[rancid] Cisco ASA+WLC script

Ryan West rwest at zyedge.com
Fri Mar 9 14:17:20 UTC 2012


Michael,

/usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c 'sh cpu' HOST

This works for me.  I was referring to ciscowlc5, my fault there.

-ryan

From: Michael Maymann [mailto:michael at maymann.org]
Sent: Friday, March 09, 2012 9:12 AM
To: Ryan West
Cc: rancid-discuss at shrubbery.net
Subject: Re: [rancid] Cisco ASA+WLC script

Hi,

how do i try wlogin5 ?


Thanks in advance :-) !
~maymann
2012/3/9 Ryan West <rwest at zyedge.com<mailto:rwest at zyedge.com>>
Try wlogin5

Sent from handheld

On Mar 9, 2012, at 8:38 AM, "Michael Maymann" <michael at maymann.org<mailto:michael at maymann.org>> wrote:
Hi,

Ryan: ok.
No, I didn't - do I have to :) ?. Shouldn't I just be able to:
/usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c "sh cpu" HOST
?


Thanks in advance :-)!
~maymann
2012/3/9 Ryan West <rwest at zyedge.com<mailto:rwest at zyedge.com>>
Yes, that's it. I assume you set up rancid-fe and tried rancid-run -r devicename as well?

Sent from handheld

On Mar 9, 2012, at 8:20 AM, "Michael Maymann" <michael at maymann.org<mailto:michael at maymann.org>> wrote:
Hi,

Ryan: thanks for your reply.
I'm running...
Rancid: 2.3.6
WLC: 6.0.202.0

found a wlogin here:
http://www.gossamer-threads.com/lists/rancid/users/4674

but I can't get it to work:
-bash-3.2$ /usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c "sh cpu" HOST
": no such file or directory
-bash-3.2$ /usr/libexec/rancid/wlogin -c "sh cpu" HOST
": no such file or directory

Is this the one you are talking about - or is there a newer one somewhere ?


Thanks in advance :-) !
~maymann

2012/3/9 Ryan West <rwest at zyedge.com<mailto:rwest at zyedge.com>>
Do a search in the archive and you'll find the wlc script.  What version are you running?

Sent from handheld

On Mar 9, 2012, at 7:19 AM, "Michael Maymann" <michael at maymann.org<mailto:michael at maymann.org>> wrote:
Hi,

Marito: thanks, that did it for the ASA's :) !
now I have the following on my WLC's:
---
-bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver" HOST
HOST
spawn ssh -c 3des -x -l USR HOST


(Cisco Controller)
User: USR
Password:************
(Cisco Controller) >enable

Incorrect usage.  Use the '?' or <TAB> key to list commands.

(Cisco Controller) >
Error: Check your Enable passwd
---

These are the non-enable-commands that I can run on the WLC:
---
(Cisco Controller) >?

clear          Clear selected configuration elements.
config         Configure switch options and settings.
debug          Manages system debug options.
help           Help
license        Manage Software License
linktest       Perform a link test to a specified MAC address.
logout         Exit this session. Any unsaved changes are lost.
ping           Send ICMP echo packets to a specified IP address.
mping          Send Mobility echo packets to a specified mobility peer IP address.
eping          Send Ethernet-over-IP echo packets to a specified mobility peer IP address.
reset          Reset options.
save           Save switch configurations.
show           Display switch options and settings.
test           Test trigger commands
transfer       Transfer a file to or from the switch.
---

How can I get this to work as it seems that "enable" command is called "config" ?
Should I create a new .cloginrc_wlc for this and what would it look like ?


Thanks in advance :) !
~maymann

2012/3/9 Marito ... <me_gogorza at hotmail.com<mailto:me_gogorza at hotmail.com>>
Hi Michael,

You should set up autoenable to 0. As per Rancid .clogin help:

".B add autoenable <router name glob> {[01]}
When using locally defined usernames or AAA, it is possible to have a login which is automatically enabled.  This is, that user has enable privileges without the need to execute the enable command.  The router's prompt is different for enabled mode, ending with a # rather than a >.

Example: add autoenable * {1}

Default: 0

zero, meaning that the user is not automatically enabled and should execute the enable command to gain enable privileges, unless negated by the noenable directive or \-noenable command\-line option.
"

Regards.


________________________________
From: michael at maymann.org<mailto:michael at maymann.org>
Date: Fri, 9 Mar 2012 12:23:24 +0100
To: rancid-discuss at shrubbery.net<mailto:rancid-discuss at shrubbery.net>
Subject: Re: [rancid] Cisco ASA+WLC script


Hi,

Daniel+DenyIPAnyAny: Thanks for your quick reply :) !

1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't see any in 2.3.8 either - how do I get wlogin ?
I'm doing this because I have some equipment that rancid doesn't support, that I also need backed-up (and don't know expect that well). So just created a little wrapper around Rancid to perfect things for me.

2. How do you backup your ASA's ?
nothing is wrong with my .clogin:
---
add method * ssh
#add method * telnet
add user * USR
add password * {PWD} {enable_PWD}
add autoenable * {1}
---
works fine, logging in and trying to run command(s) and exits - but doesn't enter enable mode and therefore can't run commands like "more system:running-config" that is working fine manually logging in to enable mode:
-bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more system:running-config" HOST
HOST
spawn ssh -c 3des -x -l admin HOST
USR at HOST's password:
Type help or '?' for a list of available commands.
HOST>
HOST> terminal length 0
           ^
ERROR: % Invalid input detected at '^' marker.
HOST>  more system:running-config
          ^
ERROR: % Invalid input detected at '^' marker.
HOST>exit

Logoff

Connection to HOST closed.


Thanks in advance :-) !

~maymann
2012/3/9 Deny IP Any Any <denyipanyany at gmail.com<mailto:denyipanyany at gmail.com>>
I backup several Cisco ASAs without issue; with your symptoms, usually
the problem is with your .clogin file (specifically either the
autologin option)

2012/3/8 Michael Maymann <michael at maymann.org<mailto:michael at maymann.org>>:
> Hi List,
>
> I am trying to configure scheduled backups of my Cisco ASAs and WLCs.
> I am currently trying to use clogin. Login is successful, but it never
> enters enable/configure mode - and therefore is not able to run the desired
> commands/retrieve all the necessary information (it tries to though !).
> Can't paste my .clogin, as I'm at home currently. But everything
> (password/enable_password) is ok there ! (I am running this already on my HP
> Switches)
>
> just after login and before it should enter enable/configure mode, it tries
> to execute the command (from within clogin - not something I told it to...):
> "terminal length 0"
> but the right command for this on a ASA/WLC's is:
> "no pager" or "terminal pager 0"
>
> 1. Is there a better Xlogin that I should use ?
> 2. If clogin is the best script, where in the clogin can I fix this ?
> 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I guess
> I could just add a "; exit" or "; logout" at the end of my command, but
> where can I fix this as-well ?
>
>
> Thanks in advance :) !
> ~maymann
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net<mailto:Rancid-discuss at shrubbery.net>
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss



--
deny ip any any (4393649193 matches)


_______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net<mailto:Rancid-discuss at shrubbery.net> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net<mailto:Rancid-discuss at shrubbery.net>
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20120309/6af3fdf6/attachment.html>


More information about the Rancid-discuss mailing list