- Information About Cisco VSG System Management
- Changing the Cisco VSG Instance Name
- Configuring a Message of the Day
- Verifying the Cisco VSG Configuration
Configuring System Management
This chapter contains the following sections:
- Information About Cisco VSG System Management
- Changing the Cisco VSG Instance Name
- Configuring a Message of the Day
- Verifying the Cisco VSG Configuration
- Copying and Backing Up Files
- Creating a Directory
- Removing an Existing Directory
- Moving Files
- Deleting Files or Directories
- Compressing Files
- Uncompressing Files
- Directing Command Output to a File
- Verifying a Configuration File Before Loading
- Reverting to a Previous Configuration
- Displaying Files
- Displaying the Current User Access
- Sending a Message to Users
Information About Cisco VSG System Management
Cisco Virtual Security Gateway (VSG) enables you to use command-line interface (CLI) configuration commands to do standard system management functions such as the following:
Changing the Cisco VSG Instance Name
You can change the Cisco VSG instance name or prompt. If you have multiple instances of Cisco VSGs, you can use this procedure to uniquely identify each Cisco VSG.
Before beginning this procedure, log in to the CLI in global configuration mode.
1.
vsg# configure
2.
vsg(config)# hostname host-name
DETAILED STEPS
Command or Action | Purpose |
---|
vsg# configure vsg(config)# hostname metro vsg(config)# exit
Configuring a Message of the Day
You can configure a message of the day (MOTD) to display at the login prompt.
Before beginning this procedure, log in to the CLI in configuration mode.
1.
vsg# configure
2.
vsg(config)# banner motd [delimiting-character message delimiting-character ]
3.
vsg(config)# show banner motd
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to configure an MOTD:
vsg# configure vsg(config)# banner motd December 12, 2010 Welcome to the VSG vsg(config)# show banner motd December 12, 2010 Welcome to the VSG
Verifying the Cisco VSG Configuration
To verify the Cisco VSG configuration, enter the following commands:
Command | Purpose |
---|---|
vsg# show version |
Displays the versions of system software and hardware that are currently running on Cisco VSG. |
vsg# show running-config |
Displays the versions of system software and hardware that are currently running on Cisco VSG. |
vsg# show running-config diff |
Displays the difference between the startup configuration and the running configuration. |
Example of show version
vsg# show version Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained herein are owned by other third parties and are used and distributed under license. Some parts of this software are covered under the GNU Public License. A copy of the license is available at http://www.gnu.org/licenses/gpl.html. kickstart: version 5.2(1)VSG2(1) [build 5.2(1)VSG2(1.398)] system: version 5.2(1)VSG2(1) [build 5.2(1)VSG2(1.398)] kickstart image file is: [not present on supervisor] kickstart compile time: 07/12/2014 17:00:00 system image file is: bootflash:/nexus-1000v-mz.VSG2.1.298.bin system compile time: 07/17/2014 17:00:00 [07/17/2011 13:03:38] Hardware cisco Nexus 1000VF Chassis ("Nexus VSN Virtual Firewall") Intel(R) Xeon(R) CPU with 1944668 kB of memory. Processor Board ID T5056BB0072 Device name: vsg bootflash: 2059572 kB Kernel uptime is 1 day(s), 5 hour(s), 47 minute(s), 4 second(s) plugin Core Plugin, Virtualization Plugin, Ethernet Plugin
Example of show running-config
