Discussion:
[rancid] get running-config to other network
vincent
2012-01-19 12:49:28 UTC
Permalink
hello,
I can configure rancid to get him configuration of a switch with VLANs
management on another network?

this is possible?
--
vincent

+---------------------------------------------------------------------+
| GPG KeyID: 2048R/0C42E44E 2011-06-14 http://pgp.mit.edu |
| Fingerprint GPG: AFD5 80B0 22C1 DCCB A2C5 8A4B F52F 0621 0C42 E44E |
| () ascii ribbon campaign - against html e-mail |
| /\ www.asciiribbon.org - against proprietary attachments |
+---------------------------------------------------------------------+
David Rodriguez Minguela
2012-01-19 12:56:37 UTC
Permalink
Sorry I just subscribed to rancid looking for support.

-----Original Message-----
From: rancid-discuss-***@shrubbery.net
[mailto:rancid-discuss-***@shrubbery.net] On Behalf Of vincent
Sent: Thursday, January 19, 2012 8:49 AM
To: rancid-***@shrubbery.net
Subject: [rancid] get running-config to other network

hello,
I can configure rancid to get him configuration of a switch with VLANs
management on another network?

this is possible?

--
vincent

+---------------------------------------------------------------------+
| GPG KeyID: 2048R/0C42E44E 2011-06-14 http://pgp.mit.edu |
| Fingerprint GPG: AFD5 80B0 22C1 DCCB A2C5 8A4B F52F 0621 0C42 E44E |
| () ascii ribbon campaign - against html e-mail |
| /\ www.asciiribbon.org - against proprietary attachments |
+---------------------------------------------------------------------+
shouldbe q931
2012-01-19 21:36:09 UTC
Permalink
Post by vincent
hello,
I can configure rancid to get him configuration of a switch with VLANs
management on another network?
this is possible?
--
vincent
As long as you have IP connectivity to the device and it is
"supported" by rancid, then its location is irrelevant.

I use rancid to collect configurations from devices on several continents
vincent
2012-01-19 22:23:29 UTC
Permalink
Post by shouldbe q931
As long as you have IP connectivity to the device and it is
"supported" by rancid, then its location is irrelevant.
I use rancid to collect configurations from devices on several continents
is ok
but I can use a router (eg 10.10.10.0/24) on which I have connectivity
as a bridge to a switch to another network (eg 20.20.20.0/24)?
--
vincent

+---------------------------------------------------------------------+
| GPG KeyID: 2048R/0C42E44E 2011-06-14 http://pgp.mit.edu |
| Fingerprint GPG: AFD5 80B0 22C1 DCCB A2C5 8A4B F52F 0621 0C42 E44E |
| () ascii ribbon campaign - against html e-mail |
| /\ www.asciiribbon.org - against proprietary attachments |
+---------------------------------------------------------------------+
Tyler J. Wagner
2012-01-19 22:50:35 UTC
Permalink
Post by vincent
Post by shouldbe q931
As long as you have IP connectivity to the device and it is
"supported" by rancid, then its location is irrelevant.
I use rancid to collect configurations from devices on several continents
is ok
but I can use a router (eg 10.10.10.0/24) on which I have connectivity
as a bridge to a switch to another network (eg 20.20.20.0/24)?
Your question has nothing to do with RANCID.
vincent
2012-01-19 23:15:40 UTC
Permalink
Post by Tyler J. Wagner
Your question has nothing to do with RANCID.
Aaron Smith
2012-01-20 00:09:30 UTC
Permalink
- I have two separate networks: A=10.10.10.0/24 and B=20.20.20.0/24
- The hosts on network "A" do not need to communicate with hosts on
network "B"
At least one host on network "A" needs to communicate with hosts on
network "B" ;)
If the network "A" (10.10.10.0/24) I can log into the router that
divides the network, can allow rancid (with script or other method) to
perform a second authentication of network devices to the network "B"
(if: 20.20.20.1)?
I don't believe rancid supports bouncing through one router to get to
another. I suppose adding a static route on the RANCiD server to get to
network "B" might work, depending on what networks you're connected to
and what the routing/firewall policies are.
I don't have a routing problem.
This seems like a routing problem to me. Your network admins either
need to let you route through to network "B" or install a RANCiD server
in both networks.

--
@@ron
Tony Tauber
2012-01-20 13:03:25 UTC
Permalink
Actually, this question has come up before (I think even from me once)
about devices which are only reachable via some sort of gateway (e.g.
telnet from one device to another or console access via terminal server).
I haven't done it and don't have the need in my current environment but I
believe there may have been some patches or hacks devised to deal with it.

