Difference between revisions of "API-SSH-Management"

From Mupssoft Wiki
Jump to navigation Jump to search
Line 57: Line 57:
  
 
<p></p>
 
<p></p>
 
<h2>'''Cisco - IOS L2 v12'''</h2>Minimum* configuration:
 
 
'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
1.    Switch> '''enable'''
 
 
2.    Switch# '''configure terminal'''
 
 
3.    Switch(config)# '''interface vlan 1'''
 
 
4.    Switch(config-if)# '''ip adress''' 172.17.33.5 255.255.255.0
 
 
5.    Switch(config-if)# '''exit'''
 
 
6.    Switch(config)# '''ip default-gateway''' 172.17.33.1
 
 
'''BASIC SSH CONFIGURATION - SUMMARY STEPS'''
 
 
7.    Switch(config)# '''ip domain name''' domain.local
 
 
8.    Switch(config)# '''hostname''' MBSwitch
 
 
9.    MBSwitch(config)# '''crypto key generate rsa modulus 1024'''
 
 
10.    MBSwitch(config)# '''username''' ''root'' privilege 15 '''secret''' ''PassW0rd''
 
 
11.    MBSwitch(config)# '''aaa new-model'''
 
 
12.    MBSwitch(config)# '''line vty 0 4'''
 
 
13.    MBSwitch(config-line)# '''transport input ssh'''
 
 
14.    MBSwitch(config-line)# '''exit'''
 
 
 
'''ADDITIONAL CONFIGURATION - SUMMARY STEPS'''
 
 
15.    MBSwitch(config)# '''enable secret''' PassW0rd
 
 
16.    MBSwitch(config)# '''service password-encryption'''
 
 
17.    MBSwitch(config)# '''snmp-server community public RO'''
 
 
18.    MBSwitch(config)# '''end'''
 
 
19.    MBSwitch# '''copy running-config startup-config'''
 
 
 
 
 
 
 
<h2>'''Cisco - ASA'''</h2>
 
<p>Minimum* configuration. ASA Version 8.2(5):</p>
 
 
'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
1. ciscoasa> '''enable'''
 
 
2. ciscoasa# '''configure termina'''l
 
 
3. (config)# '''enable password''' ''mtigroup''
 
 
4. ciscoasa(config)# '''hostname''' ''MBCiscoasa''
 
 
5. MBCiscoasa11(config)# '''interface''' ''gigabitEthernet 0/0''
 
 
6. MBCiscoasa11(config-if)# '''nameif inside'''
 
 
7. MBCiscoasa11(config-if)# '''ip address''' ''172.18.11.11 255.255.255.0''
 
 
8. MBCiscoasa11(config-if)# '''no shutdown'''
 
 
9. MBCiscoasa11(config-if)# '''exit'''
 
 
10. MBCiscoasa11(config)# '''route inside''' ''0.0.0.0 0.0.0.0 172.18.11.1''
 
 
 
 
 
 
'''BASIC SSH CONFIGURATION - SUMMARY STEPS'''
 
 
11. MBCiscoasa11(config)# '''ssh''' ''172.31.10.0 255.255.255.0'' '''inside'''
 
 
12. MBCiscoasa11(config)# '''username''' ''mupsbox password PassW0rd privilege 15''
 
 
13. MBCiscoasa11(config)# '''aaa authentication ssh console LOCAL'''
 
 
14. MBCiscoasa11(config)# '''write'''
 
 
 
 
 
 
'''ADDITIONAL CONFIGURATION - SUMMARY STEPS'''
 
 
 
 
<h2>'''MikroTik'''</h2>
 
<p>Minimum configuration for RouterOS V6 (with "zero" configuration)</p><p>'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''</p>
 
 
1. [admin@MikroTik] > '''ip address add address='''''172.17.22.4/24'' '''interface='''''ether1''
 
 
2. [admin@MikroTik] > '''ip route add gateway='''''172.17.22.1''
 
 
3. [admin@MikroTik] > '''ipv6 address add address='''2001:db8:b40:4002::4/64 '''interface='''ether1
 
