[rancid] Cisco ASA+WLC script

Michael Maymann michael at maymann.org
Fri Mar 9 12:18:14 UTC 2012 

Hi,

Marito: thanks, that did it for the ASA's :) !
now I have the following on my WLC's:
---
-bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver" HOST
HOST
spawn ssh -c 3des -x -l USR HOST


(Cisco Controller)
User: USR
Password:************
(Cisco Controller) >enable

Incorrect usage.  Use the '?' or <TAB> key to list commands.

(Cisco Controller) >
Error: Check your Enable passwd
---

These are the non-enable-commands that I can run on the WLC:
---
(Cisco Controller) >?

clear          Clear selected configuration elements.
config         Configure switch options and settings.
debug          Manages system debug options.
help           Help
license        Manage Software License
linktest       Perform a link test to a specified MAC address.
logout         Exit this session. Any unsaved changes are lost.
ping           Send ICMP echo packets to a specified IP address.
mping          Send Mobility echo packets to a specified mobility peer IP
address.
eping          Send Ethernet-over-IP echo packets to a specified mobility
peer IP address.
reset          Reset options.
save           Save switch configurations.
show           Display switch options and settings.
test           Test trigger commands
transfer       Transfer a file to or from the switch.
---

How can I get this to work as it seems that "enable" command is called
"config" ?
Should I create a new .cloginrc_wlc for this and what would it look like ?


Thanks in advance :) !
~maymann


2012/3/9 Marito ... <me_gogorza at hotmail.com>

>  Hi Michael,
>
> You should set up autoenable to 0. As per Rancid .clogin help:
>
> ".B add autoenable <router name glob> {[01]}
> When using locally defined usernames or AAA, it is possible to have a
> login which is automatically enabled.  This is, that user has enable
> privileges without the need to execute the enable command.  The router's
> prompt is different for enabled mode, ending with a # rather than a >.
>
> Example: add autoenable * {1}
>
> Default: 0
>
> zero, meaning that the user is not automatically enabled and should
> execute the enable command to gain enable privileges, unless negated by the
> noenable directive or \-noenable command\-line option.
> "
>
> Regards.
>
>
>  ------------------------------
> From: michael at maymann.org
> Date: Fri, 9 Mar 2012 12:23:24 +0100
> To: rancid-discuss at shrubbery.net
> Subject: Re: [rancid] Cisco ASA+WLC script
>
>
> Hi,
>
> Daniel+DenyIPAnyAny: Thanks for your quick reply :) !
>
> 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't see
> any in 2.3.8 either - how do I get wlogin ?
> I'm doing this because I have some equipment that rancid doesn't support,
> that I also need backed-up (and don't know expect that well). So just
> created a little wrapper around Rancid to perfect things for me.
>
> 2. How do you backup your ASA's ?
> nothing is wrong with my .clogin:
> ---
> add method * ssh
> #add method * telnet
> add user * USR
> add password * {PWD} {enable_PWD}
> add autoenable * {1}
> ---
> works fine, logging in and trying to run command(s) and exits - but
> doesn't enter enable mode and therefore can't run commands like "more
> system:running-config" that is working fine manually logging in to enable
> mode:
> -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more
> system:running-config" HOST
> HOST
> spawn ssh -c 3des -x -l admin HOST
> USR at HOST's password:
> Type help or '?' for a list of available commands.
> HOST>
> HOST> terminal length 0
>            ^
> ERROR: % Invalid input detected at '^' marker.
> HOST>  more system:running-config
>           ^
> ERROR: % Invalid input detected at '^' marker.
> HOST>exit
>
> Logoff
>
> Connection to HOST closed.
>
>
> Thanks in advance :-) !
>
> ~maymann
>
> 2012/3/9 Deny IP Any Any <denyipanyany at gmail.com>
>
> I backup several Cisco ASAs without issue; with your symptoms, usually
> the problem is with your .clogin file (specifically either the
> autologin option)
>
> 2012/3/8 Michael Maymann <michael at maymann.org>:
>  > Hi List,
> >
> > I am trying to configure scheduled backups of my Cisco ASAs and WLCs.
> > I am currently trying to use clogin. Login is successful, but it never
> > enters enable/configure mode - and therefore is not able to run the
> desired
> > commands/retrieve all the necessary information (it tries to though !).
> > Can't paste my .clogin, as I'm at home currently. But everything
> > (password/enable_password) is ok there ! (I am running this already on
> my HP
> > Switches)
> >
> > just after login and before it should enter enable/configure mode, it
> tries
> > to execute the command (from within clogin - not something I told it
> to...):
> > "terminal length 0"
> > but the right command for this on a ASA/WLC's is:
> > "no pager" or "terminal pager 0"
> >
> > 1. Is there a better Xlogin that I should use ?
> > 2. If clogin is the best script, where in the clogin can I fix this ?
> > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I
> guess
> > I could just add a "; exit" or "; logout" at the end of my command, but
> > where can I fix this as-well ?
> >
> >
> > Thanks in advance :) !
> > ~maymann
> >
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
>
> --
> deny ip any any (4393649193 matches)
>
>
>
> _______________________________________________ Rancid-discuss mailing
> list Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20120309/d893723a/attachment.html>

More information about the Rancid-discuss mailing list