Quick Start Guide Cisco Craft Works Interface Quick Start Guide Cisco IOS XR Software Release 3.
1 Introduction This document introduces the Craft Works Interface (CWI) that supports Cisco IOS XR Software Release 3.2.
CWI provides the following features: • A user-friendly context-sensitive interface that is used for fault, configuration, inventory, and security management of a router. • A combination of both graphical and text-based interfaces that allow the user to select the best interface for the task at hand. • A powerful CWI feature set used to simplify managing the router scale and complexity. • Access to the powerful manageability features of the router.
Secure Socket Layer Encryption Configuration The secure configuration uses Secure Socket Layer (SSL) encryption. If you use the SSL protocol on your network, use the SSL configuration. See the “Setting Up the Required Management Services with a Secure Connection” section on page 8 for procedures. IP Security IP security (IPSec) does not require any special configuration for CWI on the router or client.
Dual-Homed Device Configuration S E C O N D A R Y P R I M A R Y Client PC Router Dual-homed device 111615 Figure 1 When setting the minimum router configuration you must use the dual-homed device router-side (secondary) IP address and DNS name when configuring the IP hostname for the CWI client. This mapping is required for the client to view the notifications from the router received by the dual-home instance of CWI. See the “Router Prerequisites” section on page 7.
Table 2 Windows-Based PC Minimum System Requirements (continued) Requirement Type Minimum Requirements Available drive space CWI=5MB, JRE=48MB. Additional software One of these browsers: • Microsoft Internet Explorer 5.0 or higher. • Netscape Navigator 7.0 or higher. Java Runtime environment (JRE) version 1.4.2. Monitor display settings Table 3 Minimum recommended screen resolution=1024 by 768 pixels.
Table 5 Macintosh Minimum System Requirements (continued) Requirement Type Minimum Requirements Additional software Safari version 1.2.3. JRE version 1.4.2. Monitor display settings Minimum recommended screen resolution=1024 by 768 pixels. Router Prerequisites The router prerequisites ensure that the router is correctly set up.
Setting Up the Required Management Services Without a Secure Connection This section provides the procedures required to set up the required Management Services without SSL. Note The Telnet server must be enabled before you can manage a router using certain CWI features. These features include the Telnet application, setting character displays in the Rack View application, and viewing committed configuration changes using the Configuration Change dialog box.
Note The SSH server must be enabled before you can manage a router using certain CWI features. These features include the SSH application, setting character displays in the Rack View application, and viewing committed configuration changes using the Configuration Change dialog box. See the Cisco IOS XR System Security Configuration Guide for information on enabling the SSH server.
Step 5 Exit configuration mode. RP/0/RP0/CPU0:router(config)# commit Step 6 Authenticate the CA by getting the certificate for the CA. RP/0/RP0/CPU0:router# crypto ca authenticate ca-name Step 7 Obtain a router certificate from the CA. RP/0/RP0/CPU0:router# crypto ca enroll ca-name Step 8 Verify that the router was granted a certificate. This command displays information about the router certificate and the CA certificate.
Troubleshooting Basic IP Connectivity This section provides information on troubleshooting basic IP connectivity problems when attempting to log in to a router using the CWI. If you are unable to connect to the router HTTP server using the browser, follow these steps in sequence, exiting the test steps when a failure is encountered. Step 1 Ping the IP address of the router management Ethernet interface from the client PC/workstation.
Note The Telnet/SSH server must be enabled before you can manage a router using certain CWI features. These features include the Telnet/SSH application, the Troubleshooter application, setting character displays in the Rack View application, and viewing committed configuration changes using the Configuration Change dialog box. See the Cisco IOS XR System Security Configuration Guide for information on enabling the Telnet/SSH server.
b. The security certificate must be accepted to run CWI. You have the following options: – Click Yes to trust and accept the security certificate for this router session only. If this option is chosen, the certificate is accepted and the login process continues. Proceed to Step 9. – Click No to deny the security certificate. If this option is chosen, the login process is canceled. – Click Always to automatically trust and accept the security certificate in this section and all subsequent CWI sessions.
After the CWI initialization is complete, the CWI Desktop window appears. See the “CWI Desktop Window” section on page 21 for information on the CWI Desktop window. Note The CWI is automatically locked when there is no activity in the CWI session for 15 minutes. To unlock the CWI, you must provide the username and password used when logging in to the router. See the Cisco Craft Works Interface User Interface Guide for CWI unlocking procedures.
• Click More Details to view the SSL certificate. A dialog box appears with detailed certificate information. The certificate information includes the version, serial number, insurer, and start and end date validity of the certificate. Step 5 A router HTTP authentication dialog box appears. You require your AAA username and password. See the Cisco IOS XR Getting Started Guide for information on the AAA username and password. a. Enter your AAA username and password in the User Name and Password fields. b.
