ソースの表示以前のリビジョンバックリンク全て展開する/折り畳む文書の先頭へ Share via Share via... Twitter LinkedIn Facebook Pinterest Telegram WhatsApp Yammer Reddit Teams最近の変更Send via e-Mail印刷パーマリンク × Ciscoルータを初期状態からsshログインできるまで設定する 設定が一切ない場合、起動時に「初期設定するか?」と聞かれるがお断りする。 --- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]: n 特権EXECに入り、パスワードを設定する。 <code> Router>enable Router# Router(config)#enable password PASSWORD Router(config)#service password-encryption <code> インタフェースを見てみる。 Router#show interfaces status Port Name Status Vlan Duplex Speed Type Gi0 disabled 1 auto auto 10/100BaseTX/1000BaseT Gi1 notconnect 1 auto auto 10/100BaseTX/1000BaseT Gi2 notconnect 1 auto auto 10/100BaseTX/1000BaseT Gi3 notconnect 1 auto auto 10/100BaseTX/1000BaseT Gi4 notconnect 1 auto auto 10/100BaseTX/1000BaseT Gi5 notconnect 1 auto auto 10/100BaseTX/1000BaseT Gi6 notconnect 1 auto auto 10/100BaseTX/1000BaseT Gi7 notconnect 1 auto auto 10/100BaseTX/1000BaseT Router#show interfaces GigabitEthernet0 is administratively down, line protocol is down Hardware is Gigabit Ethernet, address is 0081.c4ae.ad97 (bia 0081.c4ae.ad97) MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto-speed ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:18, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 8 packets input, 1222 bytes, 0 no buffer Received 0 broadcasts (8 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast, 0 pause input 0 input packets with dribble condition detected 11 packets output, 1637 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets (略) #configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Router(config)#line console 0 Router(config-line)#logging synchronous インターフェースの有効化 Router(config)#interface GigabitEthernet 0 Router(config-if)#no shutdown *Jan 8 04:32:19.011: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to down *Jan 8 04:32:21.491: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up *Jan 8 04:32:22.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up *Jan 8 04:32:50.511: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up 有効になったか確認 Router(config-if)#do show interfaces GigabitEthernet0 is up, line protocol is up Hardware is Gigabit Ethernet, address is 0081.c4ae.ad97 (bia 0081.c4ae.ad97) MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set インタフェースの数だけ繰り返す。 VLANの状態を確認してみる。 Router(config)#do show vlan-switch VLAN Name Status Ports —- ——————————– ——— ——————————- 1 default active Gi0, Gi1, Gi2, Gi3, Gi4, Gi5 Gi6, Gi7 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 —- —– ———- —– —— —— ——– —- ——– —— —— 1 enet 100001 1500 - - - - - 1002 1003 1002 fddi 101002 1500 - - - - - 1 1003 1003 tr 101003 1500 1005 0 - - srb 1 1002 1004 fdnet 101004 1500 - - 1 ibm - 0 0 1005 trnet 101005 1500 - - 1 ibm - 0 0 Router(config)#interface vlan 1 Router(config-if)#ip address 172.16.0.254 255.255.0.0 Router(config-if)#no shutdown デフォで有効になっているが念のため 疎通確認 $ ping 172.16.0.254 PING 172.16.0.254 (172.16.0.254): 56 data bytes 64 bytes from 172.16.0.254: icmp_seq=0 ttl=255 time=3.138 ms 64 bytes from 172.16.0.254: icmp_seq=1 ttl=255 time=0.675 ms — 172.16.0.254 ping statistics — 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.675/1.906/3.138/1.231 ms sshのアカウント作成 Router(config)#username USERNAME password PASSWORD Router(config)#line vty 0 4 Router(config-line)#login local SSHのみ許可 Router(config-line)#transport input ssh ホスト名とドメイン名の設定 Router(config)#hostname RT RT(config)#ip domain-name example.com 暗号鍵の設定 RT(config)#crypto key generate RSA The name for the keys will be: RT-L01-01.tokyo.lan.decomo.info Choose the size of the key modulus in the range of 360 to 4096 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes. How many bits in the modulus [512]: 2048 % Generating 2048 bit RSA keys, keys will be non-exportable… [OK] (elapsed time was 1 seconds) SSHのバージョン2を使う RT(config)#ip ssh version 2 設定保存 RT#write *Jan 8 12:54:57.493: %SYS-5-CONFIG_I: Configured from console by console Building configuration… [OK] $ ssh Decomo@172.16.0.254 Password: RT> network/cisco/setup_cisco_router_from_initial_to_ssh_login.txt 最終更新: 2017-01-11 09:17by Decomo