User command / chat might do the trick for you, or create a management interface for the contexts and back them as normal firewalls.

-ryan

From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Jiménez Fernández, Mikel
Sent: Wednesday, March 02, 2011 11:06 AM
To: rancid-***@shrubbery.net
Subject: [rancid] FWSM compatibility

Hi!

First of all, I have to say that I have read numerous of forums before asking here anything.

I want to backup Cisco FWSM 3.x and 4.x contexts configurations. Is possible with actual Rancid/Clogin ?

Actually I define a file with the commands, but when I change from admin context to fwlearning2 context, the session get "stalled", here the output.



[***@jazznetmon rancid]$ clogin -x file -u mike -p "kikoko" -e kikoko 172.24.133.40
172.24.133.40
spawn ssh -c 3des -x -l mike 172.24.133.40
***@172.24.133.40's<mailto:***@172.24.133.40's> password:
*********************************************
FWSM - FIREWALL SERVICES MODULE
Dtpo. COMUNICACIONES IBERMATICA 913849100
*********************************************
Type help or '?' for a list of available commands.
fwcat1/admin> enable
Password: ******
fwcat1/admin#
fwcat1/admin# terminal length 0
^
ERROR: % Invalid input detected at '^' marker.
fwcat1/admin# changeto context fwelearning2 -- "(stalled....)


And here the file with the commands:
[***@jazznetmon ~]$ cat file
changeto context fwelearning2
config t
sh run


I doesnŽt work to run commands inside another context...

Any ideas ?

Thanks!!



Mikel Jimenez Fernandez

Departamento de Comunicaciones

Ibermatica

Tlf: 91 384 9100 ext 7561

Camino de Hormigueras, 172

28031 MADRID

What do you want to say with "command / chat" ?



I have to use admin context and "jump" from it...



Thanks!!



________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:26
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility



User command / chat might do the trick for you, or create a management interface for the contexts and back them as normal firewalls.



-ryan



From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Jiménez Fernández, Mikel
Sent: Wednesday, March 02, 2011 11:06 AM
To: rancid-***@shrubbery.net
Subject: [rancid] FWSM compatibility



Hi!



First of all, I have to say that I have read numerous of forums before asking here anything.



I want to backup Cisco FWSM 3.x and 4.x contexts configurations. Is possible with actual Rancid/Clogin ?



Actually I define a file with the commands, but when I change from admin context to fwlearning2 context, the session get "stalled", here the output.







[***@jazznetmon rancid]$ clogin -x file -u mike -p "kikoko" -e kikoko 172.24.133.40

172.24.133.40

spawn ssh -c 3des -x -l mike 172.24.133.40

***@172.24.133.40's password:

*********************************************

FWSM - FIREWALL SERVICES MODULE

Dtpo. COMUNICACIONES IBERMATICA 913849100

*********************************************

Type help or '?' for a list of available commands.

fwcat1/admin> enable

Password: ******

fwcat1/admin#

fwcat1/admin# terminal length 0

^

ERROR: % Invalid input detected at '^' marker.

fwcat1/admin# changeto context fwelearning2 -- "(stalled....)





And here the file with the commands:

[***@jazznetmon ~]$ cat file

changeto context fwelearning2

config t

sh run





I doesnŽt work to run commands inside another context...



Any ideas ?



Thanks!!





Mikel Jimenez Fernandez

Departamento de Comunicaciones

Ibermatica

Tlf: 91 384 9100 ext 7561

Camino de Hormigueras, 172

28031 MADRID

So I have to download the source code, patch, compile and it should work ?



Thanks!



________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:43
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility



http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html



It's a small patch to clogin, but still works in 2.3.6.



-ryan



From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Wednesday, March 02, 2011 11:28 AM
To: Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility



What do you want to say with "command / chat" ?



I have to use admin context and "jump" from it...



Thanks!!



________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:26
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility



User command / chat might do the trick for you, or create a management interface for the contexts and back them as normal firewalls.



