Skip to content

CML での IOSv コンフィグ・テンプレート (TELNET / SSH)

以前に VIRL などで検証する際によく使う設定をメモしておきました。

今回は CML で IOSv を利用する場合に備え、以下 3 パターンのコンフィグ・テンプレートを用意したのでメモしておきます。

  1. TELNET
  2. SSH (パスワード認証)
  3. SSH (公開鍵認証)

TELNET

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
hostname IOSv
!
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
!
logging buffered 65536 debugging
!
clock timezone JST +9
!
ip vrf management
!
no ip domain-lookup
!
interface GigabitEthernet0/0
 ip vrf forwarding management
 ip address dhcp
 no shutdown
!
no banner exec ^C
no banner incoming ^C
no banner login ^C
!
line con 0
 exec-timeout 300 0
 privilege level 15
 logging synchronous
 length 0
!
line vty 0 4
 exec-timeout 300 0
 privilege level 15
 logging synchronous
 no login authentication
 length 0
 transport input telnet
!
scheduler allocate
!
end

SSH (パスワード認証)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
hostname IOSv
!
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
!
logging buffered 65536 debugging
!
aaa new-model
!
clock timezone JST +9
!
ip vrf management
!
username admin password admin
!
no ip domain-lookup
ip domain name example.local
!
interface GigabitEthernet0/0
 ip vrf forwarding management
 ip address dhcp
 no shutdown
!
ip ssh version 2
!
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 1 permit 172.16.0.0 0.15.255.255
access-list 1 permit 192.168.0.0 0.0.255.255
!
no banner exec ^C
no banner incoming ^C
no banner login ^C
!
line con 0
 exec-timeout 300 0
 privilege level 15
 logging synchronous
 length 0
!
line vty 0 4
 exec-timeout 300 0
 privilege level 15
 logging synchronous
 length 0
 transport input ssh
!
scheduler allocate
!
crypto key generate rsa modulus 2048
!
end

SSH (公開鍵認証)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
hostname IOSv
!
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
!
logging buffered 65536 debugging
!
aaa new-model
!
clock timezone JST +9
!
ip vrf management
!
ip ssh pubkey-chain
  username admin
   key-string
((PUBLIC-KEY))
exit
!
no ip domain-lookup
ip domain name example.local
!
interface GigabitEthernet0/0
 ip vrf forwarding management
 ip address dhcp
 no shutdown
!
ip ssh version 2
ip ssh server algorithm authentication publickey password keyboard
ip ssh server algorithm publickey ssh-rsa
!
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 1 permit 172.16.0.0 0.15.255.255
access-list 1 permit 192.168.0.0 0.0.255.255
!
no banner exec ^C
no banner incoming ^C
no banner login ^C
!
line con 0
 exec-timeout 300 0
 privilege level 15
 logging synchronous
 length 0
!
line vty 0 4
 exec-timeout 300 0
 privilege level 15
 logging synchronous
 length 0
 transport input ssh
!
scheduler allocate
!
crypto key generate rsa modulus 2048
!
end