[rancid] Cisco ASA+WLC script

Michael Maymann michael at maymann.org
Fri Mar 9 13:38:02 UTC 2012


Hi,

Ryan: ok.
No, I didn't - do I have to :) ?. Shouldn't I just be able to:
/usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c "sh cpu" HOST
?


Thanks in advance :-)!
~maymann

2012/3/9 Ryan West <rwest at zyedge.com>

>  Yes, that's it. I assume you set up rancid-fe and tried rancid-run -r
> devicename as well?
>
> Sent from handheld
>
> On Mar 9, 2012, at 8:20 AM, "Michael Maymann" <michael at maymann.org> wrote:
>
>   Hi,
>
> Ryan: thanks for your reply.
> I'm running...
> Rancid: 2.3.6
> WLC: 6.0.202.0
>
> found a wlogin here:
> http://www.gossamer-threads.com/lists/rancid/users/4674
>
> but I can't get it to work:
> -bash-3.2$ /usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c "sh cpu" HOST
> ": no such file or directory
> -bash-3.2$ /usr/libexec/rancid/wlogin -c "sh cpu" HOST
> ": no such file or directory
>
> Is this the one you are talking about - or is there a newer one somewhere ?
>
>
> Thanks in advance :-) !
> ~maymann
>
>
> 2012/3/9 Ryan West <rwest at zyedge.com>
>
>>  Do a search in the archive and you'll find the wlc script.  What
>> version are you running?
>>
>> Sent from handheld
>>
>> On Mar 9, 2012, at 7:19 AM, "Michael Maymann" <michael at maymann.org>
>> wrote:
>>
>>   Hi,
>>
>> Marito: thanks, that did it for the ASA's :) !
>> now I have the following on my WLC's:
>> ---
>> -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver"
>> HOST
>> HOST
>> spawn ssh -c 3des -x -l USR HOST
>>
>>
>> (Cisco Controller)
>> User: USR
>> Password:************
>> (Cisco Controller) >enable
>>
>> Incorrect usage.  Use the '?' or <TAB> key to list commands.
>>
>> (Cisco Controller) >
>> Error: Check your Enable passwd
>> ---
>>
>> These are the non-enable-commands that I can run on the WLC:
>> ---
>> (Cisco Controller) >?
>>
>> clear          Clear selected configuration elements.
>> config         Configure switch options and settings.
>> debug          Manages system debug options.
>> help           Help
>> license        Manage Software License
>> linktest       Perform a link test to a specified MAC address.
>> logout         Exit this session. Any unsaved changes are lost.
>> ping           Send ICMP echo packets to a specified IP address.
>> mping          Send Mobility echo packets to a specified mobility peer IP
>> address.
>> eping          Send Ethernet-over-IP echo packets to a specified mobility
>> peer IP address.
>> reset          Reset options.
>> save           Save switch configurations.
>> show           Display switch options and settings.
>> test           Test trigger commands
>> transfer       Transfer a file to or from the switch.
>> ---
>>
>> How can I get this to work as it seems that "enable" command is called
>> "config" ?
>> Should I create a new .cloginrc_wlc for this and what would it look like ?
>>
>>
>> Thanks in advance :) !
>> ~maymann
>>
>>
>> 2012/3/9 Marito ... <me_gogorza at hotmail.com>
>>
>>>  Hi Michael,
>>>
>>> You should set up autoenable to 0. As per Rancid .clogin help:
>>>
>>> ".B add autoenable <router name glob> {[01]}
>>> When using locally defined usernames or AAA, it is possible to have a
>>> login which is automatically enabled.  This is, that user has enable
>>> privileges without the need to execute the enable command.  The router's
>>> prompt is different for enabled mode, ending with a # rather than a >.
>>>
>>> Example: add autoenable * {1}
>>>
>>> Default: 0
>>>
>>> zero, meaning that the user is not automatically enabled and should
>>> execute the enable command to gain enable privileges, unless negated by the
>>> noenable directive or \-noenable command\-line option.
>>> "
>>>
>>> Regards.
>>>
>>>
>>>  ------------------------------
>>> From: michael at maymann.org
>>> Date: Fri, 9 Mar 2012 12:23:24 +0100
>>> To: rancid-discuss at shrubbery.net
>>> Subject: Re: [rancid] Cisco ASA+WLC script
>>>
>>>
>>> Hi,
>>>
>>> Daniel+DenyIPAnyAny: Thanks for your quick reply :) !
>>>
>>> 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't
>>> see any in 2.3.8 either - how do I get wlogin ?
>>> I'm doing this because I have some equipment that rancid doesn't
>>> support, that I also need backed-up (and don't know expect that well). So
>>> just created a little wrapper around Rancid to perfect things for me.
>>>
>>> 2. How do you backup your ASA's ?
>>> nothing is wrong with my .clogin:
>>> ---
>>> add method * ssh
>>> #add method * telnet
>>> add user * USR
>>> add password * {PWD} {enable_PWD}
>>> add autoenable * {1}
>>> ---
>>> works fine, logging in and trying to run command(s) and exits - but
>>> doesn't enter enable mode and therefore can't run commands like "more
>>> system:running-config" that is working fine manually logging in to enable
>>> mode:
>>> -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more
>>> system:running-config" HOST
>>> HOST
>>> spawn ssh -c 3des -x -l admin HOST
>>> USR at HOST's password:
>>> Type help or '?' for a list of available commands.
>>> HOST>
>>> HOST> terminal length 0
>>>            ^
>>> ERROR: % Invalid input detected at '^' marker.
>>> HOST>  more system:running-config
>>>           ^
>>> ERROR: % Invalid input detected at '^' marker.
>>> HOST>exit
>>>
>>> Logoff
>>>
>>> Connection to HOST closed.
>>>
>>>
>>> Thanks in advance :-) !
>>>
>>> ~maymann
>>>
>>> 2012/3/9 Deny IP Any Any <denyipanyany at gmail.com>
>>>
>>> I backup several Cisco ASAs without issue; with your symptoms, usually
>>> the problem is with your .clogin file (specifically either the
>>> autologin option)
>>>
>>> 2012/3/8 Michael Maymann <michael at maymann.org>:
>>>  > Hi List,
>>> >
>>> > I am trying to configure scheduled backups of my Cisco ASAs and WLCs.
>>> > I am currently trying to use clogin. Login is successful, but it never
>>> > enters enable/configure mode - and therefore is not able to run the
>>> desired
>>> > commands/retrieve all the necessary information (it tries to though !).
>>> > Can't paste my .clogin, as I'm at home currently. But everything
>>> > (password/enable_password) is ok there ! (I am running this already on
>>> my HP
>>> > Switches)
>>> >
>>> > just after login and before it should enter enable/configure mode, it
>>> tries
>>> > to execute the command (from within clogin - not something I told it
>>> to...):
>>> > "terminal length 0"
>>> > but the right command for this on a ASA/WLC's is:
>>> > "no pager" or "terminal pager 0"
>>> >
>>> > 1. Is there a better Xlogin that I should use ?
>>> > 2. If clogin is the best script, where in the clogin can I fix this ?
>>> > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I
>>> guess
>>> > I could just add a "; exit" or "; logout" at the end of my command, but
>>> > where can I fix this as-well ?
>>> >
>>> >
>>> > Thanks in advance :) !
>>> > ~maymann
>>> >
>>>  > _______________________________________________
>>> > Rancid-discuss mailing list
>>> > Rancid-discuss at shrubbery.net
>>> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>>
>>>
>>>
>>> --
>>> deny ip any any (4393649193 matches)
>>>
>>>
>>>
>>> _______________________________________________ Rancid-discuss mailing
>>> list Rancid-discuss at shrubbery.net
>>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>>
>>
>>   _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20120309/2996dec1/attachment.html>


More information about the Rancid-discuss mailing list