This PowerShell module provides some functionality to facilitate automating backup actions of a Cisco device over SSH. This module also provides some basic functionality for troubleshooting Cisco devices.
Here are some similar projects I am working on:
- Posh-FortiGate (PowerShell FortiGate Module)
- Posh-Juniper (PowerShell Juniper Module)
- Posh-Ubnt (PowerShell Ubnt Module)
This module depends on the following PowerShell modules:
PS> Save-Module -Name Posh-Cisco -Path <path>PS> Install-Module -Name Posh-Cisco- Backup-CiscoRunningConfig: Gets the running configuration and writes it to a file. (only allowed on privilege level 15)
- Backup-CiscoStartupConfig: Gets the startup configuration and writes it to a file.
- Get-CiscoInterfaces: Gets the interfaces information.
- Get-CiscoInterfacesStatus: Gets the interfaces status.
- Get-CiscoLogging: Gets the logging information.
- Get-CiscoLoggingOnboard: Gets the onboard logging information.
- Get-CiscoMacAddressTable: Gets the MAC address table.
- Get-CiscoRunningConfig: Gets the running configuration. (only allowed on privilege level 15)
- Get-CiscoStartupConfig: Gets the startup configuration.
- Get-CiscoVersion: Gets the version information.
- Get-CiscoVlan: Gets the vlan information.
- Get-CiscoBridgeDomain: Gets the Bridge-Domain information.
- Get-CiscoArp: Gets the ARP table.
- Get-CiscoIpArp: Gets the IP ARP table.
This PowerShell command gets the running configuration and writes it to a file. (only allowed on privilege level 15)
PS> Backup-CiscoRunningConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential) -FilePath "$([Environment]::GetFolderPath(“MyDocuments”))\running-config.txt"Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key. - Specify the
-Fullflag to retrieve full configuration with default values.
This PowerShell command gets the startup configuration and writes it to a file.
PS> Backup-CiscoStartupConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential) -FilePath "$([Environment]::GetFolderPath(“MyDocuments”))\startup-config.txt"Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the interfaces information.
PS> Get-CiscoInterfaces -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the interfaces status.
PS> Get-CiscoInterfacesStatus -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the logging information.
PS> Get-CiscoLogging -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the MAC address table.
PS> Get-CiscoMacAddressTable -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the onboard logging information.
PS> Get-CiscoLoggingOnboard -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the running configuration. (only allowed on privilege level 15)
PS> Get-CiscoRunningConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key. - Specify the
-Fullflag to retrieve full configuration with default values.
This PowerShell command gets the startup configuration.
PS> Get-CiscoStartupConfig -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential) Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the version information.
PS> Get-CiscoVersion -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the VLAN information.
PS> Get-CiscoVlan -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key.
This PowerShell command gets the Bridge-Domain information.
PS> Get-CiscoBridgeDomain -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key. - Specify the
-BridgeDomain <ID>parameter to return information about the bridge domain with the specified bridge domain id. - Specify the
-BridgeDomainName <Name>parameter to return information about the bridge domain with the specified bridge domain name.
This PowerShell command gets the ARP table.
PS> Get-CiscoArp -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key. - Specify the
-VRF <VRF-name>parameter to return the ARP table for the VRF with the specified VRF-name.
This PowerShell command gets the IP ARP table.
PS> Get-CiscoIpArp -HostAddress "192.168.1.1" -HostPort 22 -Credential (Get-Credential)Advanced Options:
- Specify the
-AcceptKeyflag to automatically accept SSH key. - Specify the
-VRF <VRF name>parameter to return the IP ARP table for the VRF with the specified VRF name.
Before you create scripts that use this module, you should create a readonly user with the necessary rights to be used for the PSCredentials.
configure terminal
user readonly privilege 3 password 0 enterastrongpasswordhere
privilege exec level 3 show startup-config
privilege exec level 3 show logging onboard
Remark: A readonly user will not be able to read the running-config, this requires privilege level 15.
These PowerShell functions were tested on the following Cisco devices:
- WS-C2960X-24TS-L (SW version: 15.2(3)E)
- WS-C2960X-24TS-L (SW version: 15.2(5)E)
- WS-C2960X-48TS-L (SW version: 15.2(3)E)
- WS-C2960X-48TS-L (SW version: 15.2(5)E)
- WS-C3850-12S (SW version: 03.06.05E)
- WS-C3850-24S (SW version: 03.06.05E)
- Added support to get bridge domain information (Get-CiscoBridgeDomain)
- Added support to get ARP table. (Get-CiscoArp)
- Added support to get IP ARP table. (Get-CiscoIpArp)
- Fixed issue with memory leak with lots of sessions
- Added -Full switch to Backup-CiscoRunningConfig to backup full running config with default values
- Added -Full switch to Get-CiscoRunningConfig to get full running config with default values
- Added support to get interfaces information (Get-CiscoInterfaces)
- Added support to get MAC address table (Get-CiscoMacAddressTable)
- Fixed issue with backup file being UTF-16 instead of ASCII
- Added -AcceptKey switch to all functions to automatically accept SSH Key
- Added documentation
- Added support to get logging information (Get-CiscoLogging)
- Added support to get onboard logging information (Get-CiscoLoggingOnboard)
- Added support to get vlan information (Get-CiscoVlan)
- Fixed bug in Get-CiscoRunningConfig (first character was missing)
- Fixed bug in Get-CiscoStartupConfig (first character was missing)
- Added support to backup running-config to a file (Backup-CiscoRunningConfig)
- Added support to backup startup-config to a file (Backup-CiscoStartupConfig)
- Added support to get running-config (Get-CiscoRunningConfig)
- Added support to get startup-config (Get-CiscoStartupConfig)
- Added support to get interfaces status (Get-CiscoInterfacesStatus)
- Added support to get version information (Get-CiscoVersion)
- Test on more devices
- Backup vlan.dat
- ...