-ryan



From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Jiménez Fernández, Mikel
Sent: Wednesday, March 02, 2011 11:06 AM
To: rancid-***@shrubbery.net
Subject: [rancid] FWSM compatibility



Hi!



First of all, I have to say that I have read numerous of forums before asking here anything.



I want to backup Cisco FWSM 3.x and 4.x contexts configurations. Is possible with actual Rancid/Clogin ?



Actually I define a file with the commands, but when I change from admin context to fwlearning2 context, the session get "stalled", here the output.







[***@jazznetmon rancid]$ clogin -x file -u mike -p "kikoko" -e kikoko 172.24.133.40

172.24.133.40

spawn ssh -c 3des -x -l mike 172.24.133.40

***@172.24.133.40's password:

*********************************************

FWSM - FIREWALL SERVICES MODULE

Dtpo. COMUNICACIONES IBERMATICA 913849100

*********************************************

Type help or '?' for a list of available commands.

fwcat1/admin> enable

Password: ******

fwcat1/admin#

fwcat1/admin# terminal length 0

^

ERROR: % Invalid input detected at '^' marker.

fwcat1/admin# changeto context fwelearning2 -- "(stalled....)





And here the file with the commands:

[***@jazznetmon ~]$ cat file

changeto context fwelearning2

config t

sh run





I doesnŽt work to run commands inside another context...



Any ideas ?



Thanks!!





Mikel Jimenez Fernandez

Departamento de Comunicaciones

Ibermatica

Tlf: 91 384 9100 ext 7561

Camino de Hormigueras, 172

28031 MADRID

Hello,

I have succesfully patched but I have some questions...

My intention is to login like a typical Cisco device and inside it, run commands (usercmd_chat may be...) but the login mode, what should be ?

I have to do "enable" and type the password... I can not use the "ssh" method ?

Can I use SSH method and then call usercmd-chat or what is the recomendation ?
In the patch example I can see "add usercmd host {ssh} {-t} {-p 1234} {command ?¿?}" but what happen with password and "enable ?

Thanks and I hope I will solve it with your help guys!!

Thanks in advance.

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 18:03
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility



Just edit clogin in the bin directory to add the patch.

-ryan

From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Wednesday, March 02, 2011 11:57 AM
To: Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility

So I have to download the source code, patch, compile and it should work ?

Thanks!

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:43
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html

It's a small patch to clogin, but still works in 2.3.6.

-ryan

From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Wednesday, March 02, 2011 11:28 AM
To: Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility

What do you want to say with "command / chat" ?

I have to use admin context and "jump" from it...

Thanks!!

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:26
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

User command / chat might do the trick for you, or create a management interface for the contexts and back them as normal firewalls.

-ryan

From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Jiménez Fernández, Mikel
Sent: Wednesday, March 02, 2011 11:06 AM
To: rancid-***@shrubbery.net
Subject: [rancid] FWSM compatibility

Hi!

First of all, I have to say that I have read numerous of forums before asking here anything.

I want to backup Cisco FWSM 3.x and 4.x contexts configurations. Is possible with actual Rancid/Clogin ?

Actually I define a file with the commands, but when I change from admin context to fwlearning2 context, the session get "stalled", here the output.

[***@jazznetmon rancid]$ clogin -x file -u mike -p "kikoko" -e kikoko 172.24.133.40

172.24.133.40

spawn ssh -c 3des -x -l mike 172.24.133.40

***@172.24.133.40's password:

*********************************************

FWSM - FIREWALL SERVICES MODULE

Dtpo. COMUNICACIONES IBERMATICA 913849100

*********************************************

Type help or '?' for a list of available commands.

fwcat1/admin> enable

Password: ******

fwcat1/admin#

fwcat1/admin# terminal length 0

^

ERROR: % Invalid input detected at '^' marker.

fwcat1/admin# changeto context fwelearning2 -- "(stalled....)

And here the file with the commands:

[***@jazznetmon ~]$ cat file

changeto context fwelearning2

config t

sh run

I doesnŽt work to run commands inside another context...

Any ideas ?

Thanks!!

Mikel Jimenez Fernandez

Departamento de Comunicaciones

Ibermatica

Tlf: 91 384 9100 ext 7561

Camino de Hormigueras, 172

28031 MADRID

It works!!

add method fwbt {usercmd}
add usercmd fwbt {clogin} {-u} {mike} {-p} {pas} {-e} {pass} {172.24.133.40}
add usercmd_chat fwbt {fwcat1/admin#} {changeto context fwBT\r} {fwcat1/fwBT#} {sh run\r}

:)

And now, this is possible to integrate with Rancid for making backups ?

________________________________

De: Jiménez Fernández, Mikel
Enviado el: martes, 08 de marzo de 2011 12:21
Para: 'Ryan West'; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility


Hello,

I have succesfully patched but I have some questions...

My intention is to login like a typical Cisco device and inside it, run commands (usercmd_chat may be...) but the login mode, what should be ?

I have to do "enable" and type the password... I can not use the "ssh" method ?

Can I use SSH method and then call usercmd-chat or what is the recomendation ?
In the patch example I can see "add usercmd host {ssh} {-t} {-p 1234} {command ?¿?}" but what happen with password and "enable ?

Thanks and I hope I will solve it with your help guys!!

Thanks in advance.

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 18:03
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility



Just edit clogin in the bin directory to add the patch.

-ryan

From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Wednesday, March 02, 2011 11:57 AM
To: Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility

So I have to download the source code, patch, compile and it should work ?

Thanks!

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:43
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html

It's a small patch to clogin, but still works in 2.3.6.

-ryan

From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Wednesday, March 02, 2011 11:28 AM
To: Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility

What do you want to say with "command / chat" ?

I have to use admin context and "jump" from it...

Thanks!!

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:26
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

User command / chat might do the trick for you, or create a management interface for the contexts and back them as normal firewalls.

-ryan

From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Jiménez Fernández, Mikel
Sent: Wednesday, March 02, 2011 11:06 AM
To: rancid-***@shrubbery.net
Subject: [rancid] FWSM compatibility

Hi!

First of all, I have to say that I have read numerous of forums before asking here anything.

I want to backup Cisco FWSM 3.x and 4.x contexts configurations. Is possible with actual Rancid/Clogin ?

Actually I define a file with the commands, but when I change from admin context to fwlearning2 context, the session get "stalled", here the output.

[***@jazznetmon rancid]$ clogin -x file -u mike -p "kikoko" -e kikoko 172.24.133.40

172.24.133.40

spawn ssh -c 3des -x -l mike 172.24.133.40

***@172.24.133.40's password:

*********************************************

FWSM - FIREWALL SERVICES MODULE

Dtpo. COMUNICACIONES IBERMATICA 913849100

*********************************************

Type help or '?' for a list of available commands.

fwcat1/admin> enable

Password: ******

fwcat1/admin#

fwcat1/admin# terminal length 0

^

ERROR: % Invalid input detected at '^' marker.

fwcat1/admin# changeto context fwelearning2 -- "(stalled....)

And here the file with the commands:

[***@jazznetmon ~]$ cat file

changeto context fwelearning2

config t

sh run

I doesnŽt work to run commands inside another context...

Any ideas ?

Thanks!!

Mikel Jimenez Fernandez

Departamento de Comunicaciones

Ibermatica

Tlf: 91 384 9100 ext 7561

Camino de Hormigueras, 172

28031 MADRID

Thanks Ryan for your help!

It works great!


________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: martes, 08 de marzo de 2011 13:46
Para: Jiménez Fernández, Mikel; Ryan West; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility



Yes. I use it for a switch cluster where I only have access to the commander:

add method cust-sw2 {usercmd}

add usercmd cust-sw2 {clogin} {cust-sw1}

add usercmd_chat cust-sw2 {cust-sw1#} {rco 1\r} {cust-sw2#} {\r}

All of your normal cloginrc rules applies to cust-sw1. Once clogin sees the cust-sw2# prompt, data collection begins for that device. Router.db contains the entry for both cust-sw1:cisco:up and cust-sw2:cisco:up.

-ryan

From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Tuesday, March 08, 2011 6:47 AM
To: Jiménez Fernández, Mikel; Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility

It works!!

add method fwbt {usercmd}
add usercmd fwbt {clogin} {-u} {mike} {-p} {pas} {-e} {pass} {172.24.133.40}
add usercmd_chat fwbt {fwcat1/admin#} {changeto context fwBT\r} {fwcat1/fwBT#} {sh run\r}

:)

And now, this is possible to integrate with Rancid for making backups ?

________________________________

De: Jiménez Fernández, Mikel
Enviado el: martes, 08 de marzo de 2011 12:21
Para: 'Ryan West'; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

Hello,

I have succesfully patched but I have some questions...

My intention is to login like a typical Cisco device and inside it, run commands (usercmd_chat may be...) but the login mode, what should be ?

I have to do "enable" and type the password... I can not use the "ssh" method ?

Can I use SSH method and then call usercmd-chat or what is the recomendation ?

In the patch example I can see "add usercmd host {ssh} {-t} {-p 1234} {command ?¿?}" but what happen with password and "enable ?

Thanks and I hope I will solve it with your help guys!!

Thanks in advance.

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 18:03
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

Just edit clogin in the bin directory to add the patch.

-ryan

From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Wednesday, March 02, 2011 11:57 AM
To: Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility

So I have to download the source code, patch, compile and it should work ?

Thanks!

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:43
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

http://www.shrubbery.net/pipermail/rancid-discuss/2006-May/001490.html

It's a small patch to clogin, but still works in 2.3.6.

-ryan

From: Jiménez Fernández, Mikel [mailto:***@ibermatica.com]
Sent: Wednesday, March 02, 2011 11:28 AM
To: Ryan West; rancid-***@shrubbery.net
Subject: RE: FWSM compatibility

What do you want to say with "command / chat" ?

I have to use admin context and "jump" from it...

Thanks!!

________________________________

De: Ryan West [mailto:***@zyedge.com]
Enviado el: miércoles, 02 de marzo de 2011 17:26
Para: Jiménez Fernández, Mikel; rancid-***@shrubbery.net
Asunto: RE: FWSM compatibility

User command / chat might do the trick for you, or create a management interface for the contexts and back them as normal firewalls.

-ryan

From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Jiménez Fernández, Mikel
Sent: Wednesday, March 02, 2011 11:06 AM
To: rancid-***@shrubbery.net
Subject: [rancid] FWSM compatibility

Hi!

First of all, I have to say that I have read numerous of forums before asking here anything.

I want to backup Cisco FWSM 3.x and 4.x contexts configurations. Is possible with actual Rancid/Clogin ?

Actually I define a file with the commands, but when I change from admin context to fwlearning2 context, the session get "stalled", here the output.

[***@jazznetmon rancid]$ clogin -x file -u mike -p "kikoko" -e kikoko 172.24.133.40

172.24.133.40

spawn ssh -c 3des -x -l mike 172.24.133.40

***@172.24.133.40's password:

*********************************************

FWSM - FIREWALL SERVICES MODULE

Dtpo. COMUNICACIONES IBERMATICA 913849100

*********************************************

Type help or '?' for a list of available commands.

fwcat1/admin> enable

Password: ******

fwcat1/admin#

fwcat1/admin# terminal length 0

^

ERROR: % Invalid input detected at '^' marker.

fwcat1/admin# changeto context fwelearning2 -- "(stalled....)

And here the file with the commands:

[***@jazznetmon ~]$ cat file

changeto context fwelearning2

config t

sh run

I doesnŽt work to run commands inside another context...

Any ideas ?

Thanks!!

Mikel Jimenez Fernandez

Departamento de Comunicaciones

Ibermatica

Tlf: 91 384 9100 ext 7561

Camino de Hormigueras, 172

28031 MADRID