[rancid] ASA Config for Rancid

Tue Sep 12 19:16:30 UTC 2017

On Tue, Sep 12, 2017 at 15:06:20, Piegorsch, Weylin William wrote:
> 
> Thanks Ryan.  I’m unable to concretely determine a device is an ASA from it’s
> domain name, unless I populate .cloginrc with every ASA I have.  I used to do
> that, but it became cumbersome and at somepoint it was clear it would no
> longer scale.  For a while I also went down the path of having a .cloginrc-asa
> that had the ASA-specific methods and then included .cloginrc, but for similar
> manageability reasons I had to abandon that approach as well.
> 
> 
> 
> Is there a way to do that by some other means?
> 

Not sure how many devices you're supporting, but I leverage an internal only DNS view that has a location and device type with number, then you can have a catch all in your .cloginrc that identifies them -

## Firewalls connect this way
add user *fw*                   {username}
add password *fw*              {password}	{en_password}
add method *fw*                 ssh telnet
add autoenable *fw*             0

-ryan