Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7898
Views
5
Helpful
4
Replies

ASA to work with RANCID

Go to solution
johnlloyd_13
Level 9
Level 9

‎01-04-2015 03:40 PM - edited ‎03-11-2019 10:17 PM

hi all,

i tried to poll one of our ASA to our RANCID server but it seems not working.

it seems only cisco routers, switches and APs are being polled.

has anyone tried RANCID to backup the config on an ASA?

 

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to johnlloyd_13

‎01-05-2015 02:30 PM

John,

On ASAs (at least before 9.2 which introduced the "auto-enable" keyword to extend the "aaa authentication" setting) you always have to enter the "enable" command after authenticating to move from user exec to enable mode.

That behavior is unlike switches and routers which allow you to drop straight into enable mode (# prompt).

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-05-2015 07:57 AM

We were using it at a previous employer to backup all our network devices, including several ASAs.

I believe you need to tweak