Tony
Post by Aaron Smith
- I have two separate networks: A=10.10.10.0/24 and B=20.20.20.0/24
- The hosts on network "A" do not need to communicate with hosts on
network "B"
At least one host on network "A" needs to communicate with hosts on
network "B" ;)
If the network "A" (10.10.10.0/24) I can log into the router that
divides the network, can allow rancid (with script or other method) to
perform a second authentication of network devices to the network "B"
(if: 20.20.20.1)?
I don't believe rancid supports bouncing through one router to get to
another. I suppose adding a static route on the RANCiD server to get to
network "B" might work, depending on what networks you're connected to and
what the routing/firewall policies are.
I don't have a routing problem.
This seems like a routing problem to me. Your network admins either need
to let you route through to network "B" or install a RANCiD server in both
networks.
--
@@ron
______________________________**_________________
Rancid-discuss mailing list
http://www.shrubbery.net/**mailman/listinfo.cgi/rancid-**discuss<http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss>
theodoros sarikoudis
2012-01-20 15:26:32 UTC
Permalink
I had the same problem (some years ago)
There is a solution but I cannot remember the term used for this case
:( intermediate logon or something....
Search old list archives. (if i find something I ll come back)
Actually, this question has come up before (I think even from me once) about
devices which are only reachable via some sort of gateway (e.g. telnet from
one device to another or console access via terminal server).
I haven't done it and don't have the need in my current environment but I
believe there may have been some patches or hacks devised to deal with it.
Tony
Post by Aaron Smith
  - I have two separate networks: A=10.10.10.0/24 and B=20.20.20.0/24
  - The hosts on network "A" do not need to communicate with hosts on
network "B"
At least one host on network "A" needs to communicate with hosts on
network "B" ;)
If the network "A" (10.10.10.0/24) I can log into the router that
divides the network, can allow rancid (with script or other method) to
perform a second authentication of network devices to the network "B"
(if: 20.20.20.1)?
I don't believe rancid supports bouncing through one router to get to
another.  I suppose adding a static route on the RANCiD server to get to
network "B" might work, depending on what networks you're connected to and
what the routing/firewall policies are.
I don't have a routing problem.
This seems like a routing problem to me.  Your network admins either need
to let you route through to network "B" or install a RANCiD server in both
networks.
--
@@ron
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
theodoros sarikoudis
2012-01-20 17:24:11 UTC
Permalink
found it
have a look on:
http://www.shrubbery.net/pipermail/rancid-discuss/2004-November/000905.html
Actually, this question has come up before (I think even from me once) about
devices which are only reachable via some sort of gateway (e.g. telnet from
one device to another or console access via terminal server).
I haven't done it and don't have the need in my current environment but I
believe there may have been some patches or hacks devised to deal with it.
Tony
Post by Aaron Smith
  - I have two separate networks: A=10.10.10.0/24 and B=20.20.20.0/24
  - The hosts on network "A" do not need to communicate with hosts on
network "B"
At least one host on network "A" needs to communicate with hosts on
network "B" ;)
If the network "A" (10.10.10.0/24) I can log into the router that
divides the network, can allow rancid (with script or other method) to
perform a second authentication of network devices to the network "B"
(if: 20.20.20.1)?
I don't believe rancid supports bouncing through one router to get to
another.  I suppose adding a static route on the RANCiD server to get to
network "B" might work, depending on what networks you're connected to and
what the routing/firewall policies are.
I don't have a routing problem.
This seems like a routing problem to me.  Your network admins either need
to let you route through to network "B" or install a RANCiD server in both
networks.
--
@@ron
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
vincent
2012-01-24 10:02:12 UTC
Permalink
Hi,
thanks theodoros

I have modified my version on /home/rancid/bin/clogin but don't work.

This is the diff from the original clogin file:
http://paste.debian.net/153437/

I suppose the reason is the different version of clogin

This is my .cloginrc file on /home/rancid/

add user * user
add method 10.10.10.1 telnet
add method 10.10.10.1 dssh:20.20.20.1
add password 10.10.10.1 password password
add password 20.20.20.1 password password
--
vincent

+---------------------------------------------------------------------+
| GPG KeyID: 2048R/0C42E44E 2011-06-14 http://pgp.mit.edu |
| Fingerprint GPG: AFD5 80B0 22C1 DCCB A2C5 8A4B F52F 0621 0C42 E44E |
| () ascii ribbon campaign - against html e-mail |
| /\ www.asciiribbon.org - against proprietary attachments |
+---------------------------------------------------------------------+
Continue reading on narkive:
Loading...