[rancid] ASA Config for Rancid
Ryan West
rwest at zyedge.com
Mon Sep 11 20:56:12 UTC 2017
On Mon, Sep 11, 2017 at 16:51:34, Piegorsch, Weylin William wrote:
> Subject: [rancid] ASA Config for Rancid
>
> Cisco question, that I’m having a devil of a time getting a Cisco answer to.
>
> I have several ASAs – some locally connected, some connected at the far end
> of an IPSec tunnel. In nearly all cases, I can’t get rancid to archive their
> config. For reasons that don’t relate to the ASA (has to do with the larger
> network as a whole), I need telnet to be the first method, with SSH backup.
> But, the ASAs drop the telnet request, they don’t send a TCP RST packet. As
> a consequence, rancid times out and considers it an unreachable device.
>
> I’m trying to find a mechanism that doesn’t require specifying custom rancid
> configs for ASAs that are different than anything else.
>
Try to allow telnet access from the remote network as sourced from inside and then use 'management-access inside' and you should be able to telnet to the inside address from across a VPN tunnel.
-ryan
More information about the Rancid-discuss
mailing list