From peterjackson1610 at gmail.com Fri Mar 2 22:04:48 2012 From: peterjackson1610 at gmail.com (Peter Jackson) Date: Fri, 2 Mar 2012 17:04:48 -0500 Subject: [rancid] Palo Alto Networks Firewalls Support Message-ID: I saw one post from 2008 about Palo Alto Networks firewalls. Has anyone gotten RANCID to work with them? I've spent two days now and I'm not getting very far. I got palogin to work (re-worked clogin) and commands are sent to the firewall, but parancid (re-worked rancid) doesn't seem to like the prompt. The default prompt is username at hostname. RANCID doesn't appear to care about the @ but I'm not 100% on that. I'll try again next week. Have a nice weekend! -------------- next part -------------- An HTML attachment was scrubbed... URL: From gfong at cafepress.com Mon Mar 5 11:07:14 2012 From: gfong at cafepress.com (Gilbert Fong) Date: Mon, 5 Mar 2012 11:07:14 +0000 Subject: [rancid] getting flooded with false config change notice Message-ID: <64A81C8A3C3889498D8BE653E28F513B32B78B@ca1-2k8-mail01.corp.cafepress.com> Help!! I made some config changes to my switches (one week ago) and I have been getting the same message every hour about the same change that was made a week back. What happened? Thanks Gilbert --------------------------------------------------------------------------------------------------------------------- OUTPUT BELOW OUTPUT BELOW OUTPUT BELOW --------------------------------------------------------------------------------------------------------------------- Index: configs/swi-acs01 =================================================================== retrieving revision 1.41 diff -U 4 -r1.41 swi-acs01 @@ -38,20 +38,19 @@ !Variable: Config Download !Variable: via DHCP: disabled (next boot: disabled) ! !Flash: Directory of flash:/ - !Flash: 2 -rwx 5 Aug 24 2011 15:51:53 -04:00 private-config.text !Flash: 3 -rwx 9771282 Mar 17 2011 20:22:09 -04:00 c2960-lanbasek9-mz.122-55.SE1.bin - !Flash: 7 drwx 192 Feb 28 1993 19:07:24 -05:00 c2960-lanbase-mz.122-35.SE5 - !Flash: 626 -rwx 7521 Aug 24 2011 15:51:53 -04:00 config.text - !Flash: 32514048 bytes total (14395904 bytes free) + !Flash: 626 -rwx 1921 Mar 5 2012 05:19:32 -05:00 private-config.text + !Flash: 627 -rwx 7573 Mar 5 2012 05:19:32 -05:00 config.text + !Flash: 32514048 bytes total (22727680 bytes free) ! !Flash: nvram: Directory of nvram:/ - !Flash: nvram: 55 -rw- 7521 startup-config - !Flash: nvram: 56 ---- 5 private-config + !Flash: nvram: 55 -rw- 7573 startup-config + !Flash: nvram: 56 ---- 1921 private-config !Flash: nvram: 1 ---- 35 persistent-data !Flash: nvram: 2 -rw- 0 ifIndex-table - !Flash: nvram: 65536 bytes total (55910 bytes free) + !Flash: nvram: 65536 bytes total (53942 bytes free) ! !NAME: "1", DESCR: "WS-C2960G-48TC-L" !PID: WS-C2960G-48TC-L !VID: V03 @@ -154,18 +153,19 @@ ! aaa new-model ! aaa authentication login default group radius local - aaa authentication login CONSOLE none aaa authorization exec default group radius if-authenticated - aaa authorization exec CONSOLE none aaa accounting exec default start-stop group radius ! aaa session-id common clock timezone EST -5 clock summer-time EST recurring system mtu routing 1500 ! + no ip domain-lookup + ip domain-name xxxx.zzzz.com + ! archive log config logging enable logging size 250 @@ -438,9 +438,13 @@ radius-server vsa send authentication ! line con 0 line vty 0 4 + exec-timeout 60 0 ! password + transport input ssh line vty 5 15 + exec-timeout 60 0 + transport input ssh ! ntp server 204.74.68.55 prefer end The contents of this message, together with any attachments, are intended only for the use of the individual or entity to which they are addressed and may contain information that is confidential and exempt from disclosure. If you are not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this message, or any attachment, is strictly prohibited. If you have received this message in error, please notify the original sender immediately by telephone or by return E-mail and delete this message, along with any attachments, from your computer. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From shouldbeq931 at gmail.com Tue Mar 6 08:56:33 2012 From: shouldbeq931 at gmail.com (shouldbe q931) Date: Tue, 6 Mar 2012 00:56:33 -0800 Subject: [rancid] getting flooded with false config change notice In-Reply-To: <64A81C8A3C3889498D8BE653E28F513B32B78B@ca1-2k8-mail01.corp.cafepress.com> References: <64A81C8A3C3889498D8BE653E28F513B32B78B@ca1-2k8-mail01.corp.cafepress.com> Message-ID: On Mon, Mar 5, 2012 at 3:07 AM, Gilbert Fong wrote: > Help!! > > I made some config changes to my switches (one week ago) and > > I have been getting the same message every hour about the same change that > was made a week back. > > What happened? > > > > Thanks > > Gilbert > Can you please conform what change you made Cheers From michael at maymann.org Tue Mar 6 10:14:25 2012 From: michael at maymann.org (Michael Maymann) Date: Tue, 6 Mar 2012 11:14:25 +0100 Subject: [rancid] Full scheduled automated backup of Cisco ASA55XX Message-ID: Hi List, I would like to do _FULL_ scheduled automated backups of my ASA55XX: Unfortunately it seems that Cisco doesn't provide a CLI command that does this, so I have to gather all the info from different places myself (with the risk of forgetting something/missing something if the box gets updated): https://supportforums.cisco.com/message/3578075#3578075 - Does any of you have a working script that does this already ? - Does it distribute the information to the right files and zip it, so you get easy restorable file as ASDM:Tools->Backup Configurations ? Or do I really have to purchase CiscoWorks to get this functionality (thought I had already paid more than enough - and must admid, I really didn't think scheduled backup/easy restore would be an issue for the worlds nr1 network-company...!) Thanks in advance :) ! ~maymann -------------- next part -------------- An HTML attachment was scrubbed... URL: From adam.korab at gmail.com Tue Mar 6 17:22:41 2012 From: adam.korab at gmail.com (Adam Korab) Date: Tue, 6 Mar 2012 11:22:41 -0600 Subject: [rancid] Full scheduled automated backup of Cisco ASA55XX In-Reply-To: References: Message-ID: <-2820305914742700663@unknownmsgid> What about using cron to fire off clogin to execute 'copy run tftp' ? That would preserve your VPN per shared keys and combined with the config repo within rancid, you should have everything, from full configs to serial numbers etc. --Adam On Mar 6, 2012, at 4:15 AM, Michael Maymann wrote: Hi List, I would like to do _FULL_ scheduled automated backups of my ASA55XX: Unfortunately it seems that Cisco doesn't provide a CLI command that does this, so I have to gather all the info from different places myself (with the risk of forgetting something/missing something if the box gets updated): https://supportforums.cisco.com/message/3578075#3578075 - Does any of you have a working script that does this already ? - Does it distribute the information to the right files and zip it, so you get easy restorable file as ASDM:Tools->Backup Configurations ? Or do I really have to purchase CiscoWorks to get this functionality (thought I had already paid more than enough - and must admid, I really didn't think scheduled backup/easy restore would be an issue for the worlds nr1 network-company...!) Thanks in advance :) ! ~maymann _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From me at andytownsend.co.uk Tue Mar 6 17:45:48 2012 From: me at andytownsend.co.uk (Andy Townsend) Date: Tue, 6 Mar 2012 17:45:48 +0000 Subject: [rancid] Rancid CVS Issue Message-ID: Hi, I've just installed rancid on one of my boxes following the guide here. http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid However, when I run the rancid-cvs command, I get