[rancid] Re: Probelms gettin PIX 501 Version 6.3(5) configuration
Sam Munzani
smunzani at comcast.net
Thu Apr 17 16:54:49 UTC 2008
With limited priv you can't run "show running-config" command. You have
to run "show config" provided its permitted command in your limited
access setup. To setup limited priv properly, you need something like below.
privilege show level 1 mode exec command configuration <== This is
ASA command so you will have to figure out equivalent on PIX
Sam
>
> Hi everyone,
>
> I am having trouble trying to get the configuration of a PIX 501
> Version 6.3(5). I am using an enable user with limited privileges to
> access the firewall. This only happens when I use the user with
> limited privileges on the firewall. If I use enable level 15 I can get
> the config and check it out in SVN. Does anybody know what permissions
> are needed to allow a user to pull the running config info? Below are
> the logs when I run rancid-run
>
> Thanks in advance,
>
> Alex.
>
>
>
> Trying to get all of the configs.
>
> pa-fw-501: End of run not found
>
> : end
>
> la-fw-501 clogin error: Error: TIMEOUT reached
>
> la-fw-501: missed cmd(s): admin show diag,dir /all slavedisk2:,show
> rsp chassis-info,dir /all sec-slot2:,show diag,dir /all disk1:,show
> gsr chassis,dir /all sec-nvram:,show diag chassis-info,dir /all
> disk2:,dir /all sec-bootflash:,show spe version,dir /all
> slaveslot2:,dir /all disk0:,show install active,show bootvar,dir /all
> slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all
> slavenvram:,show flash,dir /all sec-disk2:,dir /all
> slavesup-bootflash:,dir /all sec-disk0:,dir /all harddiskb:,show
> variables boot,show boot,show inventory raw,dir /all slavedisk1:,show
> env all,show module,admin show env all,show controllers,admin show
> version,show diagbus,dir /all slavedisk0:,show debug,show idprom
> backplane,dir /all bootflash:,dir /all sec-slot0:,dir /all
> sec-disk1:,write term,show vtp status,dir /all sup-bootflash:,dir /all
> slot2:,dir /all harddisk:,dir /all slot0:,dir /all sup-microcode:,show
> vlan,dir /all slavebootflash:,show controllers cbus,dir /all
> slaveslot1:,dir /all nvram:,show version,show vlan-switch,admin show
> variables boot,show redundancy secondary,show running-config,show
> c7200,dir /all slot1:
>
> la-fw-501: End of run not found
>
> !
>
> --------------------------------------------------------------------------
>
> *Alejandro A. Malberty*
>
> Systems Administrator
>
> Engineering
>
> BabyCenter, LLC
>
> amalberty at babycenter.com
>
> p: 415.344.7626
>
> <http://www.babycenter.com>
>
>
> _http://www.babycenter.com_
>
>
>
> /
>
> This email message is for the sole use of the intended recipient(s)
> and may contain confidential and privileged information. Any
> unauthorized review, use, disclosure or distribution is prohibited. If
> you are not the intended recipient, please contact the sender by reply
> email and destroy all copies of the original message. If you are the
> intended recipient, please be advised that the content of this message
> is subject to access, review and disclosure by the sender's Email
> System Administrator.
>
> /
> ------------------------------------------------------------------------
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080417/8b539e3f/attachment.html
More information about the Rancid-discuss
mailing list