[rancid] Cisco ASA+WLC script

Michael Maymann michael at maymann.org
Fri Mar 9 13:20:23 UTC 2012 

Hi,

Ryan: thanks for your reply.
I'm running...
Rancid: 2.3.6
WLC: 6.0.202.0

found a wlogin here:
http://www.gossamer-threads.com/lists/rancid/users/4674

but I can't get it to work:
-bash-3.2$ /usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c "sh cpu" HOST
": no such file or directory
-bash-3.2$ /usr/libexec/rancid/wlogin -c "sh cpu" HOST
": no such file or directory

Is this the one you are talking about - or is there a newer one somewhere ?


Thanks in advance :-) !
~maymann


2012/3/9 Ryan West <rwest at zyedge.com>

>  Do a search in the archive and you'll find the wlc script.  What version
> are you running?
>
> Sent from handheld
>
> On Mar 9, 2012, at 7:19 AM, "Michael Maymann" <michael at maymann.org> wrote:
>
>   Hi,
>
> Marito: thanks, that did it for the ASA's :) !
> now I have the following on my WLC's:
> ---
> -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver" HOST
> HOST
> spawn ssh -c 3des -x -l USR HOST
>
>
> (Cisco Controller)
> User: USR
> Password:************
> (Cisco Controller) >enable
>
> Incorrect usage.  Use the '?' or <TAB> key to list commands.
>
> (Cisco Controller) >
> Error: Check your Enable passwd
> ---
>
> These are the non-enable-commands that I can run on the WLC:
> ---
> (Cisco Controller) >?
>
> clear          Clear selected configuration elements.
> config         Configure switch options and settings.
> debug          Manages system debug options.
> help           Help
> license        Manage Software License
> linktest       Perform a link test to a specified MAC address.
> logout         Exit this session. Any unsaved changes are lost.
> ping           Send ICMP echo packets to a specified IP address.
> mping          Send Mobility echo packets to a specified mobility peer IP
> address.
> eping          Send Ethernet-over-IP echo packets to a specified mobility
> peer IP address.
> reset          Reset options.
> save           Save switch configurations.
> show           Display switch options and settings.
> test           Test trigger commands
> transfer       Transfer a file to or from the switch.
> ---
>
> How can I get this to work as it seems that "enable" command is called
> "config" ?
> Should I create a new .cloginrc_wlc for this and what would it look like ?
>
>
> Thanks in advance :) !
> ~maymann
>
>
> 2012/3/9 Marito ... <me_gogorza at hotmail.com>
>
>>  Hi Michael,
>>
>> You should set up autoenable to 0. As per Rancid .clogin help:
>>
>> ".B add autoenable <router name glob> {[01]}
>> When using locally defined usernames or AAA, it is possible to have a
>> login which is automatically enabled.  This is, that user has enable
>> privileges without the need to execute the enable command.  The router's
>> prompt is different for enabled mode, ending with a # rather than a >.
>>
>> Example: add autoenable * {1}
>>
>> Default: 0
>>
>> zero, meaning that the user is not automatically enabled and should
>> execute the enable command to gain enable privileges, unless negated by the
>> noenable directive or \-noenable command\-line option.
>> "
>>
>> Regards.
>>
>>
>>  ------------------------------
>> From: michael at maymann.org
>> Date: Fri, 9 Mar 2012 12:23:24 +0100
>> To: rancid-discuss at shrubbery.net
>> Subject: Re: [rancid] Cisco ASA+WLC script
>>
>>
>> Hi,
>>
>> Daniel+DenyIPAnyAny: Thanks for your quick reply :) !
>>
>> 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't
>> see any in 2.3.8 either - how do I get wlogin ?
>> I'm doing this because I have some equipment that rancid doesn't support,
>> that I also need backed-up (and don't know expect that well). So just
>> created a little wrapper around Rancid to perfect things for me.
>>
>> 2. How do you backup your ASA's ?
>> nothing is wrong with my .clogin:
>> ---
>> add method * ssh
>> #add method * telnet
>> add user * USR
>> add password * {PWD} {enable_PWD}
>> add autoenable * {1}
>> ---
>> works fine, logging in and trying to run command(s) and exits - but
>> doesn't enter enable mode and therefore can't run commands like "more
>> system:running-config" that is working fine manually logging in to enable
>> mode:
>> -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more
>> system:running-config" HOST
>> HOST
>> spawn ssh -c 3des -x -l admin HOST
>> USR at HOST's password:
>> Type help or '?' for a list of available commands.
>> HOST>
>> HOST> terminal length 0
>>            ^
>> ERROR: % Invalid input detected at '^' marker.
>> HOST>  more system:running-config
>>           ^
>> ERROR: % Invalid input detected at '^' marker.
>> HOST>exit
>>
>> Logoff
>>
>> Connection to HOST closed.
>>
>>
>> Thanks in advance :-) !
>>
>> ~maymann
>>
>> 2012/3/9 Deny IP Any Any <denyipanyany at gmail.com>
>>
>> I backup several Cisco ASAs without issue; with your symptoms, usually
>> the problem is with your .clogin file (specifically either the
>> autologin option)
>>
>> 2012/3/8 Michael Maymann <michael at maymann.org>:
>>  > Hi List,
>> >
>> > I am trying to configure scheduled backups of my Cisco ASAs and WLCs.
>> > I am currently trying to use clogin. Login is successful, but it never
>> > enters enable/configure mode - and therefore is not able to run the
>> desired
>> > commands/retrieve all the necessary information (it tries to though !).
>> > Can't paste my .clogin, as I'm at home currently. But everything
>> > (password/enable_password) is ok there ! (I am running this already on
>> my HP
>> > Switches)
>> >
>> > just after login and before it should enter enable/configure mode, it
>> tries
>> > to execute the command (from within clogin - not something I told it
>> to...):
>> > "terminal length 0"
>> > but the right command for this on a ASA/WLC's is:
>> > "no pager" or "terminal pager 0"
>> >
>> > 1. Is there a better Xlogin that I should use ?
>> > 2. If clogin is the best script, where in the clogin can I fix this ?
>> > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I
>> guess
>> > I could just add a "; exit" or "; logout" at the end of my command, but
>> > where can I fix this as-well ?
>> >
>> >
>> > Thanks in advance :) !
>> > ~maymann
>> >
>>  > _______________________________________________
>> > Rancid-discuss mailing list
>> > Rancid-discuss at shrubbery.net
>> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>
>>
>>
>> --
>> deny ip any any (4393649193 matches)
>>
>>
>>
>> _______________________________________________ Rancid-discuss mailing
>> list Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>
>
>   _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20120309/3edef119/attachment.html>

More information about the Rancid-discuss mailing list