Setting default FTP username and password in Cisco's IOS

In an earlier post I discussed how to setup a kron job to push the running configuration out to a ftp server. One thing I didn't mention was what to do if the ftp server does not allow anonymous access. Well you can pre-configure the IOS the FTP username and password along with other options as well. See below:

Examples:
ip ftp username SomeUserName
ip ftp password SomePassword
ip ftp passive
ip ftp source-interface SomeInterface

Router(config)#ip ftp ?
  passive           Connect using passive mode
  password          Specify password for FTP connections
  source-interface  Specify interface for source address in FTP connections
  username          Specify username for FTP connections

Before configurating the FTP username and password:

Router#copy running-config ftp:
Address or name of remote host []? 10.1.1.1
Destination filename [Router-confg]?
Writing Router-confg
%Error writing ftp://10.1.1.1/Router-confg (Incorrect Login/Password)
Router#

With FTP configured:

Router(config)#ip ftp username backup
Router(config)#ip ftp password backuppass

Router#copy running-config ftp:
Address or name of remote host []? 10.1.1.1
Destination filename [Router-confg]?
Writing Router-confg !
7062 bytes copied in 1.020 secs (6924 bytes/sec)
Router#

This will also work with the cli command as part of a kron policy list.

example:

Rourter(config-kron-policy)#cli cli show run | redirect tftp://10.1.1.1/test.cfg

With the FTP username and password set above this command will now work with a username and password.

The Kron Scheduler in Cisco's IOS

This was a find for me since I’ve always had to manually backup my IOS images to a TFTP server usually running on my desktop. With this new feature introduced in IOS 12.3(1) it is now possible to create policy based command sets that can be executed by the IOS's scheduler.

So let’s say you want to backup your running configuration every day on Sunday at 11PM, here is how you would do that.

From configuration mode:

R2(config)#kron policy-list SystemBackup

R2(config-kron-policy)#cli write

R2(config-kron-policy)#cli cli show run | redirect tftp://10.1.1.1/test.cfg

R2(config-kron-policy)#exit

R2(config)#kron occurrence SystemBackup at 23:00 Sun recurring

R2(config-kron-occurrence)#policy-list SystemBackup

The cli commands are limited to those that do not require user interaction so keep that in mind and it is why the show run command was used rather than something like copy running-config tftp://10.1.1.1/test.cfg which requires line input to execute.

To see your new kron job:

R2#sh run | beg kron policy-list backupsystem

!

kron policy-list backupsystem

 cli write memory

 cli cli show run | redirect tftp://10.1.1.1/test.cfg

To see your kron schedule:

R2#sh kron schedule

R2#sh kron schedule

!

Kron Occurrence Schedule

systembackup inactive, will run again in 2 days 22:32:42 at 23:00 on Sun

Additional information:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_tech_note09186a008020260d.shtml#ab

Known bugs:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.domethod=fetchBugDetails&bugId=CSCtc81787&from=summary

Setting the time in Cisco's IOS

The time zone command in the Cisco IOS is based on GMT so when entering the command to set the time zone you must reference the local time zone against GMT time. So for instance Pacific Time is 8 hours behind GMT so -8 would be used. So for example the command to set a an IOS device to the pacific time zone is shown below:

R2(config)#clock timezone pst -8

To set the clock to the correct time:

R2#clock set hh:mm:ss MONTH year

Having the correct time on your router or switch can be important when troubleshooting issues especially when viewing the device logs.

Creating tabs for your blog

Markandey over at www.markandey.com provides a great tutorial on how to add simple tabs like the ones on my site by simply adding a "HTML/Javascript" gadget and entering in the code snippet below:

<ul> 
<li><a href="http://sampleurl.com">Sample URL</a></li> 
<li><a href="http://example.com" >Example Links</a></li> 
</ul>

Edit the href urls to point where you wish viewers to be directed when clicking the tabs. Use the labels feature when posting along with the search funtions built into blogger.com to have the tabs filter your post by the labels. See Markandey's blog for a more detailed explanation.

Sending ESX logs to a syslog server

ESX servers:

Connect to your ESX server, log in as root.

Edit /etc/syslog.conf.

Add the following line to the bottom of the file. This will forward all the logs to your Splunk server.

*.* @splunksvr.mydomain

Restart the syslog service:

service syslog restart

Open the local firewall to allow UDP over port 514:

esxcfg-firewall -o 514,udp,out,syslog

Reload the firewall configuration:

esxcfg-firewall -l

If you want to capture information from the /var/log/vmware/hostd.log do the following:

SSH over to your ESX server. You will need sudo or root access to complete the following.

Edit /etc/vmware/hostd/config.xml with your favorite editor and change it to look like the following:

     <log>

     <directory>/var/log/vmware/</directory>

     <name>hostd</name>

     <outputToConsole>true</outputToConsole>

     <level>info</level>

     </log>

Restart the ESX Management Agents:

service mgmt-vmware restart

ESXi servers:

The process is much simpler simply run the following:

vicfg-syslog --server esxhostsvr.mydomain.com -s splunksvr.mydomain.com -p 514

Or

Using the Vcenter console go to the advanced options under the “configuration” tab and look for the “syslog” option. I may post screenshots later if I have the time.

Fw: Test Drive VMware View for 60 days

View this email on mobile devices | Online version

Try VMware View for 60 Days and Transform your Desktop Infrastructure

	A few weeks ago, you downloaded the VMware Desktop Virtualization Kit. We hope you found the whitepapers included in the kit valuable for your organization. Now we'd like you to evaluate VMware View™ for FREE for 60 days. Try VMware View today for your FREE 60-day trial, and see how virtualization can liberate your healthcare staff with always-on, follow-me desktops. Not Convinced Yet? Visit the VMware Desktop Virtualization Resource Center Learn more about how VMware View desktop virtualization platform can help you transform your healthcare IT infrastructure to deliver unprecedented availability, flexibility and cost savings. In the resource center, you'll find: Top 6 challenges of Healthcare IT: An interactive dialogue addressing Healthcare IT professional and desktop user's pain points. Featured Customer Case Study: Learn how Huntsville Hospital is using VMware View to quickly deploy desktops while protecting sensitive data and reducing helpdesk calls. TCO/ROI Calculator: Determine how much your organization can save. Get in Touch Talk directly to our virtualization experts about taking the next step. Call 1-877-4VMWARE (650-427-5000 outside of North America). For more information, visit http://www.vmware.com/view?src=EM_09Q2_VMW_OTHER_DESKTOPCAMPAIGN-HEALTHCARE-EM2-TEXT&ossrc=EM_09Q2_VMW_OTHER_DESKTOPCAMPAIGN-HEALTHCARE-EM2-TEXT&elq=8d35605460694eeab07c32d6ec58e71a.

	VMware View – Flexibility, Security and Compliance in the healthcare industry

Email ID: 6318_EM2

VMware, Inc. 3401 Hillview Ave Palo Alto CA 94304 USA Tel 1-877-486-9273 Copyright © 2011 VMware, Inc. All rights reserved. VMware is a registered trademark of VMware, Inc. Thank you for registering with VMware. Any information that you provide to VMware will be treated in accordance with our Privacy Policy. To manage your profile and subscription preferences, please go to your VMware Subscription. To UNSUBSCRIBE completely from VMware communications, please click here.

 

Cisco

This is a test post via email

VMWare post

This is a test post for VMWare

This is my first Cisco post

This is a test post for Cisco.