Configuring switches is a tedious and repetitive task. Using script configuration can greatly reduce the workload of network administrators. Of course, the ability to write scripts is a must.
When writing scripts, you can have many choices, especially python is the most popular at present, so you can give priority to it.
However, I have written a VBScript that can run in SecureCRT before, which is not bad. The only regret is that SecureCRT's support for python is still relatively weak.
Here, I use VBScript as an example to create a script to configure the switch.
First define some constants
#$language = "VBScript"
#$interface = "1.0"
'设备名称
sysname = "DT01"
'设备IP地址
admin_ip="192.168.99.123"
admin_user="zmrbak"
admin_pass="MyPassword@123"
snmp_read_pass="MyPassword@124"
Next define some functions
Sub Set_Host
'设置设备名称
crt.Screen.Send "sysname "&sysname & chr(13)
crt.Screen.WaitForString sysname
'设置VlanIP
crt.Screen.Send "interface Vlanif1" & chr(13)
crt.Screen.WaitForString sysname&"-Vlanif1"
crt.Screen.Send "ip address "&admin_ip &" 255.0.0.0" & chr(13)
crt.Screen.WaitForString sysname&"-Vlanif1"
crt.Screen.Send "q"& chr(13)
'设置Telnet
crt.Screen.Send "telnet server enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "stelnet server enable" & chr(13)
crt.Screen.WaitForString sysname
End Sub
Sub Set_Web
'设置Web
'crt.Screen.Send "undo http server enable" & chr(13)
'crt.Screen.WaitForString sysname
'crt.Screen.Send "http server load s2300-52p-ei-v100r006c05.web.zip" & chr(13)
'crt.Screen.WaitForString sysname
'启动Https Web
'crt.Screen.Send "http secure-server enable" & chr(13)
'crt.Screen.WaitForString sysname
End Sub
Sub Set_User
'设置登录用户
crt.Screen.Send "aaa" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" password cipher "&admin_pass & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" privilege level 15" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" ftp-directory flash://" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" service-type telnet terminal ftp http ssh" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
'设置admin密码
crt.Screen.Send "local-user admin password cipher "&admin_pass & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
'登陆信息
crt.Screen.Send "user-interface con 0" & chr(13)
crt.Screen.WaitForString sysname&"-ui-console0"
crt.Screen.Send "authentication-mode aaa" & chr(13)
crt.Screen.WaitForString sysname&"-ui-console0"
crt.Screen.Send "user privilege level 15" & chr(13)
crt.Screen.WaitForString sysname&"-ui-console0"
crt.Screen.Send "user-interface vty 0 4" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "authentication-mode aaa" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "user privilege level 15" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "protocol inbound all" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "q"& chr(13)
End Sub
Sub Set_DHCP_SNOOPing
'启动DHCP SNOOPing
crt.Screen.Send "dhcp enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "dhcp snooping enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "dhcp snooping alarm threshold 120" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "dhcp server detect" & chr(13)
crt.Screen.WaitForString sysname
End Sub
Sub Clear_Ethernet(start_port,end_port)
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface Ethernet0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "port link-type access" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "port default vlan 1" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "loopback-detect recovery-time 30" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "loopback-detect enable" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "loopback-detect action shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "undo shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Clear_GigabitEthernet(start_port,end_port)
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface GigabitEthernet0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "port link-type access" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "port default vlan 1" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "loopback-detect recovery-time 30" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "loopback-detect enable" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "loopback-detect action shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "undo shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Set_Vlan(nettype,vlan_id,start_port,end_port)
crt.Screen.Send "vlan batch "&vlan_id & chr(13)
crt.Screen.WaitForString sysname
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface "&nettype&"0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port link-type access" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port default vlan "&vlan_id & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "loopback-detect recovery-time 30" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "loopback-detect enable" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "loopback-detect action shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Set_Trunk(nettype,start_port,end_port)
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface "&nettype&"0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port link-type trunk" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port trunk allow-pass vlan all"& chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "dhcp snooping enable" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "dhcp snooping trusted" & chr(13)
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Set_SNMP
'SNMP配置
crt.Screen.Send "snmp-agent" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent community read cipher "&snmp_read_pass & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent sys-info contact DengJian" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent sys-info location "&sysname & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent sys-info version v2c v3" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent trap enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "y" & chr(13)
crt.Screen.WaitForString sysname
End Sub
Sub Set_Save
'退出,保存
crt.Screen.Send "return" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "save" & chr(13)
crt.Screen.WaitForString "continue"
crt.Screen.Send "y" & chr(13)
crt.Screen.WaitForString sysname
End Sub
Finally, define a Main function to call these functions to configure the switch
Sub Main
'Call Set_Host
'Call Set_User
'Call Set_SNMP
'Call Set_DHCP_SNOOPing
'Call Clear_Ethernet(1, 20)
'Call Set_Vlan("Ethernet",531,1,20)
'Call Clear_Ethernet(40, 48)
'Call Set_Trunk("Ethernet",40,48)
'Call Clear_GigabitEthernet(1,4)
'Call Set_Trunk("GigabitEthernet",1,4)
Call Set_Save
End Sub
In this way, every time you configure the switch, you only need to modify some parameters, and then run it in SecureCRT.