Académique Documents
Professionnel Documents
Culture Documents
Copy
the
boot
code
from
the
TFTP
server
into
flash
memory.
To
do
so,
enter
a
command
such
as
the
following
at
the
Privileged
EXEC
level
of
the
CLI.
FastIron# copy tftp flash <ipaddr> <imagefilename> bootrom
You
should
see
output
similar
to
the
following.
FWS648POE Router# Flash Memory Write (8192 bytes per
dot)........................... (Boot Flash
Update)Erase.........Write............. TFTP to Flash Done
Copy
the
flash
code
from
the
TFTP
server
into
flash
memory.
To
do
so,
use
the
copy
command
at
the
Privileged
EXEC
level
of
the
CLI.
FastIron# copy tftp flash <ipaddr> <imagefilename> primary | secondary
You
should
see
output
similar
to
the
following.
FWS648POE Router# Flash Memory Write (8192 bytes per dot)
........................
.......................................................................
.......................................................................
.....
TFTP to Flash Done
Once
you
have
completed
the
upgrade,
you
must
reboot
the
device
to
complete
the
upgrade
process.
Use
one
of
the
following
commands:
FastIron# reload
This
command
boots
from
the
default
boot
source,
which
is
the
primary
flash
area
by
default.
FastIron# boot system flash primary | secondary
Use
this
command
to
upload
a
copy
of
the
startup
configuration
file
from
the
Layer
2
Switch
or
Layer
3
Switch
to
a
TFTP
server.
FastIron# copy running-config tftp <tftp-ip-addr> <filename>
Use
this
command
to
upload
a
copy
of
the
running
configuration
file
from
the
Layer
2
Switch
or
Layer
3
Example:
FastIron(config)# enable super-user-password <text>
FastIron(config)# enable telnet password <text>
Example:
This example sets the Telnet timeout to ten minutes.
FastIron(config)# telnet timeout 10
Example:
This example sets the console timeout to ten minutes.
FastIron(config)# console timeout 10
Example:
To suppress the connection rejection message sent by the device to a denied Telnet client, enter
the following command at the global CONFIG level of the CLI:
FastIron(config)# telnet server suppress-reject-message
Syntax:
[no]
telnet
server
suppress-reject-message
Example:
If you want to remove the password encryption, you can disable encryption by entering the
following command:
FastIron(config)# no service password-encryption
Syntax: [no] service password-encryption
EXAMPLE:
This example enables Telnet Authentication which forces Telnet connections to use the local user
database and forces the Web management and Privileged EXEC and CONFIG levels of the CLI
to use the local user database for authentication.
FastIron(config)# enable telnet authentication
FastIron(config)# aaa authentication web-server default local
FastIron(config)# aaa authentication enable default local
EXAMPLE:
This example will setup four separate user accounts and assign them with the proper access
privileges. The device will then force all Telnet, Web, and Privilege EXEC and CONFIG access to
authenticate against the devices local user accounts.
Paul - System Administrator with all rights
Jane - System Administrator with all rights (backup to Paul)
Andy - Desktop Support with port configuration access only
Brad - Unix Administrator with read only access rights
First, create the accounts with the associated privilege levels.
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
username
username
username
username
paul
jane
andy
brad
privilege
privilege
privilege
privilege
0
0
4
5
password
password
password
password
pauls_password
janes_password
andys_password
brads_password
The privilege parameter specifies the privilege level for the account. You can specify one of the
following:
0 - Super User level (full read-write access)
4 - Port Configuration level
5 - Read Only level
The default privilege level is 0.
Next associate the local user database authentication to Telnet and Web management and
Privileged EXEC and CONFIG levels of the CLI to use the local user database for authentication.
FastIron(config)# enable telnet authentication
FastIron(config)# aaa authentication web-server default local
FastIron(config)# aaa authentication enable default local
Web management authentication can be disabled by the following command
FastIron(config)# web-management allow-no-password
Web management authentication can be enabled by the following command
EXAMPLE:
This example creates two Layer 3 port-based VLANs and restricts the Telnet and Web
management clients to a Port Based VLAN with the ID of 10 and restricts access from SNMP and
TFTP clients to a port- based VLAN with the ID of 40.
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
FastIron(config)#
vlan 10 by port
untagged e1 to 2
router-interface ve 10
vlan 40 by port
untagged e4 to 5
router-interface ve 40
telnet server enable vlan 10
web-management enable vlan 10
snmp-server enable vlan 40
tftp client enable vlan 40
Creating
A
Stack
This example creates a stack
FastIron# config t
FastIron(config)# stack enable
FastIron(config)# exit
FastIron#
Next enter the following command
Type Role
Mac Address
Pri
FLS648 active 00e0.52ab.cd00
128
FLS624 standby
0012.f2d5.2100
FGS624 member
0012.f239.2d40
State
local
60
remote
0
remote
Comment
Ready
Ready
Ready
Creating
a
Trunk
To configure a trunk group consisting of two groups of two ports each, enter commands such as
the following.
FastIron(config)#trunk ethernet 1/1 to 1/2 ethernet 3/3 to 3/4
Trunk will be created in next trunk deploy
FastIron(config)#write memory
FastIron(config)#trunk deploy
Enabling
VRRP
To implement a simple VRRP configuration using all the default values, enter commands such as
the following.
Configuring a Backup
Enable VRRP globally
FastIron2(config)#router vrrp
Configure an interface
FastIron2(config)#inter e 1/5
FastIron2(config-if-1/5)#ip address 192.53.5.3
FastIron2(config-if-1/5)#ip vrrp vrid 1
FastIron2(config-if-1/5-vrid-1)#backup
FastIron2(config-if-1/5-vrid-1)#advertise backup
FastIron2(config-if-1/5-vrid-1)#ip-address 192.53.5.1
FastIron2(config-if-1/5-vrid-1)#activate
10
11
Note: In addition to the global and interface parameters in the sections above, you need to
identify an interface on at least one Layer 3 Switch as a candidate PIM Sparse Bootstrap router
(BSR) and candidate PIM Sparse Rendezvous Point (RP).
Configuring
BSR
To configure the Layer 3 Switch as a candidate BSR and RP, enter commands such as the
following.
FastIron(config)#router pim
FastIron(config-pim-router)#bsr-candidate ethernet 2/2 30 255
BSR address: 207.95.7.1, hash mask length: 30, priority: 255
This command configures the PIM Sparse interface on port 2/2 as a BSR candidate, with a hash
mask length of 30 and a priority of 255. The information shown in italics above is displayed by the
CLI after you enter the candidate BSR configuration command.
Syntax: [no] bsr-candidateethernet [<slotnum>/]<portnum> | loopback<num> | ve<num>
<hash-mask-length> [<priority>]
Configuring
RPs
Enter a command such as the following to configure the Layer 3 Switch as a candidate RP.
FastIron(config-pim-router)#rp-candidate ethernet 2/2
Syntax: [no] rp-candidateethernet[<slotnum>/]<portnum> | loopback<num> | ve<num>
The <slotnum> parameter is required on chassis devices.
The <portnum> | loopback <num> | ve <num> parameter specifies the interface.
12
Ports e3/11
13