<br><font size=2 face="sans-serif">Hi Dave,</font>
<br><font size=2 face="sans-serif">at the end I managed...</font>
<br><font size=2 face="sans-serif">What I have done in : </font>
<br><font size=2 face="sans-serif">add password mucfwt10 {pw} {enable-pw}</font>
<br>
<br><font size=2 face="sans-serif">is to set up, instead of the enable-pw
locally installed in the fw, I have put the Tacacs password for the user
rancid... and it works.,</font>
<br><font size=2 face="sans-serif">Now I have to trigger a little bit the
scripts because for the fws is not valid anymore the command "terminal
length 0", if not the command "terminal monitor 0"</font>
<br><font size=2 face="sans-serif">The rest, (regarding at least the show
config )looks the same..</font>
<br><font size=2 face="sans-serif"> </font>
<br>
<br><font size=2 face="sans-serif">Best regards</font>
<br>
<br><font size=2 face="sans-serif">Lourdes</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=39%>
<br>
<br>
<p>
<p><font size=1 face="sans-serif"><b>David LaPorte <david_laporte@harvard.edu></b></font>
<table border>
<tr valign=top>
<td bgcolor=white>
<div align=center><font size=1 face="sans-serif">Please respond to david_laporte@harvard.edu</font></div></table>
<p><font size=1 face="sans-serif">10/17/06 05:48 PM</font>
<td width=60%>
<table width=100%>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td valign=top><font size=1 face="sans-serif">Lourdes Llorente <lllorente@amadeus.com></font>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td valign=top>
<tr>
<td>
<div align=right></div>
<td valign=top>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td valign=top><font size=1 face="sans-serif">Re: [rancid] does clogin
work for Cisco FWSM ?</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><tt><font size=2>My authentication is also done through TACACS. You've
tried it with the<br>
"add password" line and it still fails?<br>
<br>
<br>
Dave<br>
<br>
Lourdes Llorente wrote:<br>
> <br>
> Hi David!<br>
> <br>
> Stil does not work... :o( , still does not find the password. The<br>
> authentication is done through Tacacs this is why it looks a little
bit<br>
> different..<br>
> <br>
> Look at my config in .cloginrc<br>
> <br>
> add method fwt10 {ssh}<br>
> add user fwt10 {rancid}<br>
> add userpassword fwt10 {password}<br>
> <br>
> Thanks a lot for your help..<br>
> Cheers<br>
> <br>
> <br>
> <br>
> <br>
> *David LaPorte <david_laporte@harvard.edu>*<br>
> Please respond to david_laporte@harvard.edu<br>
> <br>
> 10/17/06 05:29 PM<br>
> <br>
> <br>
> To<br>
> Lourdes
Llorente <lllorente@amadeus.com><br>
> cc<br>
> <br>
> <br>
> Subject<br>
> Re:
[rancid] does clogin work for Cisco FWSM ?<br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> <br>
> here's what my .cloginrc looks like for that particular element:<br>
> <br>
> add method oxfw1 {ssh}<br>
> add user * rancid<br>
> add password * {rancid_pass} {enable_pass}<br>
> <br>
> I don't believe "enauser" and "userpassword" are
necessary.<br>
> <br>
> Dave<br>
> <br>
> Lourdes Llorente wrote:<br>
>><br>
>> Hello !<br>
>><br>
>> clogin fwt10<br>
>> fwt10<br>
>><br>
>> Error: no password for fwt10 in /export/home/guest/.cloginrc.<br>
>><br>
>> Cheers,<br>
>> Lourdes<br>
>><br>
>><br>
>><br>
>><br>
>><br>
>> *David LaPorte <david_laporte@harvard.edu>*<br>
>> Please respond to david_laporte@harvard.edu<br>
>><br>
>> 10/17/06 05:08 PM<br>
>><br>
>> <br>
>> To<br>
>> Lourdes
Llorente <lllorente@amadeus.com><br>
>> cc<br>
>> <br>
>> <br>
>> Subject<br>
>> Re:
[rancid] does clogin work for Cisco FWSM ?<br>
>><br>
>><br>
>> <br>
>><br>
>><br>
>><br>
>><br>
>><br>
>> This is what a clogin transcript logging into one of my FWSMs
looks like:<br>
>><br>
