Friday, May 1, 2020

Configuring Splunk Enterprise for Cisco Networks Add-on (Syslog)

There are free online courses in Splunk website and I took the Free Splunk Fundamentals course.


You can download and install a free Splunk Enterprise in order to perform the lab exercises. Go to splunk.com > click Free Splunk.


Login or create a free Splunk account.


Select Splunk Enterprise > click Download Free 60-Day Trial.


Under Windows tab > select 64-bit Windows 10 > click Download Now.


Select the check boxes for the End User License Agreement (EULA) > click Start Your Download Now.


Click Save File.


Select Check this box to accept the License Agreement > click Next.


Create an administrator account.


You can optionally create a Desktop shortcut > click Install.


Click Yes to continue (run as admin).


Click Finish.


Splunk will be launched in a web browser. Login using the account created earlier.


A pop up message will appear > click Got it to continue.


Another pop up message will appear > click Don't show me this again to continue.


This is the Splunk Enterprise home page or whenever you clicked splunk>enterprise on upper left.


Create a new user with power role under Settings > USERS AND AUTHENTICATION > Users.


Click New User.


Type the Name (username) > optional Full Name > optional Email address > Set password (type twice to Confirm password) > select Time Zone: GMT+8:00.


Click on user (on Selected item column) to remove it and then click power to move it under Selected item(s) column > uncheck Require password change on first login > click Save.



To configure Splunk Enterprise as a Syslog server and listen to UDP port 514, click Find More Apps.


Type/search: cisco


Look for Cisco Networks Add-on for Splunk Enterprise > click Install.


Login to your account > click to accept the license agreement > click Login and Install.


A restart is required > click Restart Now.


The restart process take a few minutes.


Click OK and re-login to Splunk Enterprise


Go to Settings > Data > Data inputs.


Under UDP > click Add new.



Leave UDP selected > type Port: 514 > leave the other fields blank > click Next.


Under Select Source Type > type/search: cisco> select cisco:ios > leave the other settings in default > click Review.



Review the summary settings > click Submit.


Click Start Searching.


I configured the Cisco devices in my lab to send Syslogs to Splunk Enterprise running on my Windows 10 machine (192.168.1.100).


CSRv#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
CSRv(config)#logging trap informational
CSRv(config)#logging origin-id hostname
CSRv(config)#logging host 192.168.1.100
CSRv(config)#end

CSRv#ping 192.168.1.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

CSRv#show logging
Syslog logging: enabled (0 messages dropped, 2 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

    Console logging: level debugging, 132 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging:  level debugging, 146 messages logged, xml disabled,
                    filtering disabled
    Exception Logging: size (4096 bytes)
    Count and timestamp logging messages: disabled
    Persistent logging: disabled

No active filter modules.

    Trap logging: level informational, 141 message lines logged
        Logging to 192.168.1.100  (udp port 514, audit disabled,
              link up),
              2 message lines logged,
              0 message lines rate-limited,
              0 message lines dropped-by-MD,
              xml disabled, sequence number disabled
              filtering disabled
        Logging Source-Interface:       VRF Name:

Log Buffer (4096 bytes):

Apr 26 03:16:08.106: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.1.100 port 0 CLI Request Triggered
Apr 26 03:16:09.106: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.1.100 port 514 started - CLI initiated
Apr 26 03:16:09.486: %SYS-5-CONFIG_I: Configured from console by admin on vty1 (192.168.1.100)


SW1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
SW1(config)#logging trap informational
SW1(config)#logging host 192.168.1.100
SW1(config)#end

SW1#ping 192.168.1.100

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms

SW1#show logging
Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
    Console logging: level debugging, 35 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging: level debugging, 35 messages logged, xml disabled,
                    filtering disabled
    Exception Logging: size (4096 bytes)
    Count and timestamp logging messages: disabled
    File logging: disabled
    Trap logging: level informational, 38 message lines logged
        Logging to 192.168.1.100, 1 message lines logged, xml disabled,
               filtering disabled
         
Log Buffer (4096 bytes):

Apr 26 03:17:29.553: %SYS-5-CONFIG_I: Configured from console by vty0 (192.168.1.100)


