测试环境:Cisco CSR1000V虚拟化环境

Step 1:开启Cisco设备netconf-Yang,如下图:

CSR1000V(config)#netconf-yang

CSR1000V(config)#netconf-yang ssh port 830

Step 2:配置AAA

CSR1000V(config)#aaa new-model

CSR1000V(config)#aaa authorization exec default local

Step 3:查看netconf-Yang配置

CSR1000V#show platform software yang-management process
confd : Running
nesd : Running
syncfd : Running
ncsshd : Running
dmiauthd : Running
vtyserverutild : Running
opdatamgrd : Running
ngnix : Running

Step 4:使用SSH登录Cisco设备

[root@docker ~]# ssh -s admin@192.168.188.150 -p 830 netconf

admin@192.168.188.150's password:

<?xml version="1.0" encoding="UTF-8"?>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:netconf:capability:writable-running:1.0</capability>
<capability>urn:ietf:params:netconf:capability:xpath:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.1</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
<capability>urn:ietf:params:netconf:capability:notification:1.0</capability>
<capability>urn:ietf:params:netconf:capability:interleave:1.0</capability>
<capability>http://tail-f.com/ns/netconf/actions/1.0</capability>
<capability>http://tail-f.com/ns/netconf/extensions</capability>
<capability>urn:ietf:params:netconf:capability:with-defaults:1.0?basic-mode=explicit&amp;also-supported=report-all-tagged</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-with-defaults?revision=2011-06-01&amp;module=ietf-netconf-with-defaults</capability>
<capability>http://cisco.com/ns/yang/ned/ios?module=ned&amp;revision=2016-10-24&amp;features=zone,vservice,vpdn,voice,service-insertion,seg-routing,ptp,pfr,otv,mpls-te,mls,l3vpn,l2vpn,intf-service,eth-evc,esmc,controller,card,bridge-domain,bba-group</capability>
<capability>http://cisco.com/ns/yang/ned/ios/asr1k?module=ned-asr1k&amp;revision=2016-04-07</capability>
<capability>http://cisco.com/yang/cisco-ia?module=cisco-ia&amp;revision=2016-06-30</capability>
<capability>http://cisco.com/yang/cisco-odm?module=cisco-odm&amp;revision=2016-08-05</capability>
<capability>http://cisco.com/yang/cisco-self-mgmt?module=cisco-self-mgmt&amp;revision=2016-05-14</capability>
<capability>http://tail-f.com/ns/aaa/1.1?module=tailf-aaa&amp;revision=2015-06-16</capability>
<capability>http://tail-f.com/ns/mibs/IPV6-TC/199812010000Z?module=IPV6-TC&amp;revision=1998-12-01</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-COMMUNITY-MIB/200308060000Z?module=SNMP-COMMUNITY-MIB&amp;revision=2003-08-06</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-FRAMEWORK-MIB/200210140000Z?module=SNMP-FRAMEWORK-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-MPD-MIB/200210140000Z?module=SNMP-MPD-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-NOTIFICATION-MIB/200210140000Z?module=SNMP-NOTIFICATION-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-TARGET-MIB/200210140000Z?module=SNMP-TARGET-MIB&amp;revision=2002-10-14</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-USER-BASED-SM-MIB/200210160000Z?module=SNMP-USER-BASED-SM-MIB&amp;revision=2002-10-16</capability>
<capability>http://tail-f.com/ns/mibs/SNMP-VIEW-BASED-ACM-MIB/200210160000Z?module=SNMP-VIEW-BASED-ACM-MIB&amp;revision=2002-10-16</capability>

附配置文件:

version 16.4
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
platform console auto
!
hostname CSR1000V
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$EyMO$IFGbXXBCiWsUq/N9Nrzyg1
!
aaa new-model
!
!
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!