no output. [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs [rancid at router ~]$ When as per the docs I should be getting this. [rancid at bigboy ~]$ /usr/local/rancid/bin/rancid-cvs No conflicts created by this import cvs checkout: Updating networking cvs checkout: Updating networking/configs cvs add: scheduling file `router.db' for addition cvs add: use 'cvs commit' to add this file permanently RCS file: /usr/local/rancid//var/CVS/networking/router.db,v done Checking in router.db; /usr/local/rancid//var/CVS/networking/router.db,v <-- router.db initial revision: 1.1 done CVS is already installed so no issues there, [rancid at router ~]$ rpm -qa | grep cvs cvs-1.11.22-7.el5 Just wondering if anyone had come across this or know what the next steps were? Cheers, Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at maymann.org Tue Mar 6 18:05:43 2012 From: michael at maymann.org (Michael Maymann) Date: Tue, 6 Mar 2012 19:05:43 +0100 Subject: [rancid] Full scheduled automated backup of Cisco ASA55XX In-Reply-To: <-2820305914742700663@unknownmsgid> References: <-2820305914742700663@unknownmsgid> Message-ID: Hi, Adam: thanks for your quick reply :) 1. What is "config repo within rancid" and how do I configure this...? 2. Does ASA support SCP instead of TFTP - to make the transfer secure and so I don't have to configure a otherwise unneeded TFTP-server ? 3. Will this be easy restore'able like the zip-file created from ASDM, or do I have to manually put all information into the box by hand ? Thanks in advance :) ! ~maymann 2012/3/6 Adam Korab > What about using cron to fire off clogin to execute 'copy run tftp' ? > That would preserve your VPN per shared keys and combined with the config > repo within rancid, you should have everything, from full configs to serial > numbers etc. > > --Adam > > > > > On Mar 6, 2012, at 4:15 AM, Michael Maymann wrote: > > Hi List, > > I would like to do _FULL_ scheduled automated backups of my ASA55XX: > Unfortunately it seems that Cisco doesn't provide a CLI command that does > this, so I have to gather all the info from different places myself (with > the risk of forgetting something/missing something if the box gets updated): > https://supportforums.cisco.com/message/3578075#3578075 > > - Does any of you have a working script that does this already ? > - Does it distribute the information to the right files and zip it, so you > get easy restorable file as ASDM:Tools->Backup Configurations ? > > Or do I really have to purchase CiscoWorks to get this functionality > (thought I had already paid more than enough - and must admid, I really > didn't think scheduled backup/easy restore would be an issue for the worlds > nr1 network-company...!) > > > Thanks in advance :) ! > ~maymann > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Nicolai.Langfeldt at ventelo.no Tue Mar 6 19:44:35 2012 From: Nicolai.Langfeldt at ventelo.no (Nicolai Langfeldt) Date: Tue, 6 Mar 2012 20:44:35 +0100 Subject: [rancid] Rancid CVS Issue In-Reply-To: References: Message-ID: <9083709BCF00E0468332648EF6EC3BD8010471C7B8FF@P0OSLVEXMBX01.no.ventelo.local> I expect you either forgot to update rancid.conf so that it reads: LIST_OF_GROUPS="networking" Or you already did rancid-cvs? Nicolai ________________________________________ Fra: rancid-discuss-bounces at shrubbery.net [rancid-discuss-bounces at shrubbery.net] på vegne av Andy Townsend [me at andytownsend.co.uk] Sendt: 6. mars 2012 18:45 Til: rancid-discuss at shrubbery.net Emne: [rancid] Rancid CVS Issue Hi, I've just installed rancid on one of my boxes following the guide here. http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid However, when I run the rancid-cvs command, I get no output. [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs [rancid at router ~]$ When as per the docs I should be getting this. [rancid at bigboy ~]$ /usr/local/rancid/bin/rancid-cvs No conflicts created by this import cvs checkout: Updating networking cvs checkout: Updating networking/configs cvs add: scheduling file `router.db' for addition cvs add: use 'cvs commit' to add this file permanently RCS file: /usr/local/rancid//var/CVS/networking/router.db,v done Checking in router.db; /usr/local/rancid//var/CVS/networking/router.db,v <-- router.db initial revision: 1.1 done CVS is already installed so no issues there, [rancid at router ~]$ rpm -qa | grep cvs cvs-1.11.22-7.el5 Just wondering if anyone had come across this or know what the next steps were? Cheers, Andy From me at andytownsend.co.uk Wed Mar 7 09:07:03 2012 From: me at andytownsend.co.uk (Andy Townsend) Date: Wed, 7 Mar 2012 09:07:03 +0000 Subject: [rancid] Rancid CVS Issue In-Reply-To: <9083709BCF00E0468332648EF6EC3BD8010471C7B8FF@P0OSLVEXMBX01.no.ventelo.local> References: <9083709BCF00E0468332648EF6EC3BD8010471C7B8FF@P0OSLVEXMBX01.no.ventelo.local> Message-ID: I've already got this in rancid.conf # list of rancid groups LIST_OF_GROUPS="networking" And when I run /usr/local/rancid/bin/rancid-cvs I get no output. [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs [rancid at router ~]$ [rancid at router ~]$ echo $BASEDIR [rancid at router ~]$ pwd /usr/local/rancid [rancid at router ~]$ ls -l total 60 drwxr-xr-x 2 rancid netadm 4096 Mar 6 17:26 bin drwxr-xr-x 2 rancid netadm 4096 Mar 7 09:04 etc -rw-r--r-- 1 rancid netadm 12738 Mar 6 17:22 README drwxr-xr-x 4 rancid netadm 4096 Mar 6 17:13 share drwxr-xr-x 3 rancid netadm 4096 Oct 26 21:51 tar drwxr-xr-x 5 rancid netadm 4096 Mar 6 17:21 var I believe there should be a CVS directory in there. I did install CVS after rancid so I guess that may have caused the issue. Any ideas? Thanks, Andy On 6 March 2012 19:44, Nicolai Langfeldt wrote: > I expect you either forgot to update rancid.conf so that it reads: > > LIST_OF_GROUPS="networking" > > Or you already did rancid-cvs? > > Nicolai > ________________________________________ > Fra: rancid-discuss-bounces at shrubbery.net [ > rancid-discuss-bounces at shrubbery.net] på vegne av Andy Townsend [ > me at andytownsend.co.uk] > Sendt: 6. mars 2012 18:45 > Til: rancid-discuss at shrubbery.net > Emne: [rancid] Rancid CVS Issue > > Hi, > > I've just installed rancid on one of my boxes following the guide here. > > > http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid > > However, when I run the rancid-cvs command, I get no output. > > [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs > [rancid at router ~]$ > > When as per the docs I should be getting this. > > > > > [rancid at bigboy ~]$ /usr/local/rancid/bin/rancid-cvs > No conflicts created by this import > cvs checkout: Updating networking > cvs checkout: Updating networking/configs > cvs add: scheduling file `router.db' for addition > cvs add: use 'cvs commit' to add this file permanently > RCS file: /usr/local/rancid//var/CVS/networking/router.db,v > done > Checking in router.db; > /usr/local/rancid//var/CVS/networking/router.db,v <-- router.db > initial revision: 1.1 > done > > > CVS is already installed so no issues there, > > [rancid at router ~]$ rpm -qa | grep cvs > cvs-1.11.22-7.el5 > > > Just wondering if anyone had come across this or know what the next steps > were? > > Cheers, > Andy > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Nicolai.Langfeldt at ventelo.no Wed Mar 7 09:16:35 2012 From: Nicolai.Langfeldt at ventelo.no (Nicolai Langfeldt) Date: Wed, 7 Mar 2012 10:16:35 +0100 Subject: [rancid] Rancid CVS Issue In-Reply-To: References: <9083709BCF00E0468332648EF6EC3BD8010471C7B8FF@P0OSLVEXMBX01.no.ventelo.local>, Message-ID: <9083709BCF00E0468332648EF6EC3BD8010471C7B906@P0OSLVEXMBX01.no.ventelo.local> Hei, I note that "echo $BASEDIR" is rather useless, but it's not meant to be useful in the rancid users shell. Also $BASEDIR should _not_ be quite identical to