firewall blade in 6509 system context backup issue

David LaPorte david_laporte at harvard.edu
Wed Sep 14 20:36:26 UTC 2005


Just a thought, but try adding a "\n" in there:

clogin -c "changeto system\nshow version" hostname


Hopper, Faron W. wrote:
> Hello,
>     Well, thanks to everyone's help, I am almost finished setting up 
> RANCID to retrieve all of my configs.  I have one last issue that I 
> would like to ask everyone's opinion on.  We have 2 new firewall blades 
> for Cisco's 6500 series switches.  These firewall blades have the 
> concept of contexts or virtual firewalls.  When I use clogin to login 
> into the virtual firewall, I can issue the changeto <context> command it 
> will change the context. Everything works fine until i try to run clogin 
> -c "changeto system; show version" hostname.  I think the problem is 
> that the prompt changes.  Is it possible to use the enableprompt to 
> catch this?  I haven't tried it yet, but from reading the man page it 
> doesn't sound like it will look for a different prompt once I am already 
> logged in.  Here is the clogin info.
> 
> 
> bash-3.00# clogin ddcxf01c-fw-admin
> ddcxf01c-fw-admin
> spawn ssh -c 3des -x -l kcsc\netcfgbak ddcxf01c-fw-admin
> kcsc\\netcfgbak at ddcxf01c-fw-admin's password:
> Type help or '?' for a list of available commands.
> ddcxf01c/admin>
> ddcxf01c/admin> enable
> Password: ********
> ddcxf01c/admin#
> ddcxf01c/admin# changeto system
> ddcxf01c# sh ver
> 
> FWSM Firewall Version 2.3(2) <system>
> FWSM Device Manager Version 4.1(1)
> 
> Compiled on Wed 06-Apr-05 13:08 by dalecki
> 
> ddcxf01c up 22 days 15 hours
> 
> Hardware:   WS-SVC-FWM-1, 1024 MB RAM, CPU Pentium III 1000 MHz
> Flash  2.20    TOSHIBA THNCF128MBA @ 0xc321, 20MB
> 
> 0: gb-ethernet0: irq 5
> 1: gb-ethernet1: irq 7
> 2: ethernet0: irq 11
> 
> Licensed Features:
> Failover:           Enabled
> VPN-DES:            Enabled
> VPN-3DES:           Enabled
> Maximum Interfaces: 256 (per security context)
> Cut-through Proxy:  Enabled
> Guards:             Enabled
> URL-filtering:      Enabled
> Throughput:         Unlimited
> ISAKMP peers:       Unlimited
> Security Contexts:  20
> 
> This machine has an Unrestricted (UR) license.
> 
> Serial Number:
> Running Activation Key:
> Configuration last modified by kcsc\netcfgbak at 15:16:53 Sep 14 2005
> ddcxf01c# exit
> 
> Logoff
> 
> 
> 
> Thanks in advance,
> 
> Faron Hopper
> Capgemini
> Network Engineer
> 3315 N. Oak Trfy
> Kansas City, MO 64116
> 816.459.5139
> 

-- 
David LaPorte, CISSP, CCNP
Security Manager, Network and Server Systems
Harvard University Information Systems
-----------------------------------------------
Email: david_laporte at harvard.edu
   PGP: 0x4DC3E508
        4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508




More information about the Rancid-discuss mailing list