ip domain name cisco.com
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2486061073
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2486061073
revocation-check none
rsakeypair TP-self-signed-2486061073
!
!
crypto pki certificate chain TP-self-signed-2486061073
certificate self-signed 01
30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32343836 30363130 3733301E 170D3139 30363137 30313433
35375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34383630
36313037 33308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201
0A028201 0100A11C B1E382EB 9D9CF6CD 857D1F86 1BA3C2A7 A421769C BE1B8861
2C8A61EB 6062547D 2C5B16C7 937714BC EE9496F3 59729571 2792B5D5 5440E09B
C42EC60A D744E30D AD4F16B0 7E756F2B 5CDEB554 9D9D5E82 C854219F D97FBADC
07AD7BD4 E915EDA6 0BB756CE 974043B1 44E24777 C0991BFD 9F7FB2CF 6B5EE0BF
EFA0FD35 6A7969DE DB441727 0614E0A0 0A82181F F70109D3 2BCDC2E6 7BB657ED
EEB9E5E9 C5D727B7 4A0F0245 0C6D7F32 A3B340E5 79C69962 55CEFDFA 9702BDF1
CF51419D 2E3FF490 4235A8F1 ABB8B0ED BEE35789 0CAADE77 176082EF 8C687CAC
AC11AE51 515E0818 DB4E77AA 014D3BA0 456305CF ADAEB10E 907CF3C2 C2AC9589
BC9143BC 904B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF
301F0603 551D2304 18301680 14AA70B5 41780650 94D75910 18614801 139F3E51
3D301D06 03551D0E 04160414 AA70B541 78065094 D7591018 61480113 9F3E513D
300D0609 2A864886 F70D0101 05050003 82010100 3FAA16B0 D110FF20 DEC3D85E
98F87B2A 748350BB 71A854AD F32E3DA9 CEFE181B 9AB9BE80 574168A7 3F011ED4
E51E7E01 4DBD1F7E 5C10A0FB 3F6E2A58 3A62F989 E022E53D 227D60AD 17D30BAC
41523589 AB87F1E6 81606280 416D0306 96777BB5 7012943D FD30F18C FE2D65E5
0C9F8FCE E64252D5 02AAD7D4 09853E89 8F0EFDB1 E0FE371C D02BE009 472EDBC1
9CB025CF F02DF230 088B890F BBCFD378 10AA6ED4 EB135C43 03D16848 450100C2
068F87D2 7D1449D8 9C4B6D9E AAE791D2 3B6A5B0A B871A93F 9BD729DF 301A2277
7153BABC BE42A970 92A81AB7 269F6EF6 9873F8C1 EB747F75 9881F1DC 2CFB35DF
8BC05006 5C87EC7F 67616742 231FFD68 65BB6503
quit

!
!
!
!
!
!
!
license udi pid CSR1000V sn 9U8UJUQ3U0O
license boot level ax
diagnostic bootup level minimal
!
spanning-tree extend system-id
netconf-yang cisco-odm actions ACL
netconf-yang cisco-odm actions BGP
netconf-yang cisco-odm actions OSPF
netconf-yang cisco-odm actions Archive
netconf-yang cisco-odm actions IPRoute
netconf-yang cisco-odm actions EFPStats
netconf-yang cisco-odm actions IPSLAStats
netconf-yang cisco-odm actions Interfaces
netconf-yang cisco-odm actions Environment
netconf-yang cisco-odm actions FlowMonitor
netconf-yang cisco-odm actions MemoryStats
netconf-yang cisco-odm actions BFDNeighbors
netconf-yang cisco-odm actions BridgeDomain
netconf-yang cisco-odm actions CPUProcesses
netconf-yang cisco-odm actions LLDPNeighbors
netconf-yang cisco-odm actions VirtualService
netconf-yang cisco-odm actions MemoryProcesses
netconf-yang cisco-odm actions EthernetCFMStats
netconf-yang cisco-odm actions MPLSLDPNeighbors
netconf-yang cisco-odm actions PlatformSoftware
netconf-yang cisco-odm actions MPLSStaticBinding
netconf-yang cisco-odm actions MPLSForwardingTable
netconf-yang
!
!
username admin privilege 15 secret 5 $1$1U/S$7ZnTHY6orTeSU4HPGR7G81
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet1
ip address 192.168.188.150 255.255.0.0
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet2
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet3
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
!
virtual-service csr_mgmt
ip shared host-interface GigabitEthernet1
activate
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet1 192.168.188.254
ip ssh rsa keypair-name ssh-key
ip ssh version 2
!
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
stopbits 1
line vty 0 4
transport input ssh
!
!
!
!
!
!
end

使用Netconf管理Cisco网络设备的更多相关文章

  1. 使用域账号统一管理cisco网络设备

    1.思科设备和微软系统整合的背景: 公司内部有一定数量的客户端,为了实现统一化,在管理内部部署了域架构,这样可以通过组策略对客户端进行批量化管理,提高了管理的效率. 同样公司内部有一定数量的网络设备( ...

  2. 使用python管理Cisco设备-乾颐堂

    今天发现一个老外使用python写的管理cisco设备的小框架tratto,可以用来批量执行命令. 下载后主要有3个文件: Systems.py 定义了一些不同设备的操作系统及其常见命令. Conne ...