LAB-ASA5515x# configure terminal
LAB-ASA5515x(config)# logging enable
LAB-ASA5515x(config)# logging trap informational
LAB-ASA5515x(config)# logging device-id hostname
LAB-ASA5515x(config)# logging host inside 192.168.1.100
LAB-ASA5515x(config)# end

LAB-ASA5515x# ping 192.168.1.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.100, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms

LAB-ASA5515x# show logging
Syslog logging: enabled
    Facility: 20
    Timestamp logging: disabled
    Hide Username logging: enabled
    Standby logging: disabled
    Debug-trace logging: disabled
    Console logging: disabled
    Monitor logging: disabled
    Buffer logging: disabled
    Trap logging: level informational, facility 20, 35180 messages logged
        Logging to inside 192.168.1.100, UDP TX:5
    Global TCP syslog stats::
        NOT_PUTABLE: 0, ALL_CHANNEL_DOWN: 0
        CHANNEL_FLAP_CNT: 0, SYSLOG_PKT_LOSS: 0
        PARTIAL_REWRITE_CNT: 0
    Permit-hostdown logging: disabled
    History logging: disabled
    Device ID: hostname "LAB-ASA5515x"
    Mail logging: disabled
    ASDM logging: disabled


Click Time Range: Last 15 minutes > click search (magnifying glass icon).


I initially didn't get any Syslog message, so I had permit the port/application in my personal firewall.


Click List drop-down option > select Raw.


Notice the hostnames: CSRv (192.168.1.140) and LAB-ASA5515-X (192.168.1.1) were displayed since it's explicitly configured.



Friday, April 3, 2020

Installing Cisco ASR 9000 IOS-XRv in VMware Workstation

I had a POC for a Cisco ASR9K so I deployed an IOS-XRv virtual machine in my lab to play around with it.

I downloaded an IOS-XRv demo OVA file and import in VMware Workstation. To import, go to File > Open > rename the virtual machine > Import.



Edit the virtual machine settings. I gave the VM a 3 GB memory.
 

The OVA demo file had two Network Adapters, so I set the first Network Adapter as Custom: VMnet0 (192.168.1.0/24 subnet in my lab) > removed the second Network Adapter > click OK > Power on this virtual machine.
 

Just click Yes to continue.


You'll see a Booting 'IOS XRv' output during initial bootup. You'll need to increase the memory (RAM) and Hard Disk space on the VM in order to properly bootup.


I increased the Hard Disk to 80 GB and added a Serial Port in order to monitor the bootup process via the console.


You'll see a blank prompt which indicated the VM has completed its bootup.


You'll need to install Named Pipe TCP Proxy to view the console output.


Click the connector icon > type the Pipe name: \\.\pipe\xr1 > type a Port number (you can use any abritrary number) > click Add.



Open a terminal emulator (I used SecureCRT in this case) > choose Telnet > type the IP address: 127.0.0.1 (loopback IP). You'll be initially asked to create a root-system username (aside from the system default: cisco/cisco).


 Notice the Named Pipe TCP Proxy Status is now Connected.


Below are some basic configuration in order to remotely access the IOS-XRv and eventually eliminate the use of Named Pipe Proxy.


ios con0/0/CPU0 is now available

Press RETURN to get started.

IMPORTANT:  READ CAREFULLY
Welcome to the Demo Version of Cisco IOS XRv (the "Software").
The Software is subject to and governed by the terms and conditions
of the End User License Agreement and the Supplemental End User
License Agreement accompanying the product, made available at the
time of your order, or posted on the Cisco website at
www.cisco.com/go/terms (collectively, the "Agreement").
As set forth more fully in the Agreement, use of the Software is
strictly limited to internal use in a non-production environment
solely for demonstration and evaluation purposes.  Downloading,
installing, or using the Software constitutes acceptance of the
Agreement, and you are binding yourself and the business entity
that you represent to the Agreement.  If you do not agree to all
of the terms of the Agreement, then Cisco is unwilling to license
the Software to you and (a) you may not download, install or use the
Software, and (b) you may return the Software as more fully set forth
in the Agreement.