your rancid install prefix, IMHO at least it's rather messy. If you want it to be within your install prefix at least put it in a subdir such as /usr/local/rancid/backups or somesuch. Try this: - cd to the $BASEDIR as defined in rancid.conf (not quite sure if this is required, I just always do it) - rancid-cvs networking Nicolai ________________________________________ Fra: Andy Townsend [me at andytownsend.co.uk] Sendt: 7. mars 2012 10:07 Til: Nicolai Langfeldt Kopi: rancid-discuss at shrubbery.net Emne: Re: [rancid] Rancid CVS Issue I've already got this in rancid.conf # list of rancid groups LIST_OF_GROUPS="networking" And when I run /usr/local/rancid/bin/rancid-cvs I get no output. [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs [rancid at router ~]$ [rancid at router ~]$ echo $BASEDIR [rancid at router ~]$ pwd /usr/local/rancid [rancid at router ~]$ ls -l total 60 drwxr-xr-x 2 rancid netadm 4096 Mar 6 17:26 bin drwxr-xr-x 2 rancid netadm 4096 Mar 7 09:04 etc -rw-r--r-- 1 rancid netadm 12738 Mar 6 17:22 README drwxr-xr-x 4 rancid netadm 4096 Mar 6 17:13 share drwxr-xr-x 3 rancid netadm 4096 Oct 26 21:51 tar drwxr-xr-x 5 rancid netadm 4096 Mar 6 17:21 var I believe there should be a CVS directory in there. I did install CVS after rancid so I guess that may have caused the issue. Any ideas? Thanks, Andy On 6 March 2012 19:44, Nicolai Langfeldt > wrote: I expect you either forgot to update rancid.conf so that it reads: LIST_OF_GROUPS="networking" Or you already did rancid-cvs? Nicolai ________________________________________ Fra: rancid-discuss-bounces at shrubbery.net [rancid-discuss-bounces at shrubbery.net] på vegne av Andy Townsend [me at andytownsend.co.uk] Sendt: 6. mars 2012 18:45 Til: rancid-discuss at shrubbery.net Emne: [rancid] Rancid CVS Issue Hi, I've just installed rancid on one of my boxes following the guide here. http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid However, when I run the rancid-cvs command, I get no output. [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs [rancid at router ~]$ When as per the docs I should be getting this. [rancid at bigboy ~]$ /usr/local/rancid/bin/rancid-cvs No conflicts created by this import cvs checkout: Updating networking cvs checkout: Updating networking/configs cvs add: scheduling file `router.db' for addition cvs add: use 'cvs commit' to add this file permanently RCS file: /usr/local/rancid//var/CVS/networking/router.db,v done Checking in router.db; /usr/local/rancid//var/CVS/networking/router.db,v <-- router.db initial revision: 1.1 done CVS is already installed so no issues there, [rancid at router ~]$ rpm -qa | grep cvs cvs-1.11.22-7.el5 Just wondering if anyone had come across this or know what the next steps were? Cheers, Andy From egirard at focustsi.com Wed Mar 7 18:48:25 2012 From: egirard at focustsi.com (Eric Girard) Date: Wed, 7 Mar 2012 13:48:25 -0500 Subject: [rancid] Rancid CVS Issue In-Reply-To: References: <9083709BCF00E0468332648EF6EC3BD8010471C7B8FF@P0OSLVEXMBX01.no.ventelo.local> Message-ID: Andy, not sure how many changes you've made to rancid.conf, but the CVS directory in my pretty stock install is in /usr/local/rancid/var/ along with all of my group directories, not in /usr/local/rancid/ From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Andy Townsend Sent: Wednesday, March 07, 2012 4:07 AM To: Nicolai Langfeldt Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid CVS Issue I've already got this in rancid.conf # list of rancid groups LIST_OF_GROUPS="networking" And when I run /usr/local/rancid/bin/rancid-cvs I get no output. [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs [rancid at router ~]$ [rancid at router ~]$ echo $BASEDIR [rancid at router ~]$ pwd /usr/local/rancid [rancid at router ~]$ ls -l total 60 drwxr-xr-x 2 rancid netadm 4096 Mar 6 17:26 bin drwxr-xr-x 2 rancid netadm 4096 Mar 7 09:04 etc -rw-r--r-- 1 rancid netadm 12738 Mar 6 17:22 README drwxr-xr-x 4 rancid netadm 4096 Mar 6 17:13 share drwxr-xr-x 3 rancid netadm 4096 Oct 26 21:51 tar drwxr-xr-x 5 rancid netadm 4096 Mar 6 17:21 var I believe there should be a CVS directory in there. I did install CVS after rancid so I guess that may have caused the issue. Any ideas? Thanks, Andy On 6 March 2012 19:44, Nicolai Langfeldt > wrote: I expect you either forgot to update rancid.conf so that it reads: LIST_OF_GROUPS="networking" Or you already did rancid-cvs? Nicolai ________________________________________ Fra: rancid-discuss-bounces at shrubbery.net [rancid-discuss-bounces at shrubbery.net] på vegne av Andy Townsend [me at andytownsend.co.uk] Sendt: 6. mars 2012 18:45 Til: rancid-discuss at shrubbery.net Emne: [rancid] Rancid CVS Issue Hi, I've just installed rancid on one of my boxes following the guide here. http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid However, when I run the rancid-cvs command, I get no output. [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs [rancid at router ~]$ When as per the docs I should be getting this. [rancid at bigboy ~]$ /usr/local/rancid/bin/rancid-cvs No conflicts created by this import cvs checkout: Updating networking cvs checkout: Updating networking/configs cvs add: scheduling file `router.db' for addition cvs add: use 'cvs commit' to add this file permanently RCS file: /usr/local/rancid//var/CVS/networking/router.db,v done Checking in router.db; /usr/local/rancid//var/CVS/networking/router.db,v <-- router.db initial revision: 1.1 done CVS is already installed so no issues there, [rancid at router ~]$ rpm -qa | grep cvs cvs-1.11.22-7.el5 Just wondering if anyone had come across this or know what the next steps were? Cheers, Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: From me at andytownsend.co.uk Wed Mar 7 18:56:51 2012 From: me at andytownsend.co.uk (Andy Townsend) Date: Wed, 7 Mar 2012 18:56:51 +0000 Subject: [rancid] Rancid CVS Issue In-Reply-To: References: <9083709BCF00E0468332648EF6EC3BD8010471C7B8FF@P0OSLVEXMBX01.no.ventelo.local>

Message-ID: I've made very few changes apart from those mentioned in the initial install guide. Was asked for the following from someone else but it could be handy to someone else as well. I've not changed the CVS directory but its set to the following as well. ++ CVSROOT=/usr/local/rancid/var/CVS ++ export CVSROOT [rancid at router ~]$ sh -x `which rancid-cvs` + ENVFILE=/usr/local/rancid/etc/rancid.conf + '[' 0 -ge 1 ']' + . /usr/local/rancid/etc/rancid.conf ++ TERM=network ++ export TERM ++ LC_COLLATE=POSIX ++ export LC_COLLATE ++ umask 027 ++ TMPDIR=/tmp ++ export TMPDIR ++ BASEDIR=/usr/local/rancid/var ++ export BASEDIR ++ PATH=/usr/local/rancid/bin:/usr/bin:.:/bin:/usr/local/bin:/usr/bin ++ export PATH ++ CVSROOT=/usr/local/rancid/var/CVS ++ export CVSROOT ++ LOGDIR=/usr/local/rancid/var/logs ++ export LOGDIR ++ RCSSYS=cvs ++ export RCSSYS ++ FILTER_PWDS=NO ++ export FILTER_PWDS ++ NOCOMMSTR=NO ++ export NOCOMMSTR ++ LIST_OF_GROUPS=networking ++ MAILDOMAIN=@testdomain.com ++ export MAILDOMAIN + '[' '!' -d /usr/local/rancid/var ']' + cd /usr/local/rancid/var + RCSSYS=cvs + '[' cvs '!=' cvs -a cvs '!