vsg# show running-config !Command: show running-config !Time: Sun Jul 17 17:42:59 2014 version 5.2(1)VSG2(1.2) no feature telnet no feature http-server username adminbackup password 5 $1$Oip/C5Ci$oOdx7oJSlBCFpNRmQK4na. role network-operator username admin password 5 $1$RU5OIPU7$SYvoK9S5rOMRE9WBWZLsA. role network-admin username vsnbetauser password 5 $1$Fg4u8MCf$xr8cSVV1gBb0ATZU8eVbB. role network-admin banner motd #Nexus VSN# ssh key rsa 2048 ip domain-lookup ip domain-lookup hostname vsg snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 0x5ed3cfea7c44550ac3d18475f28b118b localizedkey snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey vrf context management ip route 0.0.0.0/0 10.193.72.1 vlan 1 port-channel load-balance ethernet source-mac port-profile default max-ports 32 vdc vsg id 1 limit-resource vlan minimum 16 maximum 2049 limit-resource monitor-session minimum 0 maximum 2 limit-resource vrf minimum 16 maximum 8192 limit-resource port-channel minimum 0 maximum 768 limit-resource u4route-mem minimum 32 maximum 32 limit-resource u6route-mem minimum 16 maximum 16 limit-resource m4route-mem minimum 58 maximum 58 limit-resource m6route-mem minimum 8 maximum 8 interface mgmt0 ip address 10.193.73.118/21 interface data0 ip address 118.1.1.1/8 line console boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG2.1.2.bin sup-1 boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-1 boot kickstart bootflash:/nexus-1000v-kickstart-mzg.VSG2.1.2.bin sup-2 boot system bootflash:/nexus-1000v-mzg.VSG1.0.1.bin sup-2 ha-pair id 23 security-profile sp1 policy p1 rule r1 action 10 permit policy p1 rule r1 order 10 nsc-policy-agent policy-agent-image registration-ip 0.0.0.0 shared-secret ********** log-level info
Example of show running-config diff
vsg# show running-config diff *** Startup-config --- Running-config *************** *** 14,34 **** banner motd #Nexus VSG# ssh key rsa 2048 ip domain-lookup ip domain-lookup ! switchname G-VSG-116-1 snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 0x5ed3cfea7c44550ac3d18475f28b118b localizedkey snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey vrf context management ip route 0.0.0.0/0 10.193.72.1 vlan 1 port-channel load-balance ethernet source-mac port-profile default max-ports 32 ! vdc G-VSG-116-1 id 1 limit-resource vlan minimum 16 maximum 2049 limit-resource monitor-session minimum 0 maximum 2 limit-resource vrf minimum 16 maximum 8192 limit-resource port-channel minimum 0 maximum 768 limit-resource u4route-mem minimum 32 maximum 32 --- 13,33 ---- banner motd #Nexus VSG# ssh key rsa 2048 ip domain-lookup ip domain-lookup ! hostname vsg snmp-server user admin network-admin auth md5 0x5ed3cfea7c44550ac3d18475f28b118b priv 0x5ed3cfea7c44550ac3d18475f28b118b localizedkey snmp-server user vsnbetauser network-admin auth md5 0x11d89525029e4148a2a494a8e131f9ed priv 0x11d89525029e4148a2a494a8e131f9ed localizedkey vrf context management ip route 0.0.0.0/0 10.193.72.1 vlan 1 port-channel load-balance ethernet source-mac port-profile default max-ports 32 ! vdc vsg id 1 limit-resource vlan minimum 16 maximum 2049 limit-resource monitor-session minimum 0 maximum 2 limit-resource vrf minimum 16 maximum 8192 limit-resource port-channel minimum 0 maximum 768 limit-resource u4route-mem minimum 32 maximum 32
- Displaying Interface Configurations
- Saving a Configuration
- Erasing a Configuration
- Displaying Intercloud Fabric Firewall Instance
- Navigating the File System
Displaying Interface Configurations
To display interface configurations, enter the following commands:
Command | Purpose |
---|---|
vsg# show interface mgmt |
Displays a detailed information for a specific interface. |
vsg# show interface brief |
Displays a brief view of all interfaces. |
vsg# show running-config interface |
Displays the running configuration for all interfaces on your system. |
Example of show interface
vsg# show interface mgmt 0 mgmt0 is up Hardware: Ethernet, address: 3a00.0100.000b (bia 3a00.0100.000b) Internet Address is 10.37.29.3/16 MTU 1352 bytes, BW 1000000 Kbit, DLY 10 usec reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA auto-duplex, auto-speed Auto-Negotiation is turned on 1 minute input rate 2672 bits/sec, 3 packets/sec 1 minute output rate 1152 bits/sec, 1 packets/sec Rx 2349928 input packets 106216 unicast packets 351159 multicast packets 1892553 broadcast packets 182855323 bytes Tx 52446 output packets 18796 unicast packets 16849 multicast packets 16801 broadcast packets 6126844 bytes firewall-1#
Example of show interface brief