Please login with any configured user/password, or cisco/cisco

User Access Verification

Username: cisco
Password:<cisco>

RP/0/0/CPU0:ios#configure terminal
Thu Mar  5 10:36:57.885 UTC
RP/0/0/CPU0:ios(config)#hostname XRv-LAB    // DEFAULT HOSTNAME IS 'ios'
RP/0/0/CPU0:ios(config)#
RP/0/0/CPU0:ios(config)#show config    // VIEW TARGET CONFIG
Thu Mar  5 10:37:21.293 UTC
Building configuration...
!! IOS XR Configuration 5.1.2
hostname XRv-LAB
end

RP/0/0/CPU0:ios(config)#
RP/0/0/CPU0:ios(config)#commit   // APPLY CHANGE IN RUNNING CONFIG; THERE'S NO write memory IN IOS-XR
Thu Mar  5 10:37:26.873 UTC
RP/0/0/CPU0:Mar  5 10:37:26.913 : ike[228]: %SECURITY-IKE-4-WARNING : You may want to configure a domain-name

RP/0/0/CPU0:XRv-LAB(config)#load ?
  WORD           Load from file
  bootflash:     Load from bootflash: file system
  commit         Load commit changes
  configuration  Contents of configuration
  diff           Load from diff file
  disk0:         Load from disk0: file system
  disk0a:        Load from disk0a: file system
  disk1:         Load from disk1: file system
  disk1a:        Load from disk1a: file system
  ftp:           Load from ftp: file system
  nvram:         Load from nvram: file system
  rcp:           Load from rcp: file system
  rollback       Load rollback changes
  tftp:          Load from tftp: file system
RP/0/0/CPU0:XRv-LAB(config)#load rollback ?
  changes  Load configuration changes to be made during a rollback operation
RP/0/0/CPU0:XRv-LAB(config)#load rollback changes ?
  last        Changes for rolling back last <n> commits
  to          Changes up to (and including) a specific commit
  1000000039  Commit ID
  1000000038  Commit ID
  1000000037  Commit ID
  1000000036  Commit ID
  1000000035  Commit ID
  1000000034  Commit ID
  1000000033  Commit ID
  1000000032  Commit ID
  1000000031  Commit ID
  1000000030  Commit ID
  1000000029  Commit ID
  1000000028  Commit ID
  1000000027  Commit ID
  1000000026  Commit ID
  1000000025  Commit ID
  1000000024  Commit ID
  1000000023  Commit ID
  1000000022  Commit ID
  1000000021  Commit ID
  1000000020  Commit ID
  1000000019  Commit ID
  1000000018  Commit ID
  1000000017  Commit ID
  1000000016  Commit ID
  1000000015  Commit ID
  1000000014  Commit ID
  1000000013  Commit ID
  1000000012  Commit ID
  1000000011  Commit ID
  1000000010  Commit ID
  1000000009  Commit ID
  1000000008  Commit ID
  1000000007  Commit ID
  1000000006  Commit ID
  1000000005  Commit ID
  1000000004  Commit ID
  1000000003  Commit ID
  1000000002  Commit ID
  1000000001  Commit ID
RP/0/0/CPU0:XRv-LAB(config)#load rollback changes last ?
  <1-39>  Number of commits
RP/0/0/CPU0:XRv-LAB(config)#load rollback changes last 1   // ROLLBACK TO PREVIOUS RUNNING CONFIG
Building configuration...
Loading.
48 bytes parsed in 1 sec (47)bytes/sec
RP/0/0/CPU0:ios(config)#      // HOSTNAME ROLLBACK TO ios

RP/0/0/CPU0:ios(config)#hostname XRv-LAB
RP/0/0/CPU0:ios(config)#commit
Thu Mar  5 10:38:10.427 UTC

RP/0/0/CPU0:XRv-LAB(config)#
RP/0/0/CPU0:XRv-LAB(config)#interface loopback0
RP/0/0/CPU0:XRv-LAB(config-if)#ip address 1.1.1.1 255.255.255.255
RP/0/0/CPU0:XRv-LAB(config-if)#
RP/0/0/CPU0:XRv-LAB(config-if)#show config
Thu Mar  5 10:39:16.466 UTC
Building configuration...
!! IOS XR Configuration 5.1.2
interface Loopback0
 ipv4 address 1.1.1.1 255.255.255.255
!
end

