Step 1
|
Power on the
device.
|
Step 2
|
Enable or disable
password-strength checking.
A strong password
has the following characteristics:
-
At least eight
characters long
-
Does not
contain many consecutive characters (such as "abcd")
-
Does not
contain many repeating characters (such as "aaabbb")
-
Does not
contain dictionary words
-
Does not
contain proper names
-
Contains both
uppercase and lowercase characters
-
Contains
numbers
---- System Admin Account Setup ----
Do you want to enforce secure password standard (yes/no) [y]: y
|
Step 3
|
Enter the new
password for the administrator.
Note
|
If a password is trivial (such as a short, easy-to-decipher
password), your password configuration is rejected. Passwords are case
sensitive. Be sure to configure a strong password that has at least eight
characters, both uppercase and lowercase letters, and numbers.
|
Enter the password for "admin": <password>
Confirm the password for "admin": <password>
---- Basic System Configuration Dialog ----
This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.
Please register Cisco Nexus 9000 Family devices promptly with your
supplier. Failure to register may affect response times for initial
service calls. Nexus devices must be registered to receive
entitled support services.
Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.
|
Step 4
|
Enter the setup
mode by entering
yes.
Would you like to enter the basic configuration dialog (yes/no): yes
|
Step 5
|
Create additional
accounts by entering
yes (no is the default).
Create another login account (yes/no) [n]:yes
-
Enter the user
login ID.
Enter the User login Id : user_login
Caution
|
Usernames
must begin with an alphanumeric character and can contain only these special
characters: ( + = . _ \ -). The # and ! symbols are not supported. If the
username contains characters that are not allowed, the specified user is unable
to log in.
|
-
Enter the user
password.
Enter the password for "user1": user_password
Confirm the password for "user1": user_password
-
Enter the
default user role.
Enter the user role (network-operator|network-admin) [network-operator]: default_user_role
For information on
the default user roles, see the
Cisco Nexus
9000 Series NX-OS Security Configuration Guide.
|
Step 6
|
Configure an SNMP
community string by entering
yes.
Configure read-only SNMP community string (yes/no) [n]: yes
SNMP community string : snmp_community_string
For information on
SNMP, see the
Cisco Nexus
9000 Series NX-OS System Management Configuration Guide.
|
Step 7
|
Enter a name for
the device (the default name is switch).
Enter the switch name: switch_name
|
Step 8
|
Configure
out-of-band management by entering
yes.
You can then enter the mgmt0 IPv4 address and subnet
mask.
Note
|
You can only
configure IPv4 address in the setup utility. For information on configuring
IPv6, see the
Cisco
Nexus 9000 Series NX-OS Unicast Routing Configuration Guide.
|
Continue with Out-of-band (mgmt0) management configuration? [yes/no]: yes
Mgmt0 IPv4 address: mgmt0_ip_address
Mgmt0 IPv4 netmask: mgmt0_subnet_mask
|
Step 9
|
Configure the
IPv4 default gateway (recommended) by entering
yes. You can then enter its IP address.
Configure the default-gateway: (yes/no) [y]: yes
IPv4 address of the default-gateway: default_gateway
|
Step 10
|
Configure
advanced IP options such as the static routes, default network, DNS, and domain
name by entering
yes.
Configure Advanced IP options (yes/no)? [n]: yes
|
Step 11
|
Configure a
static route (recommended) by entering
yes. You can then enter its destination prefix,
destination prefix mask, and next hop IP address.
Configure static route: (yes/no) [y]: yes
Destination prefix: dest_prefix
Destination prefix mask: dest_mask
Next hop ip address: next_hop_address
|
Step 12
|
Configure the
default network (recommended) by entering
yes. You can then enter its IPv4 address.
Note
|
The default
network IPv4 address is the same as the destination prefix in the static route
configuration.
|
Configure the default network: (yes/no) [y]: yes
Default network IP address [dest_prefix]: dest_prefix
|
Step 13
|
Configure the
DNS IPv4 address by entering
yes. You can then enter the address.
Configure the DNS IP address? (yes/no) [y]: yes
DNS IP address: ipv4_address
|
Step 14
|
Configure the
default domain name by entering
yes. You can then enter the name.
Configure the DNS IP address? (yes/no) [y]: yes
DNS IP address: ipv4_address
|
Step 15
|
Enable the
Telnet service by entering
yes.
Enable the telnet service? (yes/no) [y]: yes
|
Step 16
|
Enable the SSH
service by entering
yes. You can then enter the key type and number of
key bits. For more information, see the
Cisco Nexus
9000 Series NX-OS Security Configuration Guide.
Enable the ssh service? (yes/no) [y]: yes
Type of ssh key you would like to generate (dsa/rsa) : key_type
Number of key bits <768-2048> : number_of_bits
|
Step 17
|
Configure the
NTP server by entering
yes. You can then enter its IP address. For more
information, see the
Cisco Nexus
9000 Series NX-OS System Management Configuration Guide.
Configure NTP server? (yes/no) [n]: yes
NTP server IP address: ntp_server_IP_address
|
Step 18
|
Specify a
default interface layer (L2 or L3).
Configure default interface layer (L3/L2) [L3]: interface_layer
|
Step 19
|
Enter the
default switchport interface state (shutdown or no shutdown). A shutdown
interface is in an administratively down state. For more information, see the
Cisco Nexus
9000 Series NX-OS Interfaces Configuration Guide.
Configure default switchport interface state (shut/noshut) [shut]: default_state
|
Step 20
|
Enter yes (no is the default) to configure basic Fibre Channel configurations.
Enter basic FC configurations (yes/no) [n]: yes
Note
|
This step is available only on platforms that support SAN switching.
|
-
Enter shut (noshut is the default) to configure the default Fibre Channel switch port interface to the shut (disabled) state.
Configure default physical FC switchport interface state (shut/noshut) [noshut]: shut
-
Enter on (on is the default) to configure the switch port trunk mode
Configure default physical FC switchport trunk mode (on/off/auto) [on]: on
-
Enter permit (deny is the default) to permit a default zone policy configuration.
Configure default zone policy (permit/deny) [deny]: permit
Permits traffic flow to all members of the default zone.
Note
|
If you are executing the setup script after entering a write erase command, you explicitly must change the default zone policy
to permit for VSAN 1 after finishing the script using the following command:
switch(config)# zone default-zone permit vsan 1
|
-
Enter yes (no is the default) to enable a full zone set distribution.
Enable full zoneset distribution (yes/no) [n]: yes
|
Step 21
|
Enter the best practices profile for control plane policing (CoPP). For more information, see the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.
Configure best practices CoPP profile (strict/moderate/lenient/none) [strict]: moderate
The system now summarizes the complete configuration and asks if you want to edit it.
|
Step 22
|
Continue to the
next step by entering
no. If you enter
yes, the setup utility returns to the beginning of
the setup and repeats each step.
Would you like to edit the configuration? (yes/no) [y]: yes
|
Step 23
|
Use and save
this configuration by entering
yes. If you do not save the configuration at this
point, none of your changes are part of the configuration the next time the
device reboots. Enter
yes to save the new configuration. This step ensures
that the boot variables for the nx-os image are also automatically configured.
Use this configuration and save it? (yes/no) [y]: yes
Caution
|
If you do not save the configuration at this point, none of your
changes are part of the configuration the next time that the device reboots.
Enter
yes to save the new configuration to ensure that the
boot variables for the nx-os image are also automatically configured.
|
|