  3. 使用tratto进行CISCO网络设备的管理

    测试环境: CSR1000V CentOS7.4 X64 Step 1:在CentOS7上安装python 3.0环境 [root@docker ~]# python3 -VPython 3.7.0[ ...

  4. H3C、Huawei、Cisco网络设备AAA TACACS认证配置

    TACACS技术白皮书 摘要:TACACS是实现AAA功能的一种安全协议,主要是通过TACACS客户端与TACACS服务器通信来实现多种用户的AAA功能. HWTACACS采用TCP协议承载报文,TC ...

  5. 用python管理Cisco路由器

    目前DevOps是整个运维发展的方向,Network的运维也一样.使用程序控制底层的路由器是最基本的要求之一. 本文简单解释如何用Python控制路由器,对网络设备进行配置. Python和网络设备连 ...

  6. Cisco网络设备命名规则

      1. CISCO 开头的产品都是路由器:2. RSP 开头的都是CISCO7500 系列产品的引擎:3. VIP 开头的产品都是CISCO 7500系列产品的多功能接口处理器模块:4. PA 开头 ...

  7. 配置Cisco网络设备

    了解就行,不用记 电脑管理路由器软件   路由器显示命令: router#show run :显示配置信息 router#show interface :显示接口信息 router#show ip r ...

  8. cisco网络设备IOS升级步骤

    step1:检查和备份================================================================4507R#write4507R#copy run ...

  9. Cisco的互联网络操作系统IOS和安全设备管理器SDM__管理Cisco互联网络

    1.如果不能远程登录到一台设备上,可能是由于远程设备上没有设置口令.也可能是由于访问控制列表过滤了远程登录会话. show users:检查都有哪些设备连接到了此路由器. clear line #:清 ...

随机推荐

  1. Android使用JNI实现Java与C之间传递数据

    介绍Java如何将数据传递给C和C回调Java的方法. java传递数据给C,在C代码中进行处理数据,处理完数据后返回给java.C的回调是Java传递数据给C,C需要用到Java中的某个方法,就需要 ...

  2. 七个帮助你处理Web页面层布局的jQuery插件

    1.UI.Layout  jQuery UI布局插件 官方网站:http://layout.jquery-dev.com/index.cfm 使用大小可折叠的嵌套面板和大量选项创建高级UI布局.布局可 ...

  3. JAVA类(下)

    我看完了Java类,与C++相比,复杂了一点.其中有类的嵌套定义即内部类,枚举类等. 我看这两节花了我很多时间.其中有一些概念还是有点难懂. 下面,我详细总结内部类与枚举类. 内部类 内部类的主要作用 ...

  4. Java访问修饰符(转)

    类.方法.成员变量和局部变量的可用修饰符 修饰符 类 成员方法 构造方法 成员变量 局部变量 abstract(抽象的) √ √ - - - static (静态的) - √ - √ - public ...

  5. Kail Linux渗透测试培训手册3第二章信息采集

    Kail Linux渗透测试培训手册3第二章信息采集 信息收集是网络攻击中最重要的步骤之一.渗透攻击.我们需要收集各种信息目标.该信息收集.攻击成功的概率越大.介绍信息收集的相关工具.本文选自< ...

  6. 【codeforces 791B】Bear and Friendship Condition

    [题目链接]:http://codeforces.com/contest/791/problem/B [题意] 给你m对朋友关系; 如果x-y是朋友,y-z是朋友 要求x-z也是朋友. 问你所给的图是 ...

  7. ERROR sqoop.Sqoop: Got exception running Sqoop: java.lang.RuntimeException: java.lang.RuntimeException: java.sql.SQLException: The connection property 'zeroDateTimeBehavior' acceptable values are: 'CO

    使用sqoop导入数据时报了如题的异常,异常的提示是 The connection property 'zeroDateTimeBehavior' acceptable values are: 'CO ...

  8. NET媒体文件操作组件TagLib

    开源的.NET媒体文件操作组件TagLib#解析   人生得意须尽欢 莫使金樽空对月.写博客都会在吃饭后,每次吃饭都要喝上二两小酒,写博客前都要闲扯,这些都是个人爱好,改不掉了,看不惯的人,还望多多包 ...

  9. WinForm - 无边框窗体自定义移动

    为了界面的好看,有时候需要将窗体FormBorderStyle属性设为None,这样就可以根据自己的喜欢来设计界面.但这样窗体无法进行移动的.而且默认的窗体(FormBorderStyle=Sizab ...

  10. dp_Pku1887

    <span style="color:#000099;">/* A - 单纯dp 示例 Time Limit:1000MS Memory Limit:30000KB 6 ...