Cisco Router

  • Cisco ISR(Integrated Services Router)
  • Cisco ISR G2

サービス統合型ルータ

G2 は +100 で見た目がもっとかっこよくなっている。

能力の記述がいい意味で中二病入っていて面白い。
ガンダムかな?と思う

License

GNS3 では IOS 12 系なので確認できなかった。
VIRL 1.2.64 でもコマンド入力できなかった。

Catalyst 3750 なら確認できるかと思ったけど、だめだった。
サポートしてないって。

DSW2#sh ver
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 15.0(2)SE4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Wed 26-Jun-13 02:41 by prod_rel_team

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(53r)SEY4, RELEASE SOFTWARE (fc1)

DSW2 uptime is 21 minutes
System returned to ROM by power-on
System image file is "flash:/c3750-ipservicesk9-mz.150-2.SE4/c3750-ipservicesk9-mz.150-2.SE4.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C3750V2-24TS (PowerPC405) processor (revision T0) with 131072K bytes of memory.
Processor board ID FDO1729Y0FV
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : C0:8C:60:45:52:00
Motherboard assembly number     : 73-12635-01
Power supply part number        : 341-0328-02
Motherboard serial number       : FDO172905K2
Power supply serial number      : DCA1727M23E
Model revision number           : T0
Motherboard revision number     : G0
Model number                    : WS-C3750V2-24TS-E
System serial number            : FDO1729Y0FV
Top Assembly Part Number        : 800-33979-03
Top Assembly Revision Number    : C0
Version ID                      : V08
CLEI Code Number                : COMKM10DRB
Hardware Board Revision Number  : 0x01


Switch Ports Model              SW Version            SW Image
------ ----- -----              ----------            ----------
*    1 26    WS-C3750V2-24TS    15.0(2)SE4            C3750-IPSERVICESK9-M


Configuration register is 0xF

DSW2#sh license
% License not supported on this device
DSW2#sh license feature
% Incomplete command.

DSW2#sh license feature ?
  switch  Switch license information

DSW2#sh license feature switch
% Incomplete command.

DSW2#sh license feature switch ?
  <1-9>  Switch number

DSW2#sh license feature switch 1
% License not supported on this device

おじさんはがっかりだよ。

References

  1. Ciscoルータ – ISRシリーズ/ISR G2シリーズ
  2. Cisco IOSイメージ – ライセンス

Cisco: terminal log output

R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int f0/0
R1(config-if)#shut
R1(config-if)#
*Mar  1 01:03:46.359: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
*Mar  1 01:03:47.359: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
R1(config-if)#
R2#
*Mar  1 01:10:16.051: %LINK-5-CHANGED: Interface FastEthernet1/0, changed state to administratively down
*Mar  1 01:10:17.051: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to down
R2#

terminal monitor

R2#terminal monitor
R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#end
R2#
*Mar  1 23:47:01.290: %SYS-5-CONFIG_I: Configured from console by vty1 (192.168.12.1)

service timestamps

month/day

R1(config)#^Z
R1#
*Mar  1 23:49:12.590: %SYS-5-CONFIG_I: Configured from console by console

uptime

R1(config)#service timestamps log uptime
R1(config)#^Z
R1#
23:49:30: %SYS-5-CONFIG_I: Configured from console by console

service timestamps log datetime

R1(config)#service timestamps log datetime
R1(config)#^Z
R1#
*Mar  1 23:51:03: %SYS-5-CONFIG_I: Configured from console by console
R1(config)#service timestamps log datetime msec localtime show-timezone
R1(config)#^Z
R1#
*Mar  1 23:52:46.042 UTC: %SYS-5-CONFIG_I: Configured from console by console

debug についても同様にすると

R1(config)#do debug ip icmp
ICMP packet debugging is on
R1(config)#do ping 192.168.12.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/8/12 ms
R1(config)#
*Mar  1 23:55:08.534: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:55:08.542: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:55:08.554: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:55:08.562: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:55:08.574: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
R1(config)#service timestamps debug datetime msec localtime show-timezone
R1(config)#^Z
R1#
*Mar  1 23:55:54.534 UTC: %SYS-5-CONFIG_I: Configured from console by console
R1#ping 192.168.12.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/24 ms
R1#
*Mar  1 23:56:12.646 UTC: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:56:12.654 UTC: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:56:12.662 UTC: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:56:12.674 UTC: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
*Mar  1 23:56:12.686 UTC: ICMP: echo reply rcvd, src 192.168.12.2, dst 192.168.12.1
R1#undebug all
All possible debugging has been turned off

