Device configuration for MupsBox

From Mupssoft Wiki
Revision as of 05:10, 13 June 2021 by Tolstii (talk | contribs)
Jump to navigation Jump to search

Device Configuration

Introduction

This section is not a tutorial on configuration different manufacturers. Here you will find the minimum settings in the CLI (for access from MUPSBOX to devices).


Vendor Configuration

Cisco - IOS v15

Minimum* configuration:

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. Router> enable

2. Router# configure terminal

3. Router(config)# interface gigabitethernet 0/0

4. Router(config-if)# ip adress 10.9.90.201 255.255.255.0

5. Router(config-if)# ipv6 address 2001:db8:B40:4000::101/64

6. Router(config-if)# no shutdown

7. Router(config-if)# exit

8. Router(config)# ip route 0.0.0.0 0.0.0.0 10.9.90.1

9. Router(config)# ipv6 route ::/0 2001:db8:B40:4000::1

BASIC SSH CONFIGURATION - SUMMARY STEPS

10. Router(config)# ip domain name domain.local

11. Router(config)# hostname MBRouter

12. MBRouter(config)# crypto key generate rsa modulus 1024

13. MBRouter(config)# username root privilege 15 secret PassW0rd

14. MBRouter(config)# aaa new-model

15. MBRouter(config)# line vty 0 4

16. MBRouter(config-line)# transport input ssh

MBRouter(config-line)# exit


ADDITIONAL CONFIGURATION - SUMMARY STEPS

17. MBRouter(config)# enable secret PassW0rd

18. MBRouter(config)# service password-encryption

19. MBRouter(config)# end

20. MBRouter# copy running-config startup-config


Cisco - IOS L2 v12

Minimum* configuration:

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. Switch> enable

2. Switch# configure terminal

3. Switch(config)# interface vlan 1

4. Switch(config-if)# ip adress 172.17.33.5 255.255.255.0

7. Switch(config-if)# exit

8. Switch(config)# ip default-gateway 172.17.33.1

BASIC SSH CONFIGURATION - SUMMARY STEPS

10. Switch(config)# ip domain name domain.local

11. Switch(config)# hostname MBSwitch

12. MBSwitch(config)# crypto key generate rsa modulus 1024

13. MBSwitch(config)# username root privilege 15 secret PassW0rd

14. MBSwitch(config)# aaa new-model

15. MBSwitch(config)# line vty 0 4

16. MBSwitch(config-line)# transport input ssh

MBSwitch(config-line)# exit

ADDITIONAL CONFIGURATION - SUMMARY STEPS

17. MBSwitch(config)# enable secret PassW0rd

18. MBSwitch(config)# service password-encryption

19. MBSwitch(config)# snmp-server community public RO

19. MBSwitch(config)# end

20. MBSwitch# copy running-config startup-config



Cisco - ASA

Minimum* configuration. ASA Version 8.2(5):

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. ciscoasa> enable

2. ciscoasa# configure terminal

(config)# enable password mtigroup

3. ciscoasa(config)# hostname MBCiscoasa

MBCiscoasa11(config)# interface gigabitEthernet 0/0

MBCiscoasa11(config-if)# nameif inside

7. MBCiscoasa11(config-if)# ip address 172.18.11.11 255.255.255.0

MBCiscoasa11(config-if)# no shutdown

exit

MBCiscoasa11(config)# route inside 0.0.0.0 0.0.0.0 172.18.11.1


BASIC SSH CONFIGURATION - SUMMARY STEPS

MBCiscoasa11(config)# ssh 172.31.10.0 255.255.255.0 inside

MBCiscoasa11(config)# username mupsbox password PassW0rd privilege 15

MBCiscoasa11(config)# aaa authentication ssh console LOCAL

write


ADDITIONAL CONFIGURATION - SUMMARY STEPS


MikroTik

Minimum configuration for RouterOS V6 (with "zero" configuration)

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. [admin@MikroTik] > ip address add address=172.17.22.4/24 interface=ether1

2. [admin@MikroTik] > ip route add gateway=172.17.22.1

3. [admin@MikroTik] > ipv6 address add address=2001:db8:b40:4002::4/64 interface=ether1

4. [admin@MikroTik] > ipv6 route add gateway=2001:db8:b40:4002::1

5. [admin@MikroTik] > system identity set name=MBMikroTik

6. [admin@MBMikroTik] > ip service disable telnet,ftp,www,api

7. [admin@MBMikroTik] > user add name=mupsbox password=PassW0rd group=full

8. [admin@MBMikroTik] > user remove admin

DLink DGS

Minimum* configuration:

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. DGS-1210-28MP/ME:5# config ipif System ipaddress 172.17.22.2/24

