[rancid] Cisco ASA various troubles
Alexander Griesser
AGriesser at anexia-it.com
Mon May 29 09:02:50 UTC 2017
Hi,
slavesup-* is only valid on Cisco routers/switches I think - I'm not aware of any supervisor engines even on the bigger ASAs, so I guess this command is invalid on all ASAs.
"show running-config all" works on all my ASAs (ASAv, physical ASA, security context) - so this one seems to be good and platform independent.
Best,
Alexander Griesser
Head of Systems Operations
ANEXIA Internetdienstleistungs GmbH
E-Mail: AGriesser at anexia-it.com<mailto:AGriesser at anexia-it.com>
Web: http://www.anexia-it.com<http://www.anexia-it.com/>
Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 Klagenfurt
Geschäftsführer: Alexander Windbichler
Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601
Von: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] Im Auftrag von Doug Hughes
Gesendet: Freitag, 26. Mai 2017 21:24
An: rancid-discuss at shrubbery.net
Betreff: Re: [rancid] Cisco ASA various troubles
Doesn't work on ASA 55* here either.
However, regarding the first command, these here don't have redundant bootflash, so that first command may be valid on certain systems. I couldn't say.
For the secocnd command, I'd recommnd just: "show running-config all" on ASA.
On 5/26/2017 12:06 PM, Alexander Griesser wrote:
If I comment out those two lines in rancid.types.base, it works again:
#cisco;command;ios::DirSlotN;dir /all slavesup-bootflash:;c7600
#cisco;command;ios::WriteTerm;show running-config view full;workaround
for role-based CLI
The doesn't seem to be a separate model for Cisco ASA devices, so in my router.db, they're just flagged as "cisco" - is this correct or does this also need to be changed now?
yes; i should have separated ASA/PIX from cisco a long time ago. maybe a future version.
That would be good, I guess :)
Both above mentioned commands do not work on any of my ASAs (tried several versions and platforms):
[...]
all of those failures should be ignored. are you sure that the user running rancid is allowed to run those commands?
Yes, I did also login with my priv 15 account and issued those commands and got the same error message - nothing about command authorization error or anything along those lines, just the "invalid input detected" error.
ie: they are unsupported, but perhaps the CLI is returning a command authorization failure error instead of invlid input?
Not as far as I can tell. I think those commands are just not valid for ASAs.
For the sake of testing, I did just spin up one of those virtual ASAs (Cisco ASAv) and have tried to run these commands there - doesn't work either:
# show running-config view full
^
ERROR: % Invalid input detected at '^' marker.
# dir /all ?
/recursive List files recursively
all-filesystems List files on all filesystems
disk0: Directory or file name
flash: Directory or file name
system: Directory or file name
<cr>
# dir /all slavesup-bootflash:
^
ERROR: % Invalid input detected at '^' marker.
if not, more debug output is needed and we should take it off-list.
I would be very greatful for that - just let me know how to provide the needed debug output and where to send it to.
Thank you very much!
Best,
-Alex
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss at shrubbery.net<mailto:Rancid-discuss at shrubbery.net>
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Doug Hughes
Keystone NAP
Fairless Hills, PA
1.844.KEYBLOCK (539.2562)
[cid:image001.png at 01D2D86B.1BEB9550]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20170529/d85ac3ba/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3476 bytes
Desc: image001.png
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20170529/d85ac3ba/attachment.png>
More information about the Rancid-discuss
mailing list