This PowerShell module provides some functionality to facilitate automating backup actions of a Cisco device over SSH. This module also provides some basic functionality for troubleshooting Cisco devices.
Here are some similar projects I am working on:
- Posh-FortiGate (PowerShell FortiGate Module)
- Posh-Juniper (PowerShell Juniper Module)
- Posh-Ubnt (PowerShell Ubnt Module)
This module depends on the following PowerShell modules:
PS> Save-Module -Name Posh-Cisco -Path <path>
PS> Install-Module -Name Posh-Cisco
- Backup-CiscoRunningConfig: Gets the running configuration and writes it to a file. (only allowed on privilege level 15)
- Backup-CiscoStartupConfig: Gets the startup configuration and writes it to a file.
- Get-CiscoInterfaces: Gets the interfaces information.
- Get-CiscoInterfacesStatus: Gets the interfaces status.
- Get-CiscoLogging: Gets the logging information.
- Get-CiscoLoggingOnboard: Gets the onboard logging information.
- Get-CiscoMacAddressTable: Gets the MAC address table.
- Get-CiscoRunningConfig: Gets the running configuration. (only allowed on privilege level 15)
- Get-CiscoStartupConfig: Gets the startup configuration.
- Get-CiscoVersion: Gets the version information.
- Get-CiscoVlan: Gets the vlan information.
This PowerShell command gets the running configuration and writes it to a file. (only allowed on privilege level 15)
PS> Backup-CiscoRunningConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential) -FilePath "$([Environment]::GetFolderPath(“MyDocuments”))\running-config.txt"
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key. - Specify the
-Full
flag to retrieve full configuration with default values.
This PowerShell command gets the startup configuration and writes it to a file.
PS> Backup-CiscoStartupConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential) -FilePath "$([Environment]::GetFolderPath(“MyDocuments”))\startup-config.txt"
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the interfaces information.
PS> Get-CiscoInterfaces -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the interfaces status.
PS> Get-CiscoInterfacesStatus -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the logging information.
PS> Get-CiscoLogging -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the MAC address table.
PS> Get-CiscoMacAddressTable -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the onboard logging information.
PS> Get-CiscoLoggingOnboard -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the running configuration. (only allowed on privilege level 15)
PS> Get-CiscoRunningConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key. - Specify the
-Full
flag to retrieve full configuration with default values.
This PowerShell command gets the startup configuration.
PS> Get-CiscoStartupConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the version information.
PS> Get-CiscoVersion -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
This PowerShell command gets the VLAN information.
PS> Get-CiscoVlan -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)
Advanced Options:
- Specify the
-AcceptKey
flag to automatically accept SSH key.
Before you create scripts that use this module, you should create a readonly user with the necessary rights to be used for the PSCredentials.
configure terminal
user readonly privilege 3 password 0 enterastrongpasswordhere
privilege exec level 3 show startup-config
privilege exec level 3 show logging onboard
Remark: A readonly user will not be able to read the running-config, this requires privilege level 15.
These PowerShell functions were tested on the following Cisco devices:
- WS-C2960X-24TS-L (SW version: 15.2(3)E)
- WS-C2960X-24TS-L (SW version: 15.2(5)E)
- WS-C2960X-48TS-L (SW version: 15.2(3)E)
- WS-C2960X-48TS-L (SW version: 15.2(5)E)
- WS-C3850-12S (SW version: 03.06.05E)
- WS-C3850-24S (SW version: 03.06.05E)
- Added -Full switch to Backup-CiscoRunningConfig to backup full running config with default values
- Added -Full switch to Get-CiscoRunningConfig to get full running config with default values
- Added support to get interfaces information (Get-CiscoInterfaces)
- Added support to get MAC address table (Get-CiscoMacAddressTable)
- Fixed issue with backup file being UTF-16 instead of ASCII
- Added -AcceptKey switch to all functions to automatically accept SSH Key
- Added documentation
- Added support to get logging information (Get-CiscoLogging)
- Added support to get onboard logging information (Get-CiscoLoggingOnboard)
- Added support to get vlan information (Get-CiscoVlan)
- Fixed bug in Get-CiscoRunningConfig (first character was missing)
- Fixed bug in Get-CiscoStartupConfig (first character was missing)
- Added support to backup running-config to a file (Backup-CiscoRunningConfig)
- Added support to backup startup-config to a file (Backup-CiscoStartupConfig)
- Added support to get running-config (Get-CiscoRunningConfig)
- Added support to get startup-config (Get-CiscoStartupConfig)
- Added support to get interfaces status (Get-CiscoInterfacesStatus)
- Added support to get version information (Get-CiscoVersion)
- Test on more devices
- Backup vlan.dat
- ...