RP/0/0/CPU0:XRv-LAB(config-if)#
RP/0/0/CPU0:XRv-LAB(config-if)#clear    // REMOVE TARGET CONFIG; OR JUST SIMPLY TYPE THE abort COMMAND
RP/0/0/CPU0:XRv-LAB(config)#
RP/0/0/CPU0:XRv-LAB(config)#show config
Thu Mar  5 10:39:30.625 UTC
Building configuration...
!! IOS XR Configuration 5.1.2
end

RP/0/0/CPU0:XRv-LAB(config)#interface loopback0
RP/0/0/CPU0:XRv-LAB(config-if)#ip address 1.1.1.1 255.255.255.255
RP/0/0/CPU0:XRv-LAB(config-if)#
RP/0/0/CPU0:XRv-LAB(config-if)#commit ?
  best-effort   Commit the configuration changes via best-effort operation
  comment       Assign a comment to this commit
  confirmed     Rollback this commit unless there is a confirming commit
  force         Override the memory checks
  label         Assign a label to this commit
  replace       Replace the contents of running configuration
  save-running  Save running configuration to a file
  <cr>          Commit the configuration changes to running
RP/0/0/CPU0:XRv-LAB(config-if)#commit confirmed ?
  <30-65535>  Seconds until rollback unless there is a confirming commit
  minutes     Specify the rollback timer in the minutes
  <cr>        Commit the configuration changes to running
RP/0/0/CPU0:XRv-LAB(config-if)#commit confirmed 30   // ROLLBACK CONFIG AFTER 30 SECONDS
Thu Mar  5 10:41:34.646 UTC
RP/0/0/CPU0:XRv-LAB(config-if)#do show interface loopback0
Thu Mar  5 10:41:56.645 UTC
Loopback0 is up, line protocol is up
  Interface state transitions: 1
  Hardware is Loopback interface(s)
  Internet address is 1.1.1.1/32
  MTU 1500 bytes, BW 0 Kbit
     reliability Unknown, txload Unknown, rxload Unknown
  Encapsulation Loopback,  loopback not set,
  Last input Unknown, output Unknown
  Last clearing of "show interface" counters Unknown
  Input/output data rate is disabled.

<AFTER 30 SECONDS>

RP/0/0/CPU0:XRv-LAB(config-if)#do show interface loopback0
Thu Mar  5 10:42:23.353 UTC
Interface not found (Loopback0)

RP/0/0/CPU0:XRv-LAB(config-if)#interface loopback0
RP/0/0/CPU0:XRv-LAB(config-if)#ip address 1.1.1.1 255.255.255.255
RP/0/0/CPU0:XRv-LAB(config-if)#commit confirmed 30
Thu Mar  5 10:45:24.980 UTC

One or more commits have occurred from other
configuration sessions since this session started
or since the last commit was made from this session.
You can use the 'show configuration commit changes'
command to browse the changes.
Do you wish to proceed with this commit anyway? [no]: yes
RP/0/0/CPU0:XRv-LAB(config-if)#do show interface loopback0
Thu Mar  5 10:45:52.088 UTC
Loopback0 is up, line protocol is up
  Interface state transitions: 1
  Hardware is Loopback interface(s)
  Internet address is 1.1.1.1/32
  MTU 1500 bytes, BW 0 Kbit
     reliability Unknown, txload Unknown, rxload Unknown
  Encapsulation Loopback,  loopback not set,
  Last input Unknown, output Unknown
  Last clearing of "show interface" counters Unknown
  Input/output data rate is disabled.

RP/0/0/CPU0:XRv-LAB(config-if)#
RP/0/0/CPU0:XRv-LAB(config-if)#commit    // APPLY CHANGES IN RUNNING CONFIG
Thu Mar  5 10:45:56.038 UTC

% Confirming commit for trial session.
RP/0/0/CPU0:XRv-LAB(config-if)#end
RP/0/0/CPU0:XRv-LAB#show interface loopback0
Thu Mar  5 10:46:17.087 UTC
Loopback0 is up, line protocol is up
  Interface state transitions: 1
  Hardware is Loopback interface(s)
  Internet address is 1.1.1.1/32
  MTU 1500 bytes, BW 0 Kbit
     reliability Unknown, txload Unknown, rxload Unknown
  Encapsulation Loopback,  loopback not set,
  Last input Unknown, output Unknown
  Last clearing of "show interface" counters Unknown
  Input/output data rate is disabled.