2. DGS-1210-28MP/ME:5#config ipif System ipv6 ipv6address 2001:db8:b40:4002::2/64

3. DGS-1210-28MP/ME:5# create iproute default 172.17.22.1

4. DGS-1210-28MP/ME:5# create ipv6route default 2001:db8:b40:4002::1

5. DGS-1210-28MP/ME:5# enable ssh

6. DGS-1210-28MP/ME:5# enable password encryption

7. DGS-1210-28MP/ME:5# create account admin mupsbox

8. DGS-1210-28MP/ME:5# save

Huawei AR100

Minimum* configuration:

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. <Huawei> system-view

2. [Huawei] interface GigabitEthernet 0/0/0

3. [Huawei-GigabitEthernet0/0/0] undo portswitch

4. [Huawei-GigabitEthernet0/0/0] ip address 172.17.22.5 255.255.255.0

5. [Huawei-GigabitEthernet0/0/0] quit

6. [Huawei] ip route-static 0.0.0.0 0.0.0.0 172.17.22.1

7. [Huawei] save


[Huawei]aaa

[Huawei-aaa]local-user mupsbox password cipher PassW0rd

[Huawei-aaa] local-user admin privilege level 15

[Huawei-aaa] local-user admin service-type ssh

[Huawei-aaa] quit

[Huawei] quit save

[Huawei]stelnet server enable

Huawei Quidway 2000,3000,5000

Minimum* configuration:

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. <Quidway> system-view

2.[Quidway]management-vlan 1

3. [Quidway]interface Vlan-interface 1

4. [Quidway-Vlan-interface1]ip address 172.17.55.7 255.255.255.0

5. [[Quidway-Vlan-interface1]quit

6. [Quidway] ip route-static 0.0.0.0 0.0.0.0 172.17.22.1

7. [Quidway] save


BASIC SSH CONFIGURATION - SUMMARY STEPS

[Quidway] user-interface vty 0 4

[Quidway-ui-vty0-4] authentication-mode scheme

[Quidway-ui-vty0-4] protocol inbound ssh

[Quidway] local-user mupsbox

[Quidway-luser-mupsbox] password simple PassS0rd

[Quidway-luser-mupsbox] service-type ssh

[Quidway] ssh user mupsbox authentication-type password

[Quidway]rsa local-key-pair create


HP Procurve

Minimum* configuration:

BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

1. ProCurve Switch 2510-48# config

2. ProCurve Switch 2510-48(config)# hostname MBHP-2510

3. MBHP-2510(config)# vlan 1

4. MBHP-2510(vlan-1)# ip address 172.17.44.2/24

5. MBHP-2510(vlan-1)# exit

6. MBHP-2510(config)# ip default-gateway 172.17.44.1


BASIC SSH CONFIGURATION - SUMMARY STEPS

7. MBHP-2510(config)# ip ssh

8. MBHP-2510(config)# crypto key generate ssh

9. MBHP-2510(config)# password manager

10. MBHP-2510(config)# aaa authentication login privilege-mode

11. MBHP-2510(config)# aaa authentication ssh login tacacs local

12. MBHP-2510(config)# aaa authentication ssh enable tacacs local

13. MBHP-2510(config)# write memory


Juniper SRX

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. root@% cli

2. root> configure

3. root# set system host-name MBSRX100b

4. root# set system root-authentication plain-text-password

New password: password

Retype new password: password

5. root# set system login user mupsbox class super-user authentication plain-text-password

6. root# commit


BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

7. root@MBSRX100b# set interfaces fe-0/0/0 unit 0 family inet address 172.17.44.4/24

8. root@MBSRX100b# set routing-options static route 0.0.0.0/0 next-hop 172.17.44.1

9. root@MBSRX100b# delete security zones security-zone untrust interfaces fe-0/0/0

10. root@MBSRX100b# set security zones security-zone internal interfaces fe-0/0/0 host-inbound-traffic system-services ping

11. root@MBSRX100b# set security zones security-zone internal interfaces fe-0/0/0 host-inbound-traffic system-services ssh

set system services ssh

set system services ssh root-login allow

12. root@MBSRX100b# commit


Juniper ES

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. root@% cli

2. root> configure

3. root# set system host-name MBSRX100b

4. root# set system root-authentication plain-text-password

New password: password

Retype new password: password

5. root# set system login user mupsbox class super-user authentication plain-text-password

6. root# commit


BASIC ETHERNET CONFIGURATION - SUMMARY STEPS

11. root@MBSRX100b# delete interface ge-0/0/0 unit 0 family ethernet-switching

7. root@MBSRX100b# set interfaces ge-0/0/0 unit 0 family inet address 172.17.44.4/24