You have the following options: • Click Yes to trust and accept the SSL certificate for this router session only. If this option is chosen, the certificate is accepted and the login process continues. Proceed to Step 10. • Click Always to automatically trust and accept the SSL certificate in this session and all subsequent CWI sessions. If this option is chosen, the certificate is accepted and the login process continues. Proceed to Step 10. • Click More Details to view the SSL certificate.
Note The CWI is automatically locked when there is no activity in the CWI session for 15 minutes. To unlock the CWI you must provide the username and password used when logging in to the router. See the Cisco Craft Works Interface User Interface Guide for CWI unlocking procedures. If any of the minimum requirements of the initialization steps fail, a CWI dialog box appears allowing you to Abort, Troubleshoot, or Continue the initialization process. Proceed to Step 14.
If you choose either the Yes or Always options, the Initializing CWI dialog box appears. After the router initialization is successfully completed, a new router appears in the Inventory Tree in the CWI Desktop. See the CWI Desktop Window, page 21 for information on the Inventory Tree. Logging Out of a Logical Router You can log out of a router when there is more than one router open in the CWI Desktop. Note You must commit any uncommitted changes that you want to keep.
6 Locking and Unlocking the CWI The CWI can be manually locked; otherwise, it is automatically locked when there is no activity in the CWI for 15 minutes. Locking the CWI prevents unauthorized users from accessing the CWI. A valid user password is required to unlock the CWI. The following procedures to lock and unlock a CWI session are provided: • Manually Locking the CWI, page 19 • Unlocking the CWI, page 19 Manually Locking the CWI From the CWI Desktop, choose File > Lock to manually lock the CWI.
To install the CWI Online Help, perform the following steps: Step 1 In the CWI Desktop, choose Help > Help Desktop. A Help dialog box appears. Step 2 Click Yes to install Help. An Online Help Installer dialog box appears and downloads the help files. When the download is complete, a CWI Help installation complete message appears in the dialog box. Step 3 Click Close. The Online Help Installer dialog box closes. Step 4 To access the online help, choose Help > Help Desktop to open the online help.
Table 6 Connection Methods and Applications (continued) CWI Application Console Port (serial cable or through a terminal server) Telnet (no XML) Telnet, or CORBA connection (XML) Interface Viewer Yes Yes Yes Rack View Yes, but no notifications and associated alarms are displayed. Yes, but no notifications and associated alarms are displayed. Yes Telnet Plus/SSH Plus — Yes Yes Terminal Plus Yes, but mutually exclusive to other applications.
Figure 6 CWI Desktop 1 Inventory Tree 4 CWI Application Pane 2 CWI Desktop Menu Bar 5 CWI Desktop Status Bar 3 CWI Desktop Toolbar — — The CWI Desktop allows you to communicate with the router using the applications that are described in Table 8.
Table 8 List of Applications for the CWI Desktop (continued) Name of Application Description Configuration Desktop Provides an interface tailored to managing configuration applications. See “Configuration Desktop Window” section on page 23 for more information about the Configuration Desktop window. Telnet/SSH/Terminal Plus Provides the capability to issue CLI commands and view session information within the CWI.
Figure 7 Configuration Desktop 1 Configuration Applications Tree 5 Configuration Desktop status bar 2 Configuration Desktop menu bar 6 Configuration Applications pane 3 Configuration Desktop toolbar (Standard toolbar icons) 7 Launch Context pane 4 Configuration Desktop toolbar (Configuration Controls toolbar icons) — — There are four ways to configure a router using the CWI: • Telnet/SSH/Terminal Plus application from the CWI Desktop. • Configuration Editor from the CWI Desktop.
Common Elements in the Configuration Desktop The graphical configuration applications launched from the Configuration Desktop include a common feature set. These features include bulk configuration and validation. The bulk configuration features provide “templating without templates.” These features include the capability to take an existing configured object and utilize user selected attributes as a template for configuring one or more additional objects.
12 Obtaining Documentation Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several ways to obtain technical assistance and other technical resources. These sections explain how to obtain technical information from Cisco Systems. Cisco.com You can access the most current Cisco documentation at this URL: http://www.cisco.com/techsupport You can access the Cisco website at this URL: http://www.cisco.
You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address: Cisco Systems Attn: Customer Document Ordering 170 West Tasman Drive San Jose, CA 95134-9883 We appreciate your comments. 14 Cisco Product Security Overview Cisco provides a free online Security Vulnerability Policy portal at this URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.
15 Obtaining Technical Assistance Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco Technical Support & Documentation website on Cisco.com features extensive online support resources. In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC) engineers provide telephone support. If you do not have a valid Cisco service contract, contact your reseller.
Severity 3 (S3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels. Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.
