[rancid] Cisco ASA various troubles

Alexander Griesser AGriesser at anexia-it.com
Fri May 26 16:06:43 UTC 2017 

> > If I comment out those two lines in rancid.types.base, it works again:
> > 
> > #cisco;command;ios::DirSlotN;dir /all slavesup-bootflash:;c7600 
> > #cisco;command;ios::WriteTerm;show running-config view full;workaround 
> > for role-based CLI
> > 
> > The doesn't seem to be a separate model for Cisco ASA devices, so in my router.db, they're just flagged as "cisco" - is this correct or does this also need to be changed now?
> 
> yes; i should have separated ASA/PIX from cisco a long time ago.  maybe a future version.

That would be good, I guess :)

> > Both above mentioned commands do not work on any of my ASAs (tried several versions and platforms):
> > 
> > [...]
> all of those failures should be ignored.  are you sure that the user running rancid is allowed to run those commands? 

Yes, I did also login with my priv 15 account and issued those commands and got the same error message - nothing about command authorization error or anything along those lines, just the "invalid input detected" error.

> ie: they are unsupported, but perhaps the CLI is returning a command authorization failure error instead of invlid input?

Not as far as I can tell. I think those commands are just not valid for ASAs.
For the sake of testing, I did just spin up one of those virtual ASAs (Cisco ASAv) and have tried to run these commands there - doesn't work either:

# show running-config view full
                                          ^
ERROR: % Invalid input detected at '^' marker.
# dir /all ?

  /recursive       List files recursively
  all-filesystems  List files on all filesystems
  disk0:           Directory or file name
  flash:           Directory or file name
  system:          Directory or file name
  <cr>
# dir /all slavesup-bootflash:
                             ^
ERROR: % Invalid input detected at '^' marker.

> if not, more debug output is needed and we should take it off-list.

I would be very greatful for that - just let me know how to provide the needed debug output and where to send it to.
Thank you very much!

Best,
-Alex

More information about the Rancid-discuss mailing list