[rancid] ASA Config for Rancid

Ryan West rwest at zyedge.com
Mon Sep 11 20:56:12 UTC 2017


On Mon, Sep 11, 2017 at 16:51:34, Piegorsch, Weylin William wrote:
> Subject: [rancid] ASA Config for Rancid
> 
> Cisco question, that I’m having a devil of a time getting a Cisco answer to.
> 
> I have several ASAs – some locally connected, some connected at the far end
> of an IPSec tunnel.  In nearly all cases, I can’t get rancid to archive their
> config.  For reasons that don’t relate to the ASA (has to do with the larger
> network as a whole), I need telnet to be the first method, with SSH backup.
> But, the ASAs drop the telnet request, they don’t send a TCP RST packet.  As
> a consequence, rancid times out and considers it an unreachable device.
> 
> I’m trying to find a mechanism that doesn’t require specifying custom rancid
> configs for ASAs that are different than anything else.
> 

Try to allow telnet access from the remote network as sourced from inside and then use 'management-access inside' and you should be able to telnet to the inside address from across a VPN tunnel.

-ryan


More information about the Rancid-discuss mailing list