Tuesday 28 May 2013

File System Management on Cisco IOS Router:

Usually when login to Router we are in Flash File System(Flash drive) of the IOS Router, this drive holds IOS image files and retained on rebooting the router. Usually .bin, .tar, pkg files there, But system file like startup-config, private-config etc resides on nvram.

Output from Flash drive:#dir
Directory of flash:/

    1  -rw-    13937472  Dec 19 2006 06:03:00 +00:00  c1841-ipbase-mz.124-1c.bin
    2  -rw-        1821  Dec 19 2006 06:17:24 +00:00  sdmconfig-18xx.cfg
    3  -rw-     4734464  Dec 19 2006 06:18:12 +00:00  sdm.tar
    4  -rw-      833024  Dec 19 2006 06:18:46 +00:00  es.tar
    5  -rw-     1052160  Dec 19 2006 06:19:20 +00:00  common.tar
    6  -rw-        1038  Dec 19 2006 06:19:58 +00:00  home.shtml
    7  -rw-      102400  Dec 19 2006 06:20:26 +00:00  home.tar
    8  -rw-      491213  Dec 19 2006 06:21:02 +00:00  128MB.sdf
    9  -rw-     1684577  Dec 19 2006 06:22:00 +00:00  securedesktop-ios-3.1.1.27-k9.pkg
   10  -rw-      398305  Dec 19 2006 06:22:44 +00:00  sslclient-win-1.1.0.154.pkg

Output form nvram: #cd nvram:
#dir
Directory of nvram:/

  190  -rw-        1304                    <no date>  startup-config
  191  ----           5                    <no date>  private-config
  192  -rw-        1304                    <no date>  underlying-config
    1  -rw-           0                    <no date>  ifIndex-table
    2  ----          12                    <no date>  persistent-data

196600 bytes total (193191 bytes free)

Commands:
Dir: shows the directories

Copy: Copy command is used to copy the content like in linux. 
Example: copy "source" "destination"
Like: copy nvram:stratup-configuration tftp://IP_of_tftp/directory/file_name

Show file: show file command display information about sa specific file or a file system.
Like: #show file information flash:c1841-ipbase-mz.124-1c.bin
flash:c1841-ipbase-mz.124-1c.bin:
  type is image (elf) []
  file size is 13937472 bytes, run size is 14103140 bytes
  Runnable image, entry point 0x8000F000, run from ram

More: More command works as it works in linux, it shows the content of file.
Like: more nvram:stratup-config


Delete: Delete command works as it know for.

Earse or Formate: Both the command do the same, but depend what type of memory is being used, both commands are used to wipe out the entire content of memory, Erase is mostly used.


CD and PWD: Cd command is used to change directory as in DOS and Linux, this command change your present directory to whatever directory you specified. and PWD command verifies in what directory you are at present.

Mkdir and Rmdir: mkdir is used to make directory and rmdir is used to remove any directory, Not all router and switch offer of creation and deletion of directory, few of then do.

















Posted by at No comments:
Labels:

Thursday 2 May 2013

SNMP and ASA:
SNMP stands for Simple Network Management Protocol. Up to ASA software 8.1, the SNMP version supported was v1 and v2c. The newest ASA software 8.2 and latter,  also supports SNMP v3 which is the most secure snmp protocol version.
The ASA works as an SNMP server (or agent), So you need  a Network Management System (NMS) which will act as the SNMP manager in order to provide network monitoring and management functionality. The NMS is basically a management server such as the CiscoWorks product or Firewall Analyzer. With the NMS you can either poll the ASA appliance to collect information, or the ASA appliance can send snmp traps (event notifications) to the NMS server. SNMP Traps are sent on UDP port 162 and SNMP poll uses UDP port 161. So, the ASA will listen on udp 161 and the NMS will listen on udp 162 and 161.
Configuring SNMP
 Step1: Enable the snmp server on the ASA.
ASA(config)# snmp-server enable
 Step2: Identify the NMS host that can connect to the ASA for SNMP management.
ASA(config)# snmp-server host [interface_name][ ip_address] community [community string]
Where “interface name” is the ASA interface through which the NMS can be reached, and “ip address” is the NMS address. “community string” is like a preshared password which must be configured on both the ASA and the NMS in order for the two elements to communicate.
Step3: Specify the ASA community string
 ASA(config)# snmp-server community [community string] 
Step4: Enable the ASA to send snmp traps to the NMS
 ASA(config)# snmp-server enable traps [all | snmp [trap] [trap] ]
The default configuration has all snmp traps enabled (snmp-server enable traps snmp authentication linkup linkdown coldstart). It is recommended to leave all traps enabled as the default setting.
Configuration Example:
ASA(config)# snmp-server enable
ASA(config)# snmp-server host inside 10.1.1.100 community secret_Key
ASA(config)# snmp-server community secret_Key
ASA(config)# snmp-server enable traps snmp authentication linkup linkdown coldstart

Note: before configuring SNMP host, make sure that your can reach the NMS via specified Interface.
ASA#ping "interface_name" "IP of NMS"















Posted by at No comments:
Subscribe to: Posts (Atom)