RP/0/0/CPU0:XRv-LAB#show ip interface brief
Thu Mar  5 10:49:37.063 UTC

Interface                      IP-Address      Status                Protocol
Loopback0                      1.1.1.1         Up                    Up      
MgmtEth0/0/CPU0/0              unassigned      Shutdown              Down   
 
RP/0/0/CPU0:XRv-LAB#configure terminal
RP/0/0/CPU0:XRv-LAB(config)#interface loopback0
RP/0/0/CPU0:XRv-LAB(config-if)#description ### TEST ###
RP/0/0/CPU0:XRv-LAB(config-if)#
RP/0/0/CPU0:XRv-LAB(config-if)#show config merge interface loopback0    // DISPLAY MERGED TARGET AND RUNNING CONFIG
Mon Mar 23 09:00:21.784 UTC
interface Loopback0
 description ### TEST ###
 ipv4 address 1.1.1.1 255.255.255.255
!

RP/0/0/CPU0:XRv-LAB#configure terminal
Thu Mar  5 10:50:49.668 UTC
RP/0/0/CPU0:XRv-LAB(config)#interface ?
  BVI              Bridge-Group Virtual Interface
  Bundle-Ether     Aggregated Ethernet interface(s)
  Bundle-POS       Aggregated POS interface(s)
  CEM              Circuit Emulation interface(s)
  GigabitEthernet  GigabitEthernet/IEEE 802.3 interface(s)
  IMA              ATM Network Interface(s)
  InterflexLeft    InterFlex Left interface(s)
  InterflexRight   InterFlex Right interface(s)
  Loopback         Loopback interface(s)
  MgmtEth          Ethernet/IEEE 802.3 interface(s)
  Multilink        Multilink network interface(s)
  Null             Null interface
  POS              Packet over SONET/SDH network interface(s)
  PW-Ether         PWHE Ethernet Interface
  PW-IW            PWHE VC11 IP Interworking Interface
  Serial           Serial network interface(s)
  preconfigure     Specify a preconfig
  tunnel-ip        GRE/IPinIP Tunnel Interface(s)
  tunnel-ipsec     IPSec Tunnel interface(s)
  tunnel-mte       MPLS Traffic Engineering P2MP Tunnel interface(s)
  tunnel-te        MPLS Traffic Engineering Tunnel interface(s)
  tunnel-tp        MPLS Transport Protocol Tunnel interface
RP/0/0/CPU0:XRv-LAB(config)#interface MgmtEth0/0/CPU0/0
RP/0/0/CPU0:XRv-LAB(config-if)#ip address 192.168.1.150 255.255.255.0
RP/0/0/CPU0:XRv-LAB(config-if)#no shutdown
RP/0/0/CPU0:XRv-LAB(config-if)#commit
Thu Mar  5 10:51:59.353 UTC
RP/0/0/CPU0:Mar  5 10:51:59.403 : ifmgr[226]: %PKT_INFRA-LINK-3-UPDOWN : Interface MgmtEth0/0/CPU0/0, changed state to Down
RP/0/0/CPU0:XRv-LAB(config-if)#RP/0/0/CPU0:Mar  5 10:51:59.433 : ifmgr[226]: %PKT_INFRA-LINK-3-UPDOWN : Interface MgmtEth0/0/CPU0/0, changed state to Up

RP/0/0/CPU0:XRv-LAB(config-if)#do ping 192.168.1.1
Thu Mar  5 10:52:08.803 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/14/59 ms


C:\Users\User>ping 192.168.1.150    // PING FROM SOURCE IP 192.168.1.100 (WINDOWS 10)

Pinging 192.168.1.150 with 32 bytes of data:
Reply from 192.168.1.150: bytes=32 time=1ms TTL=255
Reply from 192.168.1.150: bytes=32 time=1ms TTL=255

Ping statistics for 192.168.1.150:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms
Control-C
^C
C:\Users\User>telnet 192.168.1.150
Connecting To 192.168.1.150...Could not open connection to the host, on port 23: Connect failed


You'll need to explicitly configure the remote access (Telnet or SSH) under the control-plane.