 
4. [admin@MikroTik] > '''ipv6 route add gateway='''2001:db8:b40:4002::1
 
 
5. [admin@MikroTik] > '''system identity set name='''MBMikroTik
 
 
6. [admin@MBMikroTik] > '''ip service disable telnet,ftp,www,api'''
 
 
7. [admin@MBMikroTik] > '''user add name='''mupsbox '''password='''PassW0rd '''group='''full
 
 
8. [admin@MBMikroTik] > '''user remove admin'''<h2>'''DLink DGS'''</h2>
 
<p>Minimum* configuration:</p>'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
1. DGS-1210-28MP/ME:5# '''config ipif System ipaddress''' 172.17.22.2/24
 
 
2. DGS-1210-28MP/ME:5#'''config ipif System ipv6 ipv6address''' 2001:db8:b40:4002::2/64
 
 
3. DGS-1210-28MP/ME:5# '''create iproute default''' 172.17.22.1
 
 
4. DGS-1210-28MP/ME:5# '''create ipv6route default''' 2001:db8:b40:4002::1
 
 
5. DGS-1210-28MP/ME:5# '''enable ssh'''
 
 
6. DGS-1210-28MP/ME:5# '''enable password encryption'''
 
 
7. DGS-1210-28MP/ME:5# '''create account admin''' mupsbox
 
 
8. DGS-1210-28MP/ME:5# '''save'''
 
 
 
<h2>'''Huawei AR100'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
1. <Huawei> '''system-view'''
 
 
2. [Huawei] '''interface''' ''GigabitEthernet 0/0/0''
 
 
3. [Huawei-GigabitEthernet0/0/0] '''undo portswitch'''
 
 
4. [Huawei-GigabitEthernet0/0/0] '''ip address''' ''172.17.22.5 255.255.255.0''
 
 
5. [Huawei-GigabitEthernet0/0/0] '''quit'''
 
 
6. [Huawei] '''ip route-static''' '''0.0.0.0 0.0.0.0''' ''172.17.22.1''
 
 
7. [Huawei] '''save'''
 
 
 
 
8. [Huawei] '''aaa'''
 
 
9. [Huawei-aaa] '''local-user''' mupsbox '''password cipher''' PassW0rd
 
 
10. [Huawei-aaa] '''local-user''' '''admin privilege level 15'''
 
 
11. [Huawei-aaa] '''local-user admin service-type ssh'''
 
 
12. [Huawei-aaa] '''quit'''
 
 
13. [Huawei] '''quit save'''
 
 
14. [Huawei] '''stelnet server enable'''
 
 
15. [Huawei] '''save'''
 
 
<h2>'''Huawei Quidway 2000,3000,5000'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
1. <Quidway> '''system-view'''
 
 
2. [Quidway]'''management-vlan 1'''
 
 
3. [Quidway] '''interface Vlan-interface 1'''
 
 
4. [Quidway-Vlan-interface1] '''ip address''' ''172.17.55.7 255.255.255.0''
 
 
5. [[Quidway-Vlan-interface1] '''quit'''
 
 
6. [Quidway] '''ip route-static''' '''0.0.0.0 0.0.0.0''' ''172.17.22.1''
 
 
7. [Quidway] '''save'''
 
 
 
 
'''BASIC SSH CONFIGURATION - SUMMARY STEPS'''
 
 
8. [Quidway] '''user-interface vty 0 4'''
 
 
9. [Quidway-ui-vty0-4] '''authentication-mode scheme'''
 
 
10. [Quidway-ui-vty0-4] '''protocol inbound ssh'''
 
 
11. [Quidway] '''local-user''' ''mupsbox''
 
 
12. [Quidway-luser-mupsbox] '''password simple''' ''PassW0rd''
 
 
13. [Quidway-luser-mupsbox] '''service-type ssh'''
 
 
14. [Quidway] '''ssh user''' ''mupsbox'' '''authentication-type password'''
 
 
15. [Quidway] '''rsa local-key-pair create'''
 
 
16. [Quidway] '''save'''
 
 
 
 
 
<h2>'''HP Procurve'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
1. ProCurve Switch 2510-48# '''config'''
 
 
2. ProCurve Switch 2510-48(config)# '''hostname''' ''MBHP-2510''
 
 
3. MBHP-2510(config)# '''vlan 1'''
 
 
4. MBHP-2510(vlan-1)# '''ip address''' ''172.17.44.2/24''
 
 
5. MBHP-2510(vlan-1)# '''exit'''
 
 
6. MBHP-2510(config)# '''ip default-gateway''' ''172.17.44.1''
 
 
 
 
 
 
'''BASIC SSH CONFIGURATION - SUMMARY STEPS'''
 
 
7. MBHP-2510(config)# '''ip ssh'''
 
 
8. MBHP-2510(config)# '''crypto key generate ssh'''
 
 
9. MBHP-2510(config)# '''password manager'''
 
 
10. MBHP-2510(config)# '''aaa authentication login privilege-mode'''
 
 
11. MBHP-2510(config)# '''aaa authentication ssh login tacacs local'''
 
 
12. MBHP-2510(config)# '''aaa authentication ssh enable tacacs local'''
 
 
13. MBHP-2510(config)# '''write memory'''
 
 
 
<h2>'''Juniper SRX'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC CONFIGURATION - SUMMARY STEPS'''
 
 
1. root@% '''cli'''
 
 
2. root> '''configure'''
 
 
3. root# '''set system host-name''' ''MBSRX100b''
 
 
4. root# <kbd>'''set system root-authentication plain-text-password'''</kbd>
 
 
''New password: <var>password</var>''
 
 
''Retype new password: <var>password</var>''
 
 
5. root# <kbd>'''set system login user''' ''mupsbox'' '''class super-user authentication plain-text-password'''</kbd>
 
 
6. root# '''commit'''
 
 
 
 
'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
7. root@MBSRX100b#  '''set interfaces''' ''fe-0/0/0'' '''unit 0 family inet address''' <var>172.17.44.4/24</var>
 
 
8. root@MBSRX100b# '''set routing-options static route''' '''0.0.0.0/0 next-hop''' 172.17.44.1
 
 
9. root@MBSRX100b# '''delete security zones security-zone untrust interfaces''' ''fe-0/0/0''
 
 
10. root@MBSRX100b# '''set security zones security-zone internal interfaces''' ''fe-0/0/0'' '''host-inbound-traffic system-services ping'''
 
 
11. root@MBSRX100b# '''set security zones security-zone internal interfaces''' ''fe-0/0/0'' '''host-inbound-traffic system-services ssh'''
 
 
12. root@MBSRX100b# '''set system services ssh'''
 
 
13. root@MBSRX100b# '''set system services ssh root-login allow'''
 
 
12. root@MBSRX100b# '''commit'''
 
 
 
<h2>'''Juniper ES'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC CONFIGURATION - SUMMARY STEPS'''
 
 
1. root@% '''cli'''
 
 
2. root> '''configure'''
 
 
3. root# '''set system host-name''' MBSRX100b
 
 
4. root# <kbd>'''set system root-authentication plain-text-password'''</kbd>
 
 
''New password: <var>password</var>''
 
 
''Retype new password: <var>password</var>''
 
 
5. root# <kbd>'''set system login user''' ''mupsbox'' '''class super-user authentication plain-text-password'''</kbd>
 
 
6. root# '''commit'''
 
 
 
 
'''BASIC ETHERNET CONFIGURATION - SUMMARY STEPS'''
 
 
7. root@MBSRX100b#  delete interface ge-0/0/0 unit 0 family ethernet-switching
 
 
8. root@MBSRX100b#  '''set interfaces''' ge-0/0/0 '''unit 0 family inet address''' <var>172.17.44.4/24</var>
 
 
9. root@MBSRX100b# '''set routing-options static route''' '''0.0.0.0/0 next-hop''' 172.17.44.1
 
 
10. root@MBSRX100b# '''set system services ssh'''
 
 
11. root@MBSRX100b# '''set system services ssh connection-limit 10 rate-limit 4'''
 
 
12. root@MBSRX100b# '''commit'''
 
 
 
 
<h2>'''Juniper SSG'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. root-> '''set hostname''' ''MBSSG5''
 
 
2. MBSSG5-> '''set admin name''' ''mupsbox''
 
 
3. MBSSG5-> '''set admin password''' ''PassW0rd''
 
 
4. MBSSG5-> <kbd>'''set interface''' ''bgroup0'' '''ip 172.17.44.5/24'''</kbd>
 
 
5. MBSSG5-> '''set route''' ''0.0.0.0/0'' '''interface''' ''bgroup0'' '''gateway''' ''172.17.44.1''
 
 
6. MBSSG5-> '''save'''
 
 
7. MBSSG5-> '''set interface''' ''bgroup0'' '''manage ssh'''
 
 
8. MBSSG5-> '''set ssh enable'''
 
 
 
 
 
<h2>'''Eltex  MES'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. console> '''enable'''
 
 
2. console# '''configure'''
 
 
2. console(config)# '''interface vlan 1'''
 
 
3. console(config-if)# '''no ip address dhcp'''
 
 
4. console(config-if)# '''ip address''' ''172.17.55.4 255.255.255.0''
 
 
5. console(config-if)# '''exit'''
 
 
6. console(config)# '''ip route''' ''0.0.0.0 0.0.0.0 172.17.55.1''
 
 
7. console(config)# '''hostname''' ''MBEltexMES''
 
 
8. console(config)# '''ip ssh server'''
 
 
9. MBEltexMES(config)# '''username''' ''mupsbox'' ''privilege 15'' '''password''' ''PassW0rd!''
 
 
10. MBEltexMES(config)# '''enable password prpassword'''
 
 
 
 
 
<h2>'''Zyxel ZyWALL'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. Router> '''enable'''
 
 
2. Router# '''configure terminal'''
 
 
2. Router(config)# '''interface''' ''ge2''
 
 
3. Router(config-if-ge)# '''ip address''' ''172.17.44.7 255.255.255.0''
 
 
4. Router(config-if-ge)# '''ip gateway''' ''172.17.44.1''
 
 
5. Router(config-if-ge)# '''no shutdown'''
 
 
6. Router(config-if-ge)# '''exit'''
 
 
7. Router(config)# '''username''' ''mupsbox'' '''password''' ''PassW0rd'' '''user-type''' ''admin''
 
 
 
 
 
<h2>'''Qtech QSW'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. QSW-2850-28T-AC> '''enable'''
 
 
2. QSW-2850-28T-AC# '''config terminal'''
 
 
2. QSW-2850-28T-AC(config)# '''interface vlan 1'''
 
 
3. QSW-2850-28T-AC(config-if-vlan1)# '''ip address''' ''172.17.44.8 255.255.255.0''
 
 
4. QSW-2850-28T-AC(config-if-vlan1)# '''exit'''
 
 
5. QSW-2850-28T-AC(config)# '''ip default-gateway''' ''172.17.44.1''
 
 
6. QSW-2850-28T-AC(config)# '''ssh-server enable'''
 
 
7. QSW-2850-28T-AC(config)# '''username''' ''mupsbox'' privilege 15 '''password''' ''PassW0rd''
 
 
8. QSW-2850-28T-AC(config)# '''exit'''
 
 
9. QSW-2850-28T-AC# '''copy running-config startup-config'''
 
 
 
 
 
<h2>'''Allied Telesis'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. console# '''config'''
 
 
2. console(config)# '''interface vlan 1'''
 
 
3. console(config-if)# '''ip address''' ''172.17.55.9 255.255.255.0''
 
 
4.console(config-if)# '''exit'''
 
 
5. console(config)# '''ip default-gateway''' ''172.17.55.1''
 
 
6. console(config)# '''username''' ''mupsbox'' '''password''' ''PassW0rd'' level 15
 
 
7. console(config)# '''ip ssh server'''
 
 
8. console(config)# '''crypto key generate rsa'''
 
 
 
 
<h2>'''Fortinet'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. FortiGate-VM64-KVM # '''config system interface'''
 