8. root@MBSRX100b# set routing-options static route 0.0.0.0/0 next-hop 172.17.44.1

9. root@MBSRX100b# set system services ssh

10. root@MBSRX100b# set system services ssh connection-limit 10 rate-limit 4

12. root@MBSRX100b# commit


Juniper SSG

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. root-> set hostname MBSSG5

2.MBSSG5-> set admin name mupsbox

3. MBSSG5-> set admin password PassW0rd

4. MBSSG5-> set interface bgroup0 ip 172.17.44.5/24

5. MBSSG5-> set route 0.0.0.0/0 interface bgroup0 gateway 172.17.44.1

6. MBSSG5-> save

7. MBSSG5-> set interface bgroup0 manage ssh

8. MBSSG5-> set ssh enable


Eltex MES

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. console> enable

2. console# configure

2. console(config)# interface vlan 1

3. console(config-if)# no ip address dhcp

4. console(config-if)# ip address 172.17.55.4 255.255.255.0

5. console(config-if)# exit

6. console(config)# ip route 0.0.0.0 0.0.0.0 172.17.55.1

7. console(config)# hostname MBEltexMES

8. console(config)# ip ssh server

9.MBEltexMES(config)# username mupsbox privilege 15 password PassW0rd!

10. MBEltexMES(config)# enable password prpassword


Zyxel ZyWALL

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. Router> enable

2. Router# configure terminal

2. Router(config)# interface ge2

3. Router(config-if-ge)# ip address 172.17.44.7 255.255.255.0

4. Router(config-if-ge)# ip gateway 172.17.44.1

5. Router(config-if-ge)# no shutdown

6. Router(config-if-ge)# exit

7. Router(config)# username mupsbox password PassW0rd user-type admin


Qtech QSW

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. QSW-2850-28T-AC>enable

2. QSW-2850-28T-AC#config terminal

2. QSW-2850-28T-AC(config)#interface vlan 1

3. QSW-2850-28T-AC(config-if-vlan1)#ip address 172.17.44.8 255.255.255.0

4. QSW-2850-28T-AC(config-if-vlan1)#exit

5. QSW-2850-28T-AC(config)#ip default-gateway 172.17.44.1

6. QSW-2850-28T-AC(config)# ssh-server enable

7. QSW-2850-28T-AC(config)#username mupsbox privilege 15 password PassW0rd

8. QSW-2850-28T-AC(config)# exit

9. QSW-2850-28T-AC#copy running-config startup-config


Allied Telesis

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. console# config

2. console(config)# interface vlan 1

2. console(config-if)# ip address 172.17.55.9 255.255.255.0

3.console(config-if)# exit

4. console(config)# ip default-gateway 172.17.55.1

5. console(config)# username mupsbox password PassW0rd level 15

6. console(config)# ip ssh server

7. console(config)# crypto key generate rsa


Fortinet

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. FortiGate-VM64-KVM # config system interface

2. FortiGate-VM64-KVM (interface) # edit port1

2. FortiGate-VM64-KVM (port1) # set ip 172.18.33.111 255.255.255.0

3 FortiGate-VM64-KVM (port1) # end

4. FortiGate-VM64-KVM # config router static

5. FortiGate-VM64-KVM (static) # edit 0

6. FortiGate-VM64-KVM (0) # set gateway 172.18.33.1

7. FortiGate-VM64-KVM (0) # set device port1

FortiGate-VM64-KVM (0) # end

FortiGate-VM64-KVM # config system admin

FortiGate-VM64-KVM (admin) # edit mupsbox

FortiGate-VM64-KVM (mupsbox) # set accprofile "super_admin"

FortiGate-VM64-KVM (mupsbox) # set vdom "root"

FortiGate-VM64-KVM (mupsbox) # set password PassW0rd

FortiGate-VM64-KVM (mupsbox) # end

FortiGate-VM64-KVM # config system global

FortiGate-VM64-KVM (global) # set hostname FortiGateV

FortiGate-VM64-KVM (global) # end

FortiGateV # execute cfg save


Extreme Networks

Minimum* configuration:

BASIC CONFIGURATION - SUMMARY STEPS

1. * EXOS-VM.1 # create account admin mupsbox MupsBox1!

2. * EXOS-VM.6 # configure Mgmt ipaddress 172.18.33.222 255.255.255.0

3. * EXOS-VM.9 # configure iproute add default 172.18.33.1 vr VR-Mgmt

4.* EXOS-VM.11 # enable ssh2







Retrieved from "https://wiki.mupssoft.com/index.php?title=Device_configuration_for_MupsBox&oldid=1059"