firewall# show interface brief -------------------------------------------------------------------------------- Port VRF Status IP Address Speed MTU -------------------------------------------------------------------------------- mgmt0 -- up 10.37.29.3 -- 1352 -------------------------------------------------------------------------------- Port VRF Status IP Address Speed MTU -------------------------------------------------------------------------------- data0 -- up 41.10.10.20 -- 9000 NOTE : * Denotes ports on modules which are currently offline on VSM firewall#
Example of show running-config interface
vsg# show running-config interface !Command: show running-config interface !Time: Mon Sep 29 02:17:32 2014 version 5.2(1)VSG2(1.1) interface mgmt0 ip address 10.37.29.3/16 interface data0 no snmp trap link-status ip address 14.10.10.20/24 firewall-1#
Saving a Configuration
You can save the running configuration to the startup configuration, so that your changes are retained in the startup configuration file the next time you start up the Cisco VSG.
Before beginning this procedure, you must be logged in to the CLI in any command mode.
1.
vsg(config)# copy running-config startup-config
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to save a configuration.
vsg(config)# copy running-config startup-config [########################################] 100%
Erasing a Configuration
You can erase a startup configuration.
Caution | The write erase command erases the entire startup configuration with the exception of loader functions. |
Before beginning this procedure, you must know or do the following:
1.
vsg(config)#
write erase
[debug]
DETAILED STEPS
Command or Action | Purpose |
---|
This is an example of write erase command:
vsg(config)# write erase debug Warning: This command will erase the startup-configuration. Do you wish to proceed anyway? (y/n) [y] [########################################] 100%
Displaying Intercloud Fabric Firewall Instance
You can display Intercloud Fabric(ICF) Firewall(VSG) instance.
Before beginning this procedure, you must be logged in to the CLI.
1.
vsg#
show
vsg
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to display the ICF VSG model and software version and build, and the PNSC IP address:
firewall(config)# show vsg Model: VSG VSG software version: 5.2(1)VSG2(1.2) build [5.2(1)VSG2(1.2)] NSC IP: 10.2.65.213 NSC PA version: 2.1(2a)-vsg
Navigating the File System
Specifying File Systems
The syntax for specifying a file system is <file system name>:[//server/].
File System Name | Server | Description |
---|---|---|
bootflash: | sup-active sup-local sup-1 module-1 |
Internal memory located on the active supervisor used for storing system images, configuration files, and other miscellaneous files. The CLI defaults to the bootflash: file system. |
sup-standby sup-remote sup-2 module-2 |
Internal memory located on the standby supervisor used for storing system images, configuration files, and other miscellaneous files. |
|
volatile: | — | Volatile random-access memory (VRAM) located on a supervisor module used for temporary or pending changes. |
Identifying Your Current Working Directory
You can display the directory name of your current location in the CLI.
Before beginning this procedure, you must be logged in to the CLI.
1.
firewall#
pwd
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to display the directory name of your current location in the Intercloud Fabric VSG CLI:
firewall# pwd bootflash:
Changing Your Directory
You can change directories in the CLI.
Note | Any file saved in the volatile: file system is erased when the Cisco VSG reboots. |
1.
vsg# pwd
2.
vsg# cd directory_name
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to display the directory name of the current Cisco VSG CLI location and how to change the CLI location to the specified directory:
vsg# pwd bootflash: vsg# cd volatile: vsg# pwd volatile:
Listing the Files in a File System
You can display the contents of a directory or file.