したがって推奨設定は

service timestamps log datetime msec localtime show-timezone
service timestamps debug datetime msec localtime show-timezone

References

  1. Ciscoデバイスの操作 – Ciscoルータ – 出力されたログにあわてない

Cisco telnet

R2 側に必要な設定

enable secret password
line vty 0 15
password password
login
end

接続

R1#telnet 192.168.12.2
Trying 192.168.12.2 ... Open


User Access Verification

Password:
R2>en
Password:
R2#

ユーザ一覧

R1 から telnet してアクセスした場合

R2>show users
    Line       User       Host(s)              Idle       Location
   0 con 0                idle                 00:01:33
* 98 vty 0                idle                 00:00:00 192.168.12.1

  Interface    User               Mode         Idle     Peer Address

GNS3 上でのコンソールアクセスの場合

R2#show users
    Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00
  98 vty 0                idle                 00:00:41 192.168.12.1

  Interface    User               Mode         Idle     Peer Address

Exit Session

R2>exit

セッションの再開

[Connection to 192.168.12.2 closed by foreign host]

R1#telnet 192.168.12.2
Trying 192.168.12.2 ... Open


User Access Verification

Password:
R2>en
Password:
R2# ← Ctrl+Shift+6 X(or control+^ X)
R1#

R1#sh sessions
Conn Host                Address             Byte  Idle Conn Name
*  1 192.168.12.2        192.168.12.2           0     0 192.168.12.2

R1#resume 1
[Resuming connection 1 to 192.168.12.2 ... ]

R2#

telnet セッションを切断したい

Ctrl+Shift+6 X

R2# ← Ctrl+Shift+6 X(or control+^ X)
R1#disconnect
Closing connection to 192.168.12.2 [confirm]
R1#sh sessions
% No connections open

R2#sh users
    Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00

  Interface    User               Mode         Idle     Peer Address

放置されたセッション、悪意あるセッションを殺す

R1#telnet 192.168.12.2
Trying 192.168.12.2 ... Open


User Access Verification

Password:
R2>en
Password:
R2#

R2#sh users
    Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00
  98 vty 0                idle                 00:00:26 192.168.12.1

  Interface    User               Mode         Idle     Peer Address

駆逐してやる!

R2#clear line 98
[confirm]
 [OK]
R2#sh users
    Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00

  Interface    User               Mode         Idle     Peer Address

R1 側では

R2#
[Connection to 192.168.12.2 closed by foreign host]
R1#

実装時や実験環境ではセッションタイムアウトを無効にしていることが多い。

exec-timeout 0 0

References

  1. Ciscoデバイスの操作 – Telnet
  2. WS-C3550でTelnetログインできるようにする | | Beyond Future Yak Shaving
  3. Network Swiss Army Knife | Beyond Future Yak Shaving

GNS3 iTerm2 terminal says ‘telnet: not found’

May from macOS High Sierra, Apple removed telnet?

  1. macOS High Sierra 10.13.2
  2. GNS3 2.1.1
  3. terminal: iTerm2
  4. VMware Fusion Pro 10.1.0 (7370838)

telnet not found

sh-3.2$ exec telnet 172.16.98.128 5000
sh: exec: telnet: not found
sh-3.2$ echo $PATH
/usr/bin:/bin:/usr/sbin:/sbin
$ brew install telnet
$ which telnet
/usr/local/bin/telnet

Configure GNS3 iTerm2 configuration.

osascript -e 'tell application "iTerm"' -e 'activate' -e 'if (count of windows) = 0 then' -e '   set t to (create window with default profile)' -e 'else' -e '   set t to current window' -e 'end if' -e 'tell t' -e '    create tab with default profile command "sh"' -e '    set s to current session' -e '    tell s' -e '        set name to "%d"' -e '        write text "exec telnet %h %p"' -e '    end tell' -e 'end tell' -e 'end tell'

changes following(specify telnet full path):

osascript -e 'tell application "iTerm"' -e 'activate' -e 'if (count of windows) = 0 then' -e '   set t to (create window with default profile)' -e 'else' -e '   set t to current window' -e 'end if' -e 'tell t' -e '    create tab with default profile command "sh"' -e '    set s to current session' -e '    tell s' -e '        set name to "%d"' -e '        write text "exec /usr/local/bin/telnet %h %p"' -e '    end tell' -e 'end tell' -e 'end tell'