>> -bash-2.05b$ ./clogin oxfw1<br>
>> oxfw1<br>
>> spawn ssh -c 3des -x -l rancid oxfw1<br>
>> rancid@oxfw1's password:<br>
>><br>
>> ********************* W A R N I N G *********************<br>
>><br>
>> This system is for authorized users at Harvard University.<br>
>> No other
use is permitted.<br>
>><br>
>> ***** Harvard University Network Operations Center *******<br>
>> ********************* (617) 496-4736 *********************<br>
>><br>
>> Type help or '?' for a list of available commands.<br>
>> oxfw1><br>
>> oxfw1> enable<br>
>> Password: *********<br>
>> oxfw1#<br>
>><br>
>><br>
>><br>
>> Can you send me what yours looks like?<br>
>><br>
>> thanks,<br>
>> Dave<br>
>><br>
>> Lourdes Llorente wrote:<br>
>>><br>
>>> Thanks for your answer !<br>
>>> But do you have a special prompt ?<br>
>>> For some reason when typing "clogin fwt10", it does
not find the pw for<br>
>>> the fw10.<br>
>>><br>
>>> And my .cloginrc looks like this:<br>
>>> add user fwt10 {rancid}<br>
>>> add userpassword fwt10 {password}<br>
>>> add method fwt10 {ssh}<br>
>>> add enauser fwt10 {password}<br>
>>> add enableprompt {"fw*+/pri/act>"}<br>
>>><br>
>>> Cheers,<br>
>>><br>
>>><br>
>>><br>
>>><br>
>>><br>
>>><br>
>>> *David LaPorte <david_laporte@harvard.edu>*<br>
>>> Please respond to david_laporte@harvard.edu<br>
>>><br>
>>> 10/17/06 04:08 PM<br>
>>><br>
>>> <br>
>>> To<br>
>>> Lourdes
Llorente <lllorente@amadeus.com><br>
>>> cc<br>
>>> rancid-discuss@shrubbery.net<br>
>>> <br>
>>> Subject<br>
>>> Re:
[rancid] does clogin work for Cisco FWSM ?<br>
>>><br>
>>><br>
>>> <br>
>>><br>
>>><br>
>>><br>
>>><br>
>>><br>
>>> We're using it with 15 FWSMs and it works well. I tag
them as "cisco"<br>
>>> and I don't believe I needed to hack any code to make things
work.<br>
>>><br>
>>> Dave<br>
>>><br>
>>> Lourdes Llorente wrote:<br>
>>>><br>
>>>> Hello !<br>
>>>><br>
>>>> Has anyone tried to setup Rancid to work with FWSM from
Cisco ?<br>
>>>> I am having some trouble with it as I am not managing
to set up properly<br>
>>>> .cloginrc , for example it does not find the password
for the fw and the<br>
>>>> userprompt is also not correct, on the format "user@fw's
password:"<br>
>>>><br>
>>>><br>
>>>> Another special thing is that defining in router.db the
fw as juniper<br>
>>>> device, it logs in but it does not manage to download
the configuration.<br>
>>>><br>
>>>> Thanks in advance for your help,<br>
>>>> Cheers<br>
>>>><br>
>>>><br>
>>>> ------------------------------------------------------------------------<br>
>>>><br>
>>>> _______________________________________________<br>
>>>> Rancid-discuss mailing list<br>
>>>> Rancid-discuss@shrubbery.net<br>
>>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss<br>
>>><br>
>><br>
>> --<br>
>> David LaPorte, CISSP, CCNP<br>
>> Security Manager, Network and Server Systems<br>
>> Harvard University Information Systems<br>
>> -----------------------------------------------<br>
>> Email: david_laporte@harvard.edu<br>
>> PGP: 0x4DC3E508<br>
>> 4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508<br>
>><br>
>><br>
> <br>
> -- <br>
> David LaPorte, CISSP, CCNP<br>
> Security Manager, Network and Server Systems<br>
> Harvard University Information Systems<br>
> -----------------------------------------------<br>
> Email: david_laporte@harvard.edu<br>
> PGP: 0x4DC3E508<br>
> 4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508<br>
> <br>
> <br>
<br>
-- <br>
David LaPorte, CISSP, CCNP<br>
Security Manager, Network and Server Systems<br>
Harvard University Information Systems<br>
-----------------------------------------------<br>
Email: david_laporte@harvard.edu<br>
PGP: 0x4DC3E508<br>
4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508<br>
<br>
</font></tt>
<br>