RP/0/0/CPU0:XRv-LAB#configure terminal
Thu Mar  5 11:04:45.601 UTC
RP/0/0/CPU0:XRv-LAB(config)#telnet ?
  ipv4  IPv4 configuration
  ipv6  IPv6 configuration
  vrf   VRF name for telnet server
RP/0/0/CPU0:XRv-LAB(config)#telnet ipv4 ?
  client  Telnet client configuration commands
  dscp    dscp
  server  Telnet server configuration commands
RP/0/0/CPU0:XRv-LAB(config)#telnet ipv4 server ?
  max-servers  Set number of allowable telnet sessions
RP/0/0/CPU0:XRv-LAB(config)#telnet ipv4 server max-servers ?
  <1-100>  Set number of allowable telnet sessions
RP/0/0/CPU0:XRv-LAB(config)#telnet ipv4 server max-servers 3
RP/0/0/CPU0:XRv-LAB(config)#domain name ?
  WORD  Default domain name
RP/0/0/CPU0:XRv-LAB(config)#domain name lab.com
RP/0/0/CPU0:XRv-LAB(config)#commit
Thu Mar  5 11:07:00.782 UTC
RP/0/0/CPU0:XRv-LAB(config)#end
RP/0/0/CPU0:XRv-LAB#crypto key generate rsa ?
  WORD          RSA keypair label
  general-keys  Generate a general purpose RSA key pair for signing and encrypti
on
  usage-keys    Generate seperate RSA key pairs for signing and encryption
  <cr>         
RP/0/0/CPU0:XRv-LAB#crypto key generate rsa
Thu Mar  5 11:07:59.308 UTC
The name for the keys will be: the_default
  Choose the size of the key modulus in the range of 512 to 2048 for your General Purpose Keypair. Choosing a key modulus greater than 512 may take a few minutes.

How many bits in the modulus [1024]: 2048
Generating RSA keys ...
Done w/ crypto generate keypair
[OK]

RP/0/0/CPU0:XRv-LAB#configure terminal
Thu Mar  5 11:08:19.166 UTC
RP/0/0/CPU0:XRv-LAB(config)#ssh ?
  client   Provide SSH client service
  server   Provide SSH server service
  timeout  Set timeout value for SSH
RP/0/0/CPU0:XRv-LAB(config)#ssh server ?
  dscp           Cisco ssh server DSCP
  ipv4           IPv4 access list for ssh server
  ipv6           IPv6 access list for ssh server
  logging        Enable ssh server logging
  rate-limit     Cisco sshd rate-limit of service requests
  session-limit  Cisco sshd session-limit of service requests
  v2             Cisco sshd force protocol version 2 only
  vrf            Cisco sshd VRF name
  <cr>          
RP/0/0/CPU0:XRv-LAB(config)#ssh server v2
RP/0/0/CPU0:XRv-LAB(config)#commit
Thu Mar  5 11:08:35.795 UTC

RP/0/0/CPU0:XRv-LAB(config)#control-plane   
RP/0/0/CPU0:XRv-LAB(config-ctrl)#?           
  apply-group         Apply configuration from a group
  apply-group-append  Append apply-group configuration from a group
  apply-group-remove  Remove a group from apply-group configuration
  clear               Clear the uncommitted configuration
  commit              Commit the configuration changes to running
  describe            Describe a command without taking real actions
  do                  Run an exec command
  exclude-group       Exclude apply-group configuration from a group
  exclude-item        Negate a command or set its defaults
  exit                Exit from this submode
  management-plane    Configure management plane protection
  no                  Negate a command or set its defaults
  pwd                 Commands used to reach current submode
  root                Exit to the global configuration mode
  show                Show contents of configuration
RP/0/0/CPU0:XRv-LAB(config-ctrl)#management-plane ?
  inband       Configure an inband interface/protocol
  out-of-band  Configure an out-of-band interface/protocol
  <cr>        
RP/0/0/CPU0:XRv-LAB(config-ctrl)# management-plane out-of-band
RP/0/0/CPU0:XRv-LAB(config-mpp-outband)#?
  apply-group         Apply configuration from a group
  apply-group-append  Append apply-group configuration from a group
  apply-group-remove  Remove a group from apply-group configuration
  clear               Clear the uncommitted configuration
  commit              Commit the configuration changes to running
  describe            Describe a command without taking real actions
  do                  Run an exec command
  exclude-group       Exclude apply-group configuration from a group
  exclude-item        Negate a command or set its defaults
  exit                Exit from this submode
  interface           Configure an outband interface
  no                  Negate a command or set its defaults
  pwd                 Commands used to reach current submode
  root                Exit to the global configuration mode
  show                Show contents of configuration
  vrf                 configure mpp outband vrf
RP/0/0/CPU0:XRv-LAB(config-mpp-outband)#interface MgmtEth0/0/CPU0/0
RP/0/0/CPU0:XRv-LAB(config-mpp-outband-if)#?
  allow               Allow a protocol on this interface
  apply-group         Apply configuration from a group
  apply-group-append  Append apply-group configuration from a group
  apply-group-remove  Remove a group from apply-group configuration
  clear               Clear the uncommitted configuration
  commit              Commit the configuration changes to running
  describe            Describe a command without taking real actions
  do                  Run an exec command
  exclude-group       Exclude apply-group configuration from a group
  exclude-item        Negate a command or set its defaults
  exit                Exit from this submode
  no                  Negate a command or set its defaults
  pwd                 Commands used to reach current submode
  root                Exit to the global configuration mode
  show                Show contents of configuration
RP/0/0/CPU0:XRv-LAB(config-mpp-outband-if)#allow ?
  HTTP    HTTP(S)
  SNMP    SNMP (all versions)
  SSH     Secure Shell (v1 & v2)
  TFTP    TFTP
  Telnet  Telnet
  XML     XML
  all     All Protocols
RP/0/0/CPU0:XRv-LAB(config-mpp-outband-if)#allow telnet ?
  peer  Configure peer address on this interface
  <cr> 
RP/0/0/CPU0:XRv-LAB(config-mpp-outband-if)#allow telnet peer
RP/0/0/CPU0:XRv-LAB(config-telnet-peer)#?
  address             Configure peer address on this interface
  apply-group         Apply configuration from a group
  apply-group-append  Append apply-group configuration from a group
  apply-group-remove  Remove a group from apply-group configuration
  clear               Clear the uncommitted configuration
  commit              Commit the configuration changes to running
  describe            Describe a command without taking real actions
  do                  Run an exec command
  exclude-group       Exclude apply-group configuration from a group
  exclude-item        Negate a command or set its defaults
  exit                Exit from this submode
  no                  Negate a command or set its defaults
  pwd                 Commands used to reach current submode
  root                Exit to the global configuration mode
  show                Show contents of configuration
RP/0/0/CPU0:XRv-LAB(config-telnet-peer)#address ?
  ipv4  Configure peer IPv4 address on this interface
  ipv6  Configure peer IPv6 address on this interface
RP/0/0/CPU0:XRv-LAB(config-telnet-peer)#address ipv4 ?
  A.B.C.D         Enter IPv4 address
  A.B.C.D/length  Enter IPv4 address with prefix
RP/0/0/CPU0:XRv-LAB(config-telnet-peer)#address ipv4 192.168.1.0/24
RP/0/0/CPU0:XRv-LAB(config-telnet-peer)#allow ssh peer
RP/0/0/CPU0:XRv-LAB(config-ssh-peer)#address ipv4 192.168.1.0/24
RP/0/0/CPU0:XRv-LAB(config-ssh-peer)#commit
Thu Mar  5 11:17:29.289 UTC

RP/0/0/CPU0:XRv-LAB(config-ssh-peer)#do who
Thu Mar  5 11:26:11.743 UTC
   Line            User                 Service  Conns   Idle        Location
*  con0/0/CPU0     cisco                hardware     0  00:00:00    
   vty0            cisco                ssh          0  00:00:07     192.168.1.100
   vty1                                 telnet       0  00:00:04     192.168.1.100


To reach remote networks, you need a static default route:

RP/0/0/CPU0:XRv-LAB(config)#router ?    
  amt     Automatic Multicast Tunneling (AMT)
  bgp     BGP configuration subcommands
  eigrp   EIGRP configuration subcommands
  hsrp    HSRP configuration subcommands
  igmp    IPv4 Address Family
  isis    ISO IS-IS
  lisp    LISP configuration subcommands
  mld     IPv6 address family
  msdp    MSDP configuration subcommands
  ospf    OSPF configuration subcommands
  ospfv3  IPv6 Open Shortest Path First protocol (OSPFv3)
  pim     PIM configuration subcommands
  rib     RIB configuration subcommands
  rip     RIP configuration subcommands
  static  Static route configuration subcommands
  vrrp    VRRP configuration subcommands
RP/0/0/CPU0:XRv-LAB(config)#router static
RP/0/0/CPU0:XRv-LAB(config-static)#?
  address-family      Static route address family configuration subcommands
  apply-group         Apply configuration from a group
  apply-group-append  Append apply-group configuration from a group
  apply-group-remove  Remove a group from apply-group configuration
  clear               Clear the uncommitted configuration
  commit              Commit the configuration changes to running
  describe            Describe a command without taking real actions
  do                  Run an exec command
  exclude-group       Exclude apply-group configuration from a group
  exclude-item        Negate a command or set its defaults
  exit                Exit from this submode
  maximum             Limit the number of static paths which may be configured
  no                  Negate a command or set its defaults
  pwd                 Commands used to reach current submode
  root                Exit to the global configuration mode
  show                Show contents of configuration
  vrf                 VRF Static route configuration subcommands
RP/0/0/CPU0:XRv-LAB(config-static)#address-family ?
  ipv4  IPv4 commands
  ipv6  IPv6 commands
RP/0/0/CPU0:XRv-LAB(config-static)#address-family ipv4 ?
  multicast  Multicast commands
  unicast    Unicast commands
RP/0/0/CPU0:XRv-LAB(config-static)#address-family ipv4 unicast
RP/0/0/CPU0:XRv-LAB(config-static-afi)#?
  A.B.C.D/length      Destination prefix
  apply-group         Apply configuration from a group
  apply-group-append  Append apply-group configuration from a group
  apply-group-remove  Remove a group from apply-group configuration
  clear               Clear the uncommitted configuration
  commit              Commit the configuration changes to running
  describe            Describe a command without taking real actions
  do                  Run an exec command
  exclude-group       Exclude apply-group configuration from a group
  exclude-item        Negate a command or set its defaults
  exit                Exit from this submode
  no                  Negate a command or set its defaults
  pwd                 Commands used to reach current submode
  root                Exit to the global configuration mode
  show                Show contents of configuration
  topology            Topology static route configuration subcommands
RP/0/0/CPU0:XRv-LAB(config-static-afi)#0.0.0.0/0 ?
  A.B.C.D          Forwarding router's address
  BVI              Bridge-Group Virtual Interface
  Bundle-Ether     Aggregated Ethernet interface(s)
  Bundle-POS       Aggregated POS interface(s)
  CEM              Circuit Emulation interface(s)
  FastEthernet     FastEthernet/IEEE 802.3 interface(s)
  FortyGigE        FortyGigabitEthernet/IEEE 802.3 interface(s)
  GigabitEthernet  GigabitEthernet/IEEE 802.3 interface(s)
  HundredGigE      HundredGigabitEthernet/IEEE 802.3 interface(s)
  IMA              ATM Network Interface(s)
  InterflexLeft    InterFlex Left interface(s)
  InterflexRight   InterFlex Right interface(s)
  Loopback         Loopback interface(s)
  MgmtEth          Ethernet/IEEE 802.3 interface(s)
  Multilink        Multilink network interface(s)
  Null             Null interface
  POS              Packet over SONET/SDH network interface(s)
  PW-Ether         PWHE Ethernet Interface
  PW-IW            PWHE VC11 IP Interworking Interface
  SRP              SRP interface(s)
  Serial           Serial network interface(s)
  TenGigE          TenGigabitEthernet/IEEE 802.3 interface(s)
  tunnel-ip        GRE/IPinIP Tunnel Interface(s)
  tunnel-ipsec     IPSec Tunnel interface(s)
  tunnel-te        MPLS Traffic Engineering Tunnel interface(s)
  tunnel-tp        MPLS Transport Protocol Tunnel interface
  vrf              Destination VRF
RP/0/0/CPU0:XRv-LAB(config-static-afi)#0.0.0.0/0 192.168.1.1
RP/0/0/CPU0:XRv-LAB(config-static-afi)#commit