Log in to the CLI in any command mode.
1.
firewall#
dir[directory |
filename]
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to display the contents of a directory:
firewall# dir lost+found/ 49241 Jan 11 09:30:00 2015 diagclient_log.2613 12861 Jan 11 09:33:04 2015 diagmgr_log.2580 31 Jan 11 09:35:21 2015 dmesg 1811 Jan 11 09:38:46 2015 example_test.2633 89 Jan 11 09:40:10 2015 libdiag.2633 42136 Jan 11 09:40:55 2015 messages 65 Jan 11 09:43:50 2015 otm.log 741 Jan 11 09:48:23 2015 sal.log 87 Jan 11 09:50:43 2015 startupdebug Usage for log://sup-local 51408896 bytes used 158306304 bytes free 209715200 bytes total
Identifying Available File Systems for Copying Files
You can identify the file systems that you can copy to or from.
Log in to the CLI in EXEC mode.
1.
vsg#
copy
?
2.
vsg#
copy
filename ?
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to display the source file systems available to the copy command and how to display the destination file systems available to the copy command for the specified file name:
vsg# copy ? bootflash: Select source filesystem core: Select source filesystem debug: Select source filesystem ftp: Select source filesystem licenses Backup license files log: Select source filesystem nvram: Select source filesystem running-config Copy running configuration to destination scp: Select source filesystem sftp: Select source filesystem startup-config Copy startup configuration to destination system: Select source filesystem tftp: Select source filesystem volatile: Select source filesystem vsg# copy filename ? bootflash: Select destination filesystem debug: Select destination filesystem ftp: Select destination filesystem log: Select destination filesystem modflash: Select destination filesystem nvram: Select destination filesystem running-config Copy from source to running configuration scp: Select destination filesystem sftp: Select destination filesystem startup-config Copy from source to startup configuration system: Select destination filesystem tftp: Select destination filesystem volatile: Select destination filesystem
Using Tab Completion
You can have the CLI complete a partial filename in a command.
Note | Before using this procedure, you must be logged in to the CLI in EXEC mode. |
Command | Purpose |
---|---|
vsg# show file filesystem name: partial filename <TAB> |
Completes the filename when Tab is pressed, if the characters you typed are unique to a single file. If not, the CLI lists a selection of filenames that match the characters you typed. You can then retype enough characters to make the filename unique. The CLI completes the filename for you. |
vsg# show file bootflash:c <TAB> |
Completes the filename for you. |
This example shows how to display a selection of available files when you press the Tab key after you have typed enough characters that are unique to a file or set of files:
vsg# show file bootflash:nex<Tab> bootflash:nexus-1000v-dplug-mzg.VSG2.1.2a.bin bootflash:nexus-1000v-kickstart-mzg.VSG2.1.2a.bin bootflash:nexus-1000v-mzg.VSG2.1.2a.bin bootflash:nexus-1000v-mzg.VSG2.1.2a.bin
This example shows how to complete a command by pressing the Tab key when you have already entered the first unique characters of a command:
vsg# show file bootflash:c<Tab> -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDSq93BrlHcg3bX1jXDMY5c9+yZSST3VhuQBqogvCPDGeLecA+j ... ...
Copying and Backing Up Files
You can copy a file, such as a configuration file, to save it or reuse it at another location. If your internal file systems are corrupted, you could potentially lose your configuration. Save and back up your configuration files periodically. Also, before installing or migrating to a new software configuration, back up the existing configuration files.
-
You are logged in to the CLI in any command mode.
-
If you are copying to a remote location, make sure that your device has a route to the destination. Your device and the remote destination must be in the same subnetwork if you do not have a router or default gateway to route traffic between subnets.
-
The ping command to make sure that your device has connectivity to the destination.
-
Make sure that the source configuration file is in the correct directory on the remote server.
-
Make sure that the permissions on the source file are set correctly. Permissions on the file should be set to world-read.
Note | Use the dir command to ensure that enough space is available in the destination file system. If enough space is not available, use the delete command to remove unneeded files. |
1.
firewall#
copy
[source
filesystem:]
filename [destination
filesystem:]
filename
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to copy a file from a specified source location and move it to a specified destination location:
firewall# copy system:running-config tftp://10.10.1.1/home/configs/vsg3-run.cfg Enter vrf (If no input, current vrf 'default' is considered): Trying to connect to tftp server...... Connection to Server Established. TFTP put operation successful
Creating a Directory
You can create a directory at the current directory level or at a specified directory level.
Before beginning this procedure, you must be logged in to the CLI in any command mode.
1.
firewall#
mkdir
{bootflash: |
debug:
|
volatile:}
directory-name
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to create a directory called test in the bootflash: directory:
firewall# mkdir bootflash:test
Removing an Existing Directory
You can remove an existing directory from the flash file system.
Before beginning this procedure, you must know or do the following:
1.
firewall#
rmdir
{bootflash: |
debug:
|
volatile:}
directory_name
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to remove the directory called test in the bootflash: directory:
firewall# rmdir bootflash:test
Moving Files
You can move a file from one location to another location.
Before beginning this procedure, you must know or do the following:
-
You are logged in to the CLI.
-
The copy does not complete if there is not enough space in the destination directory.
Caution | If a file with the same name already exists in the destination directory, that file is overwritten by the file that you move. |
1.
firewall#
move
{source_path_and_filename} {destination_path_and_filename}
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to move a file from one directory to another in the same file system:
firewall# move bootflash:samplefile bootflash:mystorage/samplefile vsg# move samplefile mystorage/samplefile
Deleting Files or Directories
You can delete files or directories on a Flash memory device.
Before beginning this procedure, you must know or do the following:
-
If you try to delete the configuration file or image specified by the CONFIG_FILE or BOOTLDR environment variable, the system prompts you to confirm the deletion.
-
If you try to delete the last valid system image specified in the BOOT environment variable, the system prompts you to confirm the deletion.
1.
firewall#
delete
[bootflash: |
debug:
|
log: |
volatile:]
filename
|
directory_name
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to delete the named file from the current working directory and how to delete a named directory and its content:
firewall# delete bootflash:dns_config.cfg vsg# delete log:my-log
Compressing Files
You can compress (zip) a specified file using LZ77 coding.
Before beginning this procedure, you must be logged in to the CLI.
1.
firewall#
show
command
>
[path]
filename
2.
firewall#
dir
3.
firewall#
gzip
[path] filename
