[rancid] Rancid 3.10 and ASA 9.14 failing?

Ryan Gelobter ryan.g at atwgpc.net
Mon May 4 23:23:32 UTC 2020 

Maybe there's an option or a patch I'm missing but I've noticed if I have
that on, rancid fails to backup because it messes with the first line it
expects when it logs in.

Regards,
Rya

On Sun, May 3, 2020 at 7:56 PM on at LEFerguson.com <on at leferguson.com> wrote:

> My apologies, I think I missed this one.  Thank you for testing.
>
>
>
> Why is "no aaa authentication login-history" needed?   I've tried it both
> ways and it still works.   While I think it's pretty moot from a practical
> standpoint, most security auditors will complain if it's off.
>
>
>
>
>
>
>
> *From:* Ryan Gelobter [mailto:ryan.g at atwgpc.net]
> *Sent:* Tuesday, April 28, 2020 12:03 AM
> *To:* on at LEFerguson.com
> *Cc:* rancid-discuss at shrubbery.net
> *Subject:* Re: [rancid] Rancid 3.10 and ASA 9.14 failing?
>
>
>
> I spun up an ASAv 9.14.1 with a brand new rancid 3.10 install and had no
> issues. I assume you know about making sure you run 'no aaa authentication
> login-history' as that's needed for 9.9 as well. I can't remember if cisco
> added that banner prompt in 9.2.
>
>
>
> Regards,
>
> Ryan
>
>
>
> On Mon, Apr 27, 2020 at 11:59 AM on at LEFerguson.com <on at leferguson.com>
> wrote:
>
> I'm on 3.10 and just upgraded an cisco 5516 asa to 9.14, and it will not
> pull from rancid giving this error:
>
>
>
> HIT COMMAND:XXXXX-ASA1# show running-config
>
>     In WriteTerm: XXXXX-ASA1# show running-config
>
> HIT COMMAND:XXXXX-ASA1# write term
>
>     In WriteTerm: XXXXX-ASA1# write term
>
> xxxxx-asa1.etsbcad.local: missed cmd(s): show redundancy secondary, show
> flash:, show running-config view full
>
>
>
> Another otherwise identically configured ASA on 9.9(2) works fine.
>
>
>
> All three of these commands work the same on 9.2 as on 9.14 (i.e. first
> and third do not exist, and show flash works). So it's something more
> subtle.
>
>
>
> I've reviewed the release notes for 3.11 and didn't see anything that may
> apply; I am a bit reluctant to upgrade as I have a lot of changes to
> scripts to retrofit and upgrading is a pretty big job.
>
>
>
> It's also remotely possible I broke this in one of my changes; again, a
> bit painful to back all changes out to tell.
>
>
>
> So… please save me a bit of time… is anyone using ASA version 9.14 with
> Rancid?   Does it work, or fail the same way?  Knowing either one will save
> me a lot of time.
>
>
>
> Thanks,
>
> Linwood
>
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at www.shrubbery.net
> https://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20200504/63564eb1/attachment.htm>

More information about the Rancid-discuss mailing list