_file.txt
                                        security-profile sp1
                                        policy p1
                                        rule r1
                                        action 10 permit
                                        policy p1
                                        rule r1 order 10

                                        Example of dir command

                                        vsg# dir
                                        Usage for volatile://
                                        0 bytes used
                                        20971520 bytes free
                                        20971520 bytes total

                                        Example of show file cksum command

                                        vsg# show file bootflash:sample_file.txt cksum
                                        750206909

                                        Example of show file md5sum command

                                        vsg# show file bootflash:sample_file.txt md5sum
                                        aa163ec1769b9156614c643c926023cf

                                        Example of tail command

                                        vsg# tail bootflash:errorsfile 5
                                        (20) Event:E_DEBUG, length:34, at 171590 usecs after Tue Jul 1 09:29:05 2008
                                        [102] main(326): stateless restart

                                        Example of tail command

                                        vsg# show users
                                        NAME LINE TIME IDLE PID COMMENT
                                        admin pts/0 Jul 1 04:40 03:29 2915 (::ffff:64.103.145.136)
                                        admin pts/2 Jul 1 10:06 03:37 6413 (::ffff:64.103.145.136)
                                        admin pts/3 Jul 1 13:49 . 8835 (171.71.55.196)*

                                        Displaying the Current User Access

                                        You can display all users currently accessing the Cisco VSG.

                                        Before You Begin

                                        Before beginning this procedure, you must be logged in to the CLI in EXEC mode.

                                        SUMMARY STEPS

                                          1.    vsg# show user


                                        DETAILED STEPS
                                           Command or ActionPurpose
                                          Step 1 vsg# show user
                                           

                                          Displays a list of users who are currently accessing the Cisco VSG.

                                           

                                          This example shows how to display a list of users who are currently accessing the Cisco VSG:

                                          vsg# show users
                                          NAME LINE TIME IDLE PID COMMENT
                                          admin pts/0 Jul 1 04:40 03:29 2915 (::ffff:64.103.145.136)
                                          admin pts/2 Jul 1 10:06 03:37 6413 (::ffff:64.103.145.136)
                                          admin pts/3 Jul 1 13:49 . 8835 (171.71.55.196)*

                                          Sending a Message to Users

                                          You can send a message to all active users currently using the Cisco VSG.

                                          Before You Begin

                                          Before beginning this procedure, you must be logged in to the CLI.

                                          SUMMARY STEPS

                                            1.    firewall# send {session device} line


                                          DETAILED STEPS
                                             Command or ActionPurpose
                                            Step 1 firewall# send {session device} line
                                             
                                            Sends a message to users currently logged in to the system. You can use the following keyword and argument:
                                            • session—sends the message to a specified pts/tty device type.

                                            • line is a message of up to 80 alphanumeric characters.

                                             

                                            This example shows how to send a message to all users:

                                            firewall# send Hello. Shutting down the system in 10 minutes.
                                            Broadcast Message from admin@vsg (/dev/pts/34) at 8:58 ...
                                            Hello. Shutting down the system in 10 minutes.