=' svn ']' + '[' cvs = cvs ']' + '[' '!' -d /usr/local/rancid/var/CVS ']' + '[' '!' -d logs ']' + '[' 0 -ge 1 ']' + '[' networking = '' ']' ++ echo networking + for GROUP in '`echo $LIST_OF_GROUPS`' + DIR=/usr/local/rancid/var/networking + '[' '!' -d /usr/local/rancid/var/networking ']' + cd /usr/local/rancid/var/networking + '[' '!' -d configs ']' + '[' '!' -f routers.all ']' + '[' '!' -f routers.down ']' + '[' '!' -f routers.up ']' + '[' '!' -f router.db ']' On 7 March 2012 18:48, Eric Girard wrote: > Andy, not sure how many changes you?ve made to rancid.conf, but the CVS > directory in my pretty stock install is in /usr/local/rancid/var/ along > with all of my group directories, not in /usr/local/rancid/**** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Andy Townsend > *Sent:* Wednesday, March 07, 2012 4:07 AM > *To:* Nicolai Langfeldt > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Rancid CVS Issue**** > > ** ** > > I've already got this in rancid.conf**** > > ** ** > > # list of rancid groups**** > > LIST_OF_GROUPS="networking"**** > > ** ** > > And when I run /usr/local/rancid/bin/rancid-cvs I get no output. **** > > ** ** > > [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs**** > > [rancid at router ~]$**** > > ** ** > > [rancid at router ~]$ echo $BASEDIR**** > > ** ** > > [rancid at router ~]$ pwd**** > > /usr/local/rancid**** > > [rancid at router ~]$ ls -l**** > > total 60**** > > drwxr-xr-x 2 rancid netadm 4096 Mar 6 17:26 bin**** > > drwxr-xr-x 2 rancid netadm 4096 Mar 7 09:04 etc**** > > -rw-r--r-- 1 rancid netadm 12738 Mar 6 17:22 README**** > > drwxr-xr-x 4 rancid netadm 4096 Mar 6 17:13 share**** > > drwxr-xr-x 3 rancid netadm 4096 Oct 26 21:51 tar**** > > drwxr-xr-x 5 rancid netadm 4096 Mar 6 17:21 var**** > > ** ** > > I believe there should be a CVS directory in there. I did install CVS > after rancid so I guess that may have caused the issue. Any ideas?**** > > ** ** > > Thanks,**** > > Andy**** > > ** ** > > ** ** > > On 6 March 2012 19:44, Nicolai Langfeldt > wrote:**** > > I expect you either forgot to update rancid.conf so that it reads: > > LIST_OF_GROUPS="networking" > > Or you already did rancid-cvs? > > Nicolai > ________________________________________ > Fra: rancid-discuss-bounces at shrubbery.net [ > rancid-discuss-bounces at shrubbery.net] på vegne av Andy Townsend [ > me at andytownsend.co.uk] > Sendt: 6. mars 2012 18:45 > Til: rancid-discuss at shrubbery.net > Emne: [rancid] Rancid CVS Issue**** > > > Hi, > > I've just installed rancid on one of my boxes following the guide here. > > > http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid > > However, when I run the rancid-cvs command, I get no output. > > [rancid at router ~]$ /usr/local/rancid/bin/rancid-cvs > [rancid at router ~]$ > > When as per the docs I should be getting this. > > > > > [rancid at bigboy ~]$ /usr/local/rancid/bin/rancid-cvs > No conflicts created by this import > cvs checkout: Updating networking > cvs checkout: Updating networking/configs > cvs add: scheduling file `router.db' for addition > cvs add: use 'cvs commit' to add this file permanently > RCS file: /usr/local/rancid//var/CVS/networking/router.db,v > done > Checking in router.db; > /usr/local/rancid//var/CVS/networking/router.db,v <-- router.db > initial revision: 1.1 > done > > > CVS is already installed so no issues there, > > [rancid at router ~]$ rpm -qa | grep cvs > cvs-1.11.22-7.el5 > > > Just wondering if anyone had come across this or know what the next steps > were? > > Cheers, > Andy**** > > ** ** > -------------- next part -------------- An HTML attachment was scrubbed... URL: From me at andytownsend.co.uk Thu Mar 8 15:30:47 2012 From: me at andytownsend.co.uk (Andy Townsend) Date: Thu, 8 Mar 2012 15:30:47 +0000 Subject: [rancid] Rancid - SSH and AD auth Message-ID: Firstly thanks to the guys who helped me previously. I've now got a copy of Rancid up and running. Currently we just use telnet and local pwd's for accessing the switches but I'm looking at changing this to SSH and AD/Radius authentication. Now from what I can see, SSH should be fine and I'm presuming the AD auth will be ok as well. As long as rancid has a domain account it can use, the username/pwd are specified in .cloginrc then it should be all ok? Just wondering if anyone has set it up like this in the past? I think it should be all ok, just wanted to double check and see if there were any major gotchas. Cheers, Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: From me_gogorza at hotmail.com Thu Mar 8 16:08:06 2012 From: me_gogorza at hotmail.com (Marito ...) Date: Thu, 8 Mar 2012 13:08:06 -0300 Subject: [rancid] Rancid - SSH and AD auth In-Reply-To: References: Message-ID: Hi Andy, We have several devices, and most of them are authenticating using TACACS (with AD integration). As you said in your post, you have to put the user/pass of the account created in AD. You have to take into account (in case of using TACACS) the privilege given to the user, as it could be needed to enable, and also configured at .cloginrc. Regards. Mario From: me at andytownsend.co.uk Date: Thu, 8 Mar 2012 15:30:47 +0000 To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid - SSH and AD auth Firstly thanks to the guys who helped me previously. I've now got a copy of Rancid up and running. Currently we just use telnet and local pwd's for accessing the switches but I'm looking at changing this to SSH and AD/Radius authentication. Now from what I can see, SSH should be fine and I'm presuming the AD auth will be ok as well. As long as rancid has a domain account it can use, the username/pwd are specified in .cloginrc then it should be all ok? Just wondering if anyone has set it up like this in the past? I think it should be all ok, just wanted to double check and see if there were any major gotchas. Cheers, Andy _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at maymann.org Thu Mar 8 21:17:09 2012 From: michael at maymann.org (Michael Maymann) Date: Thu, 8 Mar 2012 22:17:09 +0100 Subject: [rancid] Cisco ASA+WLC script Message-ID: Hi List, I am trying to configure scheduled backups of my Cisco ASAs and WLCs. I am currently trying to use clogin. Login is successful, but it never enters enable/configure mode - and therefore is not able to run the desired commands/retrieve all the necessary information (it tries to though !). Can't paste my .clogin, as I'm at home currently. But everything (password/enable_password) is ok there ! (I am running this already on my HP Switches) just after login and before it should enter enable/configure mode, it tries to execute the command (from within clogin - not something I told it to...): "*terminal* length *0*" but the right command for this on a ASA/WLC's is: "no pager" or "terminal pager 0" 1. Is there a better Xlogin that I should use ? 2. If clogin is the best script, where in the clogin can I fix this ? 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I guess I could just add a "; exit" or "; logout" at the end of my command, but where can I fix this as-well ? Thanks in advance :) ! ~maymann -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Thu Mar 8 23:23:15 2012 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 8 Mar 2012 16:23:15 -0700 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: References: Message-ID: Clogin is not for the wlc, that would be wlogin. Out of sheer curiosity, now, why again are you trying to find a way to do what rancid already does for you? *From:* rancid-discuss-bounces at shrubbery.net [mailto: rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Michael Maymann *Sent:* Thursday, March 08, 2012 2:17 PM *To:* rancid-discuss at shrubbery.net *Subject:* [rancid] Cisco ASA+WLC script Hi List, I am trying to configure scheduled backups of my Cisco ASAs and WLCs. I am currently trying to use clogin. Login is successful, but it never enters enable/configure mode - and therefore is not able to run the desired commands/retrieve all the necessary information (it tries to though !). Can't paste my .clogin, as I'm at home currently. But everything (password/enable_password) is ok there ! (I am running this already on my HP Switches) just after login and before it should enter enable/configure mode, it tries to execute the command (from within clogin - not something I told it to...): "*terminal* length *0*" but the right command for this on a ASA/WLC's is: "no pager" or "terminal pager 0" 1. Is there a better Xlogin that I should use ? 2. If clogin is the best script, where in the clogin can I fix this ? 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I guess I could just add a "; exit" or "; logout" at the end of my command, but where can I fix this as-well ? Thanks in advance :) ! ~maymann E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at maymann.org Fri Mar 9 11:23:24 2012 From: michael at maymann.org (Michael Maymann) Date: Fri, 9 Mar 2012 12:23:24 +0100 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: References:

Message-ID: Hi, Daniel+DenyIPAnyAny: Thanks for your quick reply :) ! 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't see any in 2.3.8 either - how do I get wlogin ? I'm doing this because I have some equipment that rancid doesn't support, that I also need backed-up (and don't know expect that well). So just created a little wrapper around Rancid to perfect things for me. 2. How do you backup your ASA's ? nothing is wrong with my .clogin: --- add method * ssh #add method * telnet add user * USR add password * {PWD} {enable_PWD} add autoenable * {1} --- works fine, logging in and trying to run command(s) and exits - but doesn't enter enable mode and therefore can't run commands like "more system:running-config" that is working fine manually logging in to enable mode: -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more system:running-config" HOST HOST spawn ssh -c 3des -x -l admin HOST USR at HOST's password: Type help or '?' for a list of available commands. HOST> HOST> terminal length 0 ^ ERROR: % Invalid input detected at '^' marker. HOST> more system:running-config ^ ERROR: % Invalid input detected at '^' marker. HOST>exit Logoff Connection to HOST closed. Thanks in advance :-) ! ~maymann 2012/3/9 Deny IP Any Any > I backup several Cisco ASAs without issue; with your symptoms, usually > the problem is with your .clogin file (specifically either the > autologin option) > > 2012/3/8 Michael Maymann : > > Hi List, > > > > I am trying to configure scheduled backups of my Cisco ASAs and WLCs. > > I am currently trying to use clogin. Login is successful, but it never > > enters enable/configure mode - and therefore is not able to run the > desired > > commands/retrieve all the necessary information (it tries to though !). > > Can't paste my .clogin, as I'm at home currently. But everything > > (password/enable_password) is ok there ! (I am running this already on > my HP > > Switches) > > > > just after login and before it should enter enable/configure mode, it > tries > > to execute the command (from within clogin - not something I told it > to...): > > "terminal length 0" > > but the right command for this on a ASA/WLC's is: > > "no pager" or "terminal pager 0" > > > > 1. Is there a better Xlogin that I should use ? > > 2. If clogin is the best script, where in the clogin can I fix this ? > > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I > guess > > I could just add a "; exit" or "; logout" at the end of my command, but > > where can I fix this as-well ? > > > > > > Thanks in advance :) ! > > ~maymann > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > -- > deny ip any any (4393649193 matches) > -------------- next part -------------- An HTML attachment was scrubbed... URL: From paolo at paolodemichele.it Fri Mar 9 11:18:56 2012 From: paolo at paolodemichele.it (Paolo De Michele) Date: Fri, 09 Mar 2012 12:18:56 +0100 Subject: [rancid] - problem sending mail and matching configuration Message-ID: <4F59E720.4020404@paolodemichele.it> Hi all, using rancid 2.3.8 with os ubuntu 11.04 server. I did the various configurations and are quite happy with it. My problem is that when software rancid makes a matching configuration creates a new file. What I would do is this: - create a file when the new configuration is detected ( OK ) - send me an email with the changes detected in the new configuration I failed in any way using /etc/aliases and sendmail to send a mail to an address of a royal domain. can you help me somehow? thanks in advance -------------- next part -------------- An HTML attachment was scrubbed... URL: From me_gogorza at hotmail.com Fri Mar 9 11:50:43 2012 From: me_gogorza at hotmail.com (Marito ...) Date: Fri, 9 Mar 2012 08:50:43 -0300 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: References: , , Message-ID: Hi Michael, You should set up autoenable to 0. As per Rancid .clogin help: ".B add autoenable {[01]} When using locally defined usernames or AAA, it is possible to have a login which is automatically enabled. This is, that user has enable privileges without the need to execute the enable command. The router's prompt is different for enabled mode, ending with a # rather than a >. Example: add autoenable * {1} Default: 0 zero, meaning that the user is not automatically enabled and should execute the enable command to gain enable privileges, unless negated by the noenable directive or \-noenable command\-line option. " Regards. From: michael at maymann.org Date: Fri, 9 Mar 2012 12:23:24 +0100 To: rancid-discuss at shrubbery.net Subject: Re: [rancid] Cisco ASA+WLC script Hi, Daniel+DenyIPAnyAny: Thanks for your quick reply :) ! 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't see any in 2.3.8 either - how do I get wlogin ? I'm doing this because I have some equipment that rancid doesn't support, that I also need backed-up (and don't know expect that well). So just created a little wrapper around Rancid to perfect things for me. 2. How do you backup your ASA's ? nothing is wrong with my .clogin: --- add method * ssh #add method * telnet add user * USR add password * {PWD} {enable_PWD} add autoenable * {1} --- works fine, logging in and trying to run command(s) and exits - but doesn't enter enable mode and therefore can't run commands like "more system:running-config" that is working fine manually logging in to enable mode: -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more system:running-config" HOST HOST spawn ssh -c 3des -x -l admin HOST USR at HOST's password: Type help or '?' for a list of available commands. HOST> HOST> terminal length 0 ^ ERROR: % Invalid input detected at '^' marker. HOST> more system:running-config ^ ERROR: % Invalid input detected at '^' marker. HOST>exit Logoff Connection to HOST closed. Thanks in advance :-) ! ~maymann 2012/3/9 Deny IP Any Any I backup several Cisco ASAs without issue; with your symptoms, usually the problem is with your .clogin file (specifically either the autologin option) 2012/3/8 Michael Maymann : > Hi List, > > I am trying to configure scheduled backups of my Cisco ASAs and WLCs. > I am currently trying to use clogin. Login is successful, but it never > enters enable/configure mode - and therefore is not able to run the desired > commands/retrieve all the necessary information (it tries to though !). > Can't paste my .clogin, as I'm at home currently. But everything > (password/enable_password) is ok there ! (I am running this already on my HP > Switches) > > just after login and before it should enter enable/configure mode, it tries > to execute the command (from within clogin - not something I told it to...): > "terminal length 0" > but the right command for this on a ASA/WLC's is: > "no pager" or "terminal pager 0" > > 1. Is there a better Xlogin that I should use ? > 2. If clogin is the best script, where in the clogin can I fix this ? > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I guess > I could just add a "; exit" or "; logout" at the end of my command, but > where can I fix this as-well ? > > > Thanks in advance :) ! > ~maymann > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- deny ip any any (4393649193 matches) _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at maymann.org Fri Mar 9 12:18:14 2012 From: michael at maymann.org (Michael Maymann) Date: Fri, 9 Mar 2012 13:18:14 +0100 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: References:

Message-ID: Hi, Marito: thanks, that did it for the ASA's :) ! now I have the following on my WLC's: --- -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver" HOST HOST spawn ssh -c 3des -x -l USR HOST (Cisco Controller) User: USR Password:************ (Cisco Controller) >enable Incorrect usage. Use the '?' or key to list commands. (Cisco Controller) > Error: Check your Enable passwd --- These are the non-enable-commands that I can run on the WLC: --- (Cisco Controller) >? clear Clear selected configuration elements. config Configure switch options and settings. debug Manages system debug options. help Help license Manage Software License linktest Perform a link test to a specified MAC address. logout Exit this session. Any unsaved changes are lost. ping Send ICMP echo packets to a specified IP address. mping Send Mobility echo packets to a specified mobility peer IP address. eping Send Ethernet-over-IP echo packets to a specified mobility peer IP address. reset Reset options. save Save switch configurations. show Display switch options and settings. test Test trigger commands transfer Transfer a file to or from the switch. --- How can I get this to work as it seems that "enable" command is called "config" ? Should I create a new .cloginrc_wlc for this and what would it look like ? Thanks in advance :) ! ~maymann 2012/3/9 Marito ... > Hi Michael, > > You should set up autoenable to 0. As per Rancid .clogin help: > > ".B add autoenable {[01]} > When using locally defined usernames or AAA, it is possible to have a > login which is automatically enabled. This is, that user has enable > privileges without the need to execute the enable command. The router's > prompt is different for enabled mode, ending with a # rather than a >. > > Example: add autoenable * {1} > > Default: 0 > > zero, meaning that the user is not automatically enabled and should > execute the enable command to gain enable privileges, unless negated by the > noenable directive or \-noenable command\-line option. > " > > Regards. > > > ------------------------------ > From: michael at maymann.org > Date: Fri, 9 Mar 2012 12:23:24 +0100 > To: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco ASA+WLC script > > > Hi, > > Daniel+DenyIPAnyAny: Thanks for your quick reply :) ! > > 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't see > any in 2.3.8 either - how do I get wlogin ? > I'm doing this because I have some equipment that rancid doesn't support, > that I also need backed-up (and don't know expect that well). So just > created a little wrapper around Rancid to perfect things for me. > > 2. How do you backup your ASA's ? > nothing is wrong with my .clogin: > --- > add method * ssh > #add method * telnet > add user * USR > add password * {PWD} {enable_PWD} > add autoenable * {1} > --- > works fine, logging in and trying to run command(s) and exits - but > doesn't enter enable mode and therefore can't run commands like "more > system:running-config" that is working fine manually logging in to enable > mode: > -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more > system:running-config" HOST > HOST > spawn ssh -c 3des -x -l admin HOST > USR at HOST's password: > Type help or '?' for a list of available commands. > HOST> > HOST> terminal length 0 > ^ > ERROR: % Invalid input detected at '^' marker. > HOST> more system:running-config > ^ > ERROR: % Invalid input detected at '^' marker. > HOST>exit > > Logoff > > Connection to HOST closed. > > > Thanks in advance :-) ! > > ~maymann > > 2012/3/9 Deny IP Any Any > > I backup several Cisco ASAs without issue; with your symptoms, usually > the problem is with your .clogin file (specifically either the > autologin option) > > 2012/3/8 Michael Maymann : > > Hi List, > > > > I am trying to configure scheduled backups of my Cisco ASAs and WLCs. > > I am currently trying to use clogin. Login is successful, but it never > > enters enable/configure mode - and therefore is not able to run the > desired > > commands/retrieve all the necessary information (it tries to though !). > > Can't paste my .clogin, as I'm at home currently. But everything > > (password/enable_password) is ok there ! (I am running this already on > my HP > > Switches) > > > > just after login and before it should enter enable/configure mode, it > tries > > to execute the command (from within clogin - not something I told it > to...): > > "terminal length 0" > > but the right command for this on a ASA/WLC's is: > > "no pager" or "terminal pager 0" > > > > 1. Is there a better Xlogin that I should use ? > > 2. If clogin is the best script, where in the clogin can I fix this ? > > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I > guess > > I could just add a "; exit" or "; logout" at the end of my command, but > > where can I fix this as-well ? > > > > > > Thanks in advance :) ! > > ~maymann > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > -- > deny ip any any (4393649193 matches) > > > > _______________________________________________ Rancid-discuss mailing > list Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Fri Mar 9 12:45:08 2012 From: rwest at zyedge.com (Ryan West) Date: Fri, 9 Mar 2012 12:45:08 +0000 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: References:

, Message-ID: <24E0598B-4E9E-4809-9267-0070143A72FB@zyedge.com> Do a search in the archive and you'll find the wlc script. What version are you running? Sent from handheld On Mar 9, 2012, at 7:19 AM, "Michael Maymann" > wrote: Hi, Marito: thanks, that did it for the ASA's :) ! now I have the following on my WLC's: --- -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver" HOST HOST spawn ssh -c 3des -x -l USR HOST (Cisco Controller) User: USR Password:************ (Cisco Controller) >enable Incorrect usage. Use the '?' or key to list commands. (Cisco Controller) > Error: Check your Enable passwd --- These are the non-enable-commands that I can run on the WLC: --- (Cisco Controller) >? clear Clear selected configuration elements. config Configure switch options and settings. debug Manages system debug options. help Help license Manage Software License linktest Perform a link test to a specified MAC address. logout Exit this session. Any unsaved changes are lost. ping Send ICMP echo packets to a specified IP address. mping Send Mobility echo packets to a specified mobility peer IP address. eping Send Ethernet-over-IP echo packets to a specified mobility peer IP address. reset Reset options. save Save switch configurations. show Display switch options and settings. test Test trigger commands transfer Transfer a file to or from the switch. --- How can I get this to work as it seems that "enable" command is called "config" ? Should I create a new .cloginrc_wlc for this and what would it look like ? Thanks in advance :) ! ~maymann 2012/3/9 Marito ... > Hi Michael, You should set up autoenable to 0. As per Rancid .clogin help: ".B add autoenable {[01]} When using locally defined usernames or AAA, it is possible to have a login which is automatically enabled. This is, that user has enable privileges without the need to execute the enable command. The router's prompt is different for enabled mode, ending with a # rather than a >. Example: add autoenable * {1} Default: 0 zero, meaning that the user is not automatically enabled and should execute the enable command to gain enable privileges, unless negated by the noenable directive or \-noenable command\-line option. " Regards. ________________________________ From: michael at maymann.org Date: Fri, 9 Mar 2012 12:23:24 +0100 To: rancid-discuss at shrubbery.net Subject: Re: [rancid] Cisco ASA+WLC script Hi, Daniel+DenyIPAnyAny: Thanks for your quick reply :) ! 