 
2. FortiGate-VM64-KVM (interface) # '''edit''' ''port1''
 
 
2. FortiGate-VM64-KVM (port1) # '''set ip''' ''172.18.33.111 255.255.255.0''
 
 
3 FortiGate-VM64-KVM (port1) # '''end'''
 
 
4. FortiGate-VM64-KVM # '''config router static'''
 
 
5. FortiGate-VM64-KVM (static) # '''edit''' ''0''
 
 
6. FortiGate-VM64-KVM (0) # '''set gateway''' ''172.18.33.1''
 
 
7. FortiGate-VM64-KVM (0) # '''set device''' ''port1''
 
 
8. FortiGate-VM64-KVM (0) # '''end'''
 
 
9. FortiGate-VM64-KVM # '''config system admin'''
 
 
10. FortiGate-VM64-KVM (admin) # '''edit''' ''mupsbox''
 
 
11. FortiGate-VM64-KVM (mupsbox) # '''set accprofile''' ''"super_admin"''
 
 
12. FortiGate-VM64-KVM (mupsbox) # '''set vdom "root"'''
 
 
13. FortiGate-VM64-KVM (mupsbox) # '''set password''' ''PassW0rd''
 
 
14. FortiGate-VM64-KVM (mupsbox) # '''end'''
 
 
15. FortiGate-VM64-KVM # '''config system global'''
 
 
16. FortiGate-VM64-KVM (global) # '''set hostname''' ''FortiGateV''
 
 
17. FortiGate-VM64-KVM (global) # '''end'''
 
 
18. FortiGateV # '''execute cfg save'''
 
 
 
 
<h2>'''Extreme Networks'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. * EXOS-VM.1 # '''create account admin''' ''mupsbox'' ''PassW0rd''
 
 
2. * EXOS-VM.6 # '''configure''' ''Mgmt'' '''ipaddress''' ''172.18.33.222 255.255.255.0''
 
 
3. * EXOS-VM.9 # '''configure iproute add default''' ''172.18.33.1'' '''vr''' ''VR-Mgmt''
 
 
4.* EXOS-VM.11 # '''enable ssh2'''
 
 
5.* EXOS-VM.11 # '''save'''
 
 
 
 
 
<h2>'''Check Point'''</h2>
 
 
Minimum* configuration:
 
 
'''BASIC  CONFIGURATION - SUMMARY STEPS'''
 
 
1. gw-170003>set expert-password
 
 
2.gw-170003>expert
 
 
3. [Expert@gw-170003:0]# hostname MBCheckPoint
 
 
4.[Expert@MBCheckPoint]# hostname MBCheckPoint
 
 
5.* EXOS-VM.11 # save
 
 
  
  

Revision as of 04:58, 22 June 2021

Management Device

Introduction

Device management via api and (or) ssh.

Management can be globally divided into two parts: group configuration your devices and request-response for reporting your settings.


Cisco - IOS v15

Minimum* configuration:

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. Router> enable

2. Router# configure terminal

3. Router(config)# interface gigabitethernet 0/0

4. Router(config-if)# ip adress 10.9.90.201 255.255.255.0

5. Router(config-if)# ipv6 address 2001:db8:B40:4000::101/64

6. Router(config-if)# no shutdown

7. Router(config-if)# exit

8. Router(config)# ip route 0.0.0.0 0.0.0.0 10.9.90.1

9. Router(config)# ipv6 route ::/0 2001:db8:B40:4000::1

BASIC SSH CONFIGURATION - SUMMARY STEPS

10. Router(config)# ip domain name domain.local

11. Router(config)# hostname MBRouter

12. MBRouter(config)# crypto key generate rsa modulus 1024

13. MBRouter(config)# username root privilege 15 secret PassW0rd

14. MBRouter(config)# aaa new-model

15. MBRouter(config)# line vty 0 4

16. MBRouter(config-line)# transport input ssh

17. MBRouter(config-line)# exit

ADDITIONAL CONFIGURATION - SUMMARY STEPS

18. MBRouter(config)# enable secret PassW0rd

19. MBRouter(config)# service password-encryption

20. MBRouter(config)# end

21. MBRouter# copy running-config startup-config







Retrieved from "https://wiki.mupssoft.com/index.php?title=API-SSH-Management&oldid=1091"