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to compress a specified file:
firewall# show system internal sysmgr event-history errors > errorsfile firewall# dir 1480264 Jan 03 08:38:21 2015 1 77824 Jan 08 11:17:45 2015 accounting.log 4096 Jan 30 14:35:15 2015 core/ 3220 Jan 09 16:33:05 2015 errorsfile 4096 Jan 30 14:35:15 2015 log/ 16384 Jan 03 08:32:09 2015 lost+found/ 7456 Jan 08 11:17:41 2015 mts.log 1480264 Jan 03 08:33:27 2015 nexus-1000v-dplug-mzg.VSG2.1.2a.bin 20126720 Jan 03 08:33:27 2015 nexus-1000v-kickstart-mzg.VSG2.1.2a.bin 45985810 Jan 01 14:30:00 2015 nexus-1000v-mzg.VSG2.1.2a.bin 46095447 Jan 07 11:32:00 2015 nexus-1000v-mzg.VSG2.1.2a.bin 1714 Jan 08 11:17:33 2015 system.cfg.new 4096 Jan 03 08:33:54 2015 vdc_2/ 4096 Jan 03 08:33:54 2015 vdc_3/ 4096 Jan 03 08:33:54 2015 vdc_4/ Usage for bootflash:// 631246848 bytes used 5772722176 bytes free 6403969024 bytes total firewall# gzip bootflash:errorsfile firewall# dir 1480264 Jan 03 08:38:21 2015 1 77824 Jan 08 11:17:45 2015 accounting.log 4096 Jan 30 14:35:15 2015 core/ 861 Jan 09 16:33:05 2015 errorsfile.gz 4096 Jan 30 14:35:15 2015 log/ 16384 Jan 03 08:32:09 2015 lost+found/ 7456 Jan 08 11:17:41 2015 mts.log 1480264 Jan 03 08:33:27 2015 nexus-1000v-dplug-mzg.VSG1.0.1.bin 20126720 Jan 03 08:33:27 2015 nexus-1000v-kickstart-mzg.VSG1.0.1.bin 45985810 Jan 01 14:30:00 2015 nexus-1000v-mzg.VSG1.0.1.bin 46095447 Jan 07 11:32:00 2015 nexus-1000v-mzg.VSG1.0.396.bin 1714 Jan 08 11:17:33 2015 system.cfg.new 4096 Jan 03 08:33:54 2015 vdc_2/ 4096 Jan 03 08:33:54 2015 vdc_3/ 4096 Jan 03 08:33:54 2015 vdc_4/ Usage for bootflash:// 631246848 bytes used 5772722176 bytes free 6403969024 bytes total
Uncompressing Files
You can uncompress (unzip) a specified file that is compressed using LZ77 coding.
Before beginning this procedure, you must be logged in to the CLI.
1.
firewall#
gunzip
[path]
filename
2.
firewall#
dir
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to uncompress a specified file:
firewall# gunzip bootflash:errorsfile.gz firewall# dir bootflash: 1480264 Jan 03 08:38:21 2015 1 77824 Jan 08 11:17:45 2015 accounting.log 4096 Jan 30 14:35:15 2015 core/ 3220 Jan 09 16:33:05 2015 errorsfile 4096 Jan 30 14:35:15 2015 log/ 16384 Jan 03 08:32:09 2015 lost+found/ 7456 Jan 08 11:17:41 2015 mts.log 1480264 Jan 03 08:33:27 2015 nexus-1000v-dplug-mzg.VSG2.1.2a.bin 20126720 Jan 03 08:33:27 2015 nexus-1000v-kickstart-mzg.VSG2.1.2a.bin 45985810 Jan 01 14:30:00 2015 nexus-1000v-mzg.VSG2.1.2a.bin 46095447 Jan 07 11:32:00 2015 nexus-1000v-mzg.VSG2.1.296.bin 1714 Jan 08 11:17:33 2015 system.cfg.new 4096 Jan 03 08:33:54 2015 vdc_2/ 4096 Jan 03 08:33:54 2015 vdc_3/ 4096 Jan 03 08:33:54 2015 vdc_4/ Usage for bootflash://sup-local 631246848 bytes used 5772722176 bytes free 6403969024 bytes total
Directing Command Output to a File
You can direct command output to a file.
Before beginning this procedure, you must be logged in to the CLI in any command mode.
1.
firewall#
show
running-config > [path |
filename]
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to direct the output of the command to the file vsg1-run.cfg in the volatile: directory:
firewall# show running-config > volatile:vsg1-run.cfg
Verifying a Configuration File Before Loading
You can verify the integrity of an image before loading it.
Note | The copy command can be used for both the system and kickstart images. |
Before beginning this procedure, you must be logged in to the CLI in any command mode.
1.
vsg#
copy
source_path_and_file
system:running-config
2.
vsg#
show version
image [bootflash: |
modflash:|
volatile:]
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to copy the source file to the running configuration and validate the specified image:
vsg# show version image bootflash:nexus-1000v-mz.VSG2.1.201.bin image name: nexus-1000v-mz.VSG2.1.201.bin bios: version unavailable system: version 5.2(1)VSG2(1) [build 5.2(1)VSG2(1.201)] compiled: 06/6/2014 2:00:00 [06/06/2014 15:20:50]
Reverting to a Previous Configuration
You can recover your configuration from a previously saved version.
Before beginning this procedure, you must be logged in to the CLI in any command mode.
Note | Each time that you enter the copy running-config startup-config command, a binary file is created and the ASCII file is updated. A valid binary configuration file reduces the overall boot time significantly. A binary file cannot be uploaded, but its contents can be used to overwrite the existing startup configuration. Enter the write erase command to clear the binary file. |
1.
vsg# copy running-config bootflash: {filename}
2.
vsg# copy bootflash: {filename} startup-configure
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to revert to a snapshot copy of a previously saved running configuration and how to revert to a configuration copy that was previously saved in the bootflash: directory:
vsg# copy running-config bootflash:January03-Running vsg# copy bootflash:my-configure startup-configure
Displaying Files
To display information about files, enter the following commands:
Command | Purpose |
---|---|
vsg# show file [bootflash: | debug: | volatile:] filename |
Displays the contents of the specified file. |
vsg# pwd |
Displays the current working directory. |
vsg# dir |
Displays the contents of the directory. |
vsg# show file filename [cksum | md5sum] |
Provides the checksum or Message-Digest Algorithm 5 (MD5) checksum of the file for comparison with the original file. MD5 is an electronic fingerprint for the file. |
vsg# tail {path}[filename] {number-of-lines} |
Displays the requested number of lines from the end of the specified file. The range for the number-of-lines argument is from 0 to 80. |
vsg# show users |
Displays a list of users who are currently accessing the Cisco VSG. |
Example of show file
vsg# show file bootflash:sample_file.txt security-profile sp1 policy p1 rule r1 action 10 permit policy p1 rule r1 order 10
Example of dir command
vsg# dir Usage for volatile:// 0 bytes used 20971520 bytes free 20971520 bytes total
Example of show file cksum command
vsg# show file bootflash:sample_file.txt cksum 750206909
Example of show file md5sum command
vsg# show file bootflash:sample_file.txt md5sum aa163ec1769b9156614c643c926023cf
Example of tail command
vsg# tail bootflash:errorsfile 5 (20) Event:E_DEBUG, length:34, at 171590 usecs after Tue Jul 1 09:29:05 2008 [102] main(326): stateless restart
Example of tail command
vsg# show users NAME LINE TIME IDLE PID COMMENT admin pts/0 Jul 1 04:40 03:29 2915 (::ffff:64.103.145.136) admin pts/2 Jul 1 10:06 03:37 6413 (::ffff:64.103.145.136) admin pts/3 Jul 1 13:49 . 8835 (171.71.55.196)*
Displaying the Current User Access
You can display all users currently accessing the Cisco VSG.
Before beginning this procedure, you must be logged in to the CLI in EXEC mode.
1.
vsg# show user
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to display a list of users who are currently accessing the Cisco VSG:
vsg# show users NAME LINE TIME IDLE PID COMMENT admin pts/0 Jul 1 04:40 03:29 2915 (::ffff:64.103.145.136) admin pts/2 Jul 1 10:06 03:37 6413 (::ffff:64.103.145.136) admin pts/3 Jul 1 13:49 . 8835 (171.71.55.196)*
Sending a Message to Users
You can send a message to all active users currently using the Cisco VSG.
Before beginning this procedure, you must be logged in to the CLI.
1.
firewall#
send
{session
device}
line
DETAILED STEPS
Command or Action | Purpose |
---|
This example shows how to send a message to all users:
firewall# send Hello. Shutting down the system in 10 minutes. Broadcast Message from admin@vsg (/dev/pts/34) at 8:58 ... Hello. Shutting down the system in 10 minutes.