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't see any in 2.3.8 either - how do I get wlogin ? I'm doing this because I have some equipment that rancid doesn't support, that I also need backed-up (and don't know expect that well). So just created a little wrapper around Rancid to perfect things for me. 2. How do you backup your ASA's ? nothing is wrong with my .clogin: --- add method * ssh #add method * telnet add user * USR add password * {PWD} {enable_PWD} add autoenable * {1} --- works fine, logging in and trying to run command(s) and exits - but doesn't enter enable mode and therefore can't run commands like "more system:running-config" that is working fine manually logging in to enable mode: -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more system:running-config" HOST HOST spawn ssh -c 3des -x -l admin HOST USR at HOST's password: Type help or '?' for a list of available commands. HOST> HOST> terminal length 0 ^ ERROR: % Invalid input detected at '^' marker. HOST> more system:running-config ^ ERROR: % Invalid input detected at '^' marker. HOST>exit Logoff Connection to HOST closed. Thanks in advance :-) ! ~maymann 2012/3/9 Deny IP Any Any > I backup several Cisco ASAs without issue; with your symptoms, usually the problem is with your .clogin file (specifically either the autologin option) 2012/3/8 Michael Maymann >: > Hi List, > > I am trying to configure scheduled backups of my Cisco ASAs and WLCs. > I am currently trying to use clogin. Login is successful, but it never > enters enable/configure mode - and therefore is not able to run the desired > commands/retrieve all the necessary information (it tries to though !). > Can't paste my .clogin, as I'm at home currently. But everything > (password/enable_password) is ok there ! (I am running this already on my HP > Switches) > > just after login and before it should enter enable/configure mode, it tries > to execute the command (from within clogin - not something I told it to...): > "terminal length 0" > but the right command for this on a ASA/WLC's is: > "no pager" or "terminal pager 0" > > 1. Is there a better Xlogin that I should use ? > 2. If clogin is the best script, where in the clogin can I fix this ? > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I guess > I could just add a "; exit" or "; logout" at the end of my command, but > where can I fix this as-well ? > > > Thanks in advance :) ! > ~maymann > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- deny ip any any (4393649193 matches) _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From bha.Qaqish at NITC.gov.jo Fri Mar 9 13:12:10 2012 From: bha.Qaqish at NITC.gov.jo (bha Qaqish) Date: Fri, 9 Mar 2012 15:12:10 +0200 Subject: [rancid] password Message-ID: Dear i using rancid for 2 month and i check the config from the GUI , and i found line vty 0 4 password how can i appear the password . i do not want to hide it BR BHA QAQISH From michael at maymann.org Fri Mar 9 13:20:23 2012 From: michael at maymann.org (Michael Maymann) Date: Fri, 9 Mar 2012 14:20:23 +0100 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: <24E0598B-4E9E-4809-9267-0070143A72FB@zyedge.com> References:

<24E0598B-4E9E-4809-9267-0070143A72FB@zyedge.com> Message-ID: Hi, Ryan: thanks for your reply. I'm running... Rancid: 2.3.6 WLC: 6.0.202.0 found a wlogin here: http://www.gossamer-threads.com/lists/rancid/users/4674 but I can't get it to work: -bash-3.2$ /usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c "sh cpu" HOST ": no such file or directory -bash-3.2$ /usr/libexec/rancid/wlogin -c "sh cpu" HOST ": no such file or directory Is this the one you are talking about - or is there a newer one somewhere ? Thanks in advance :-) ! ~maymann 2012/3/9 Ryan West > Do a search in the archive and you'll find the wlc script. What version > are you running? > > Sent from handheld > > On Mar 9, 2012, at 7:19 AM, "Michael Maymann" wrote: > > Hi, > > Marito: thanks, that did it for the ASA's :) ! > now I have the following on my WLC's: > --- > -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver" HOST > HOST > spawn ssh -c 3des -x -l USR HOST > > > (Cisco Controller) > User: USR > Password:************ > (Cisco Controller) >enable > > Incorrect usage. Use the '?' or key to list commands. > > (Cisco Controller) > > Error: Check your Enable passwd > --- > > These are the non-enable-commands that I can run on the WLC: > --- > (Cisco Controller) >? > > clear Clear selected configuration elements. > config Configure switch options and settings. > debug Manages system debug options. > help Help > license Manage Software License > linktest Perform a link test to a specified MAC address. > logout Exit this session. Any unsaved changes are lost. > ping Send ICMP echo packets to a specified IP address. > mping Send Mobility echo packets to a specified mobility peer IP > address. > eping Send Ethernet-over-IP echo packets to a specified mobility > peer IP address. > reset Reset options. > save Save switch configurations. > show Display switch options and settings. > test Test trigger commands > transfer Transfer a file to or from the switch. > --- > > How can I get this to work as it seems that "enable" command is called > "config" ? > Should I create a new .cloginrc_wlc for this and what would it look like ? > > > Thanks in advance :) ! > ~maymann > > > 2012/3/9 Marito ... > >> Hi Michael, >> >> You should set up autoenable to 0. As per Rancid .clogin help: >> >> ".B add autoenable {[01]} >> When using locally defined usernames or AAA, it is possible to have a >> login which is automatically enabled. This is, that user has enable >> privileges without the need to execute the enable command. The router's >> prompt is different for enabled mode, ending with a # rather than a >. >> >> Example: add autoenable * {1} >> >> Default: 0 >> >> zero, meaning that the user is not automatically enabled and should >> execute the enable command to gain enable privileges, unless negated by the >> noenable directive or \-noenable command\-line option. >> " >> >> Regards. >> >> >> ------------------------------ >> From: michael at maymann.org >> Date: Fri, 9 Mar 2012 12:23:24 +0100 >> To: rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Cisco ASA+WLC script >> >> >> Hi, >> >> Daniel+DenyIPAnyAny: Thanks for your quick reply :) ! >> >> 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't >> see any in 2.3.8 either - how do I get wlogin ? >> I'm doing this because I have some equipment that rancid doesn't support, >> that I also need backed-up (and don't know expect that well). So just >> created a little wrapper around Rancid to perfect things for me. >> >> 2. How do you backup your ASA's ? >> nothing is wrong with my .clogin: >> --- >> add method * ssh >> #add method * telnet >> add user * USR >> add password * {PWD} {enable_PWD} >> add autoenable * {1} >> --- >> works fine, logging in and trying to run command(s) and exits - but >> doesn't enter enable mode and therefore can't run commands like "more >> system:running-config" that is working fine manually logging in to enable >> mode: >> -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more >> system:running-config" HOST >> HOST >> spawn ssh -c 3des -x -l admin HOST >> USR at HOST's password: >> Type help or '?' for a list of available commands. >> HOST> >> HOST> terminal length 0 >> ^ >> ERROR: % Invalid input detected at '^' marker. >> HOST> more system:running-config >> ^ >> ERROR: % Invalid input detected at '^' marker. >> HOST>exit >> >> Logoff >> >> Connection to HOST closed. >> >> >> Thanks in advance :-) ! >> >> ~maymann >> >> 2012/3/9 Deny IP Any Any >> >> I backup several Cisco ASAs without issue; with your symptoms, usually >> the problem is with your .clogin file (specifically either the >> autologin option) >> >> 2012/3/8 Michael Maymann : >> > Hi List, >> > >> > I am trying to configure scheduled backups of my Cisco ASAs and WLCs. >> > I am currently trying to use clogin. Login is successful, but it never >> > enters enable/configure mode - and therefore is not able to run the >> desired >> > commands/retrieve all the necessary information (it tries to though !). >> > Can't paste my .clogin, as I'm at home currently. But everything >> > (password/enable_password) is ok there ! (I am running this already on >> my HP >> > Switches) >> > >> > just after login and before it should enter enable/configure mode, it >> tries >> > to execute the command (from within clogin - not something I told it >> to...): >> > "terminal length 0" >> > but the right command for this on a ASA/WLC's is: >> > "no pager" or "terminal pager 0" >> > >> > 1. Is there a better Xlogin that I should use ? >> > 2. If clogin is the best script, where in the clogin can I fix this ? >> > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I >> guess >> > I could just add a "; exit" or "; logout" at the end of my command, but >> > where can I fix this as-well ? >> > >> > >> > Thanks in advance :) ! >> > ~maymann >> > >> > _______________________________________________ >> > Rancid-discuss mailing list >> > Rancid-discuss at shrubbery.net >> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> >> >> >> -- >> deny ip any any (4393649193 matches) >> >> >> >> _______________________________________________ Rancid-discuss mailing >> list Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Fri Mar 9 13:29:35 2012 From: rwest at zyedge.com (Ryan West) Date: Fri, 9 Mar 2012 13:29:35 +0000 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: References:

<24E0598B-4E9E-4809-9267-0070143A72FB@zyedge.com>, Message-ID: Yes, that's it. I assume you set up rancid-fe and tried rancid-run -r devicename as well? Sent from handheld On Mar 9, 2012, at 8:20 AM, "Michael Maymann" > wrote: Hi, Ryan: thanks for your reply. I'm running... Rancid: 2.3.6 WLC: 6.0.202.0 found a wlogin here: http://www.gossamer-threads.com/lists/rancid/users/4674 but I can't get it to work: -bash-3.2$ /usr/libexec/rancid/wlogin -f ~/.cloginrc_cisco -c "sh cpu" HOST ": no such file or directory -bash-3.2$ /usr/libexec/rancid/wlogin -c "sh cpu" HOST ": no such file or directory Is this the one you are talking about - or is there a newer one somewhere ? Thanks in advance :-) ! ~maymann 2012/3/9 Ryan West > Do a search in the archive and you'll find the wlc script. What version are you running? Sent from handheld On Mar 9, 2012, at 7:19 AM, "Michael Maymann" > wrote: Hi, Marito: thanks, that did it for the ASA's :) ! now I have the following on my WLC's: --- -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "sh ver" HOST HOST spawn ssh -c 3des -x -l USR HOST (Cisco Controller) User: USR Password:************ (Cisco Controller) >enable Incorrect usage. Use the '?' or key to list commands. (Cisco Controller) > Error: Check your Enable passwd --- These are the non-enable-commands that I can run on the WLC: --- (Cisco Controller) >? clear Clear selected configuration elements. config Configure switch options and settings. debug Manages system debug options. help Help license Manage Software License linktest Perform a link test to a specified MAC address. logout Exit this session. Any unsaved changes are lost. ping Send ICMP echo packets to a specified IP address. mping Send Mobility echo packets to a specified mobility peer IP address. eping Send Ethernet-over-IP echo packets to a specified mobility peer IP address. reset Reset options. save Save switch configurations. show Display switch options and settings. test Test trigger commands transfer Transfer a file to or from the switch. --- How can I get this to work as it seems that "enable" command is called "config" ? Should I create a new .cloginrc_wlc for this and what would it look like ? Thanks in advance :) ! ~maymann 2012/3/9 Marito ... > Hi Michael, You should set up autoenable to 0. As per Rancid .clogin help: ".B add autoenable {[01]} When using locally defined usernames or AAA, it is possible to have a login which is automatically enabled. This is, that user has enable privileges without the need to execute the enable command. The router's prompt is different for enabled mode, ending with a # rather than a >. Example: add autoenable * {1} Default: 0 zero, meaning that the user is not automatically enabled and should execute the enable command to gain enable privileges, unless negated by the noenable directive or \-noenable command\-line option. " Regards. ________________________________ From: michael at maymann.org Date: Fri, 9 Mar 2012 12:23:24 +0100 To: rancid-discuss at shrubbery.net Subject: Re: [rancid] Cisco ASA+WLC script Hi, Daniel+DenyIPAnyAny: Thanks for your quick reply :) ! 1. I'm running rancid 2.3.6... don't have any wlogin anywhere... can't see any in 2.3.8 either - how do I get wlogin ? I'm doing this because I have some equipment that rancid doesn't support, that I also need backed-up (and don't know expect that well). So just created a little wrapper around Rancid to perfect things for me. 2. How do you backup your ASA's ? nothing is wrong with my .clogin: --- add method * ssh #add method * telnet add user * USR add password * {PWD} {enable_PWD} add autoenable * {1} --- works fine, logging in and trying to run command(s) and exits - but doesn't enter enable mode and therefore can't run commands like "more system:running-config" that is working fine manually logging in to enable mode: -bash-3.2$ /usr/libexec/rancid/clogin -f ~/.cloginrc_cisco -c "more system:running-config" HOST HOST spawn ssh -c 3des -x -l admin HOST USR at HOST's password: Type help or '?' for a list of available commands. HOST> HOST> terminal length 0 ^ ERROR: % Invalid input detected at '^' marker. HOST> more system:running-config ^ ERROR: % Invalid input detected at '^' marker. HOST>exit Logoff Connection to HOST closed. Thanks in advance :-) ! ~maymann 2012/3/9 Deny IP Any Any > I backup several Cisco ASAs without issue; with your symptoms, usually the problem is with your .clogin file (specifically either the autologin option) 2012/3/8 Michael Maymann >: > Hi List, > > I am trying to configure scheduled backups of my Cisco ASAs and WLCs. > I am currently trying to use clogin. Login is successful, but it never > enters enable/configure mode - and therefore is not able to run the desired > commands/retrieve all the necessary information (it tries to though !). > Can't paste my .clogin, as I'm at home currently. But everything > (password/enable_password) is ok there ! (I am running this already on my HP > Switches) > > just after login and before it should enter enable/configure mode, it tries > to execute the command (from within clogin - not something I told it to...): > "terminal length 0" > but the right command for this on a ASA/WLC's is: > "no pager" or "terminal pager 0" > > 1. Is there a better Xlogin that I should use ? > 2. If clogin is the best script, where in the clogin can I fix this ? > 3. Furthermore clogin doesn't logout of my WLC's when it finishes - I guess > I could just add a "; exit" or "; logout" at the end of my command, but > where can I fix this as-well ? > > > Thanks in advance :) ! > ~maymann > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- deny ip any any (4393649193 matches) _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at maymann.org Fri Mar 9 13:38:02 2012 From: michael at maymann.org (Michael Maymann) Date: Fri, 9 Mar 2012 14:38:02 +0100 Subject: [rancid] Cisco ASA+WLC script In-Reply-To: References: