[rancid] Re: rancid with Cisco ASA 5520 in Multiple Context Mode

Bob Brunette Bob.Brunette at cdw.com
Thu Apr 23 13:32:24 UTC 2009 

I think the problem is that when you change to a different context the system prompt string changes.  rancid depends on seeing the prompt string to know when it can send the next command.  The solution is to login to each context individually and back it up.

Sadly, there is no way to login to the system execution space, and that's where the "master" config is that defines all of the contexts--you must get to it by issuing a "changeto system" command from the admin context.  Of course this changes the system prompt string, so you have the same problem as trying to backup multiple contexts.

Bob

-----Original Message-----
From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Carlo
Sent: Wednesday, April 22, 2009 7:29 PM
To: 'Peter Serwe'; rancid-discuss at shrubbery.net
Subject: [rancid] Re: rancid with Cisco ASA 5520 in Multiple Context Mode

I have no issues backing up our external perimeter firewalls.  When you
login into an ASA running in multiple context mode you login into the
"admin" context, this context does not include the other context
configurations.  So once you are logged into the "admin" context you run the
"change" or "changeto" commands to switch between the "virtual" firewalls.
Each firewall is separated and there is no global way of backing them up
without running the commands listed above.

The sad thing is I was able to back up everything with kiwi cat:\

login in with ssh

changeto firewall1
terminal pager 0
sh run

changeto firewall2
terminal pager 0
sh run

changeto firewall3
terminal pager 0
sh run
exit

-lo

-----Original Message-----
From: Peter Serwe [mailto:peter.serwe at gmail.com] 
Sent: Wednesday, April 22, 2009 1:38 PM
To: Carlo Finotti
Subject: Re: [rancid] Re: rancid with Cisco ASA 5520 in Multiple Context
Mode

2009/4/22 Carlo Finotti <carlo.finotti at gmail.com>:
> That sounds great!  I will follow those steps listed below.
>
> But I'm still having issues backing up my ASA running in multiple context
mode:\
>
> -lo

There isn't a good answer to that.  I don't use my ASA's that way.
What version of ASA software?

Do you attempt to log into each context automatically, or how do you
switch because they way I understand
it is that every context has a different configuration, but there is a
master context from which you can back up
the entire configuration, is this incorrect?

Peter




-- 
ピーター

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

More information about the Rancid-discuss mailing list