firewall blade in 6509 system context backup issue
Gee-clough, Aaron (NIH/CIT)
geecla at mail.nih.gov
Fri Sep 16 15:51:56 UTC 2005
Could you assign an IP to the admin context and treat it like a unique
device? (Ie ssh to it directly, rather than sessioning to it from the
switch.)
aaron
------------------
Aaron Gee-Clough
DNST/CIT/NEB/NSS
Contractor. Geek.
_____
From: Hopper, Faron W. [mailto:faron.hopper at capgemini.com]
Sent: Wednesday, September 14, 2005 5:38 PM
To: david_laporte at harvard.edu
Cc: rancid-discuss at shrubbery.net
Subject: RE: firewall blade in 6509 system context backup issue
I tried adding the \n and it still just hangs.
Faron Hopper
Capgemini
Network Engineer
3315 N. Oak Trfy
Kansas City, MO 64116
816.459.5139
-----Original Message-----
From: David LaPorte [mailto:david_laporte at harvard.edu
<mailto:david_laporte at harvard.edu> ]
Sent: Wed 9/14/2005 3:36 PM
To: Hopper, Faron W.
Cc: rancid-discuss at shrubbery.net
Subject: Re: firewall blade in 6509 system context backup issue
Just a thought, but try adding a "\n" in there:
clogin -c "changeto system\nshow version" hostname
Hopper, Faron W. wrote:
> Hello,
> Well, thanks to everyone's help, I am almost finished setting up
> RANCID to retrieve all of my configs. I have one last issue that I
> would like to ask everyone's opinion on. We have 2 new firewall blades
> for Cisco's 6500 series switches. These firewall blades have the
> concept of contexts or virtual firewalls. When I use clogin to login
> into the virtual firewall, I can issue the changeto <context> command it
> will change the context. Everything works fine until i try to run clogin
> -c "changeto system; show version" hostname. I think the problem is
> that the prompt changes. Is it possible to use the enableprompt to
> catch this? I haven't tried it yet, but from reading the man page it
> doesn't sound like it will look for a different prompt once I am already
> logged in. Here is the clogin info.
>
>
> bash-3.00# clogin ddcxf01c-fw-admin
> ddcxf01c-fw-admin
> spawn ssh -c 3des -x -l kcsc\netcfgbak ddcxf01c-fw-admin
> kcsc\\netcfgbak at ddcxf01c-fw-admin's password:
> Type help or '?' for a list of available commands.
> ddcxf01c/admin>
> ddcxf01c/admin> enable
> Password: ********
> ddcxf01c/admin#
> ddcxf01c/admin# changeto system
> ddcxf01c# sh ver
>
> FWSM Firewall Version 2.3(2) <system>
> FWSM Device Manager Version 4.1(1)
>
> Compiled on Wed 06-Apr-05 13:08 by dalecki
>
> ddcxf01c up 22 days 15 hours
>
> Hardware: WS-SVC-FWM-1, 1024 MB RAM, CPU Pentium III 1000 MHz
> Flash 2.20 TOSHIBA THNCF128MBA @ 0xc321, 20MB
>
> 0: gb-ethernet0: irq 5
> 1: gb-ethernet1: irq 7
> 2: ethernet0: irq 11
>
> Licensed Features:
> Failover: Enabled
> VPN-DES: Enabled
> VPN-3DES: Enabled
> Maximum Interfaces: 256 (per security context)
> Cut-through Proxy: Enabled
> Guards: Enabled
> URL-filtering: Enabled
> Throughput: Unlimited
> ISAKMP peers: Unlimited
> Security Contexts: 20
>
> This machine has an Unrestricted (UR) license.
>
> Serial Number:
> Running Activation Key:
> Configuration last modified by kcsc\netcfgbak at 15:16:53 Sep 14 2005
> ddcxf01c# exit
>
> Logoff
>
>
>
> Thanks in advance,
>
> Faron Hopper
> Capgemini
> Network Engineer
> 3315 N. Oak Trfy
> Kansas City, MO 64116
> 816.459.5139
>
--
David LaPorte, CISSP, CCNP
Security Manager, Network and Server Systems
Harvard University Information Systems
-----------------------------------------------
Email: david_laporte at harvard.edu
PGP: 0x4DC3E508
4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508
More information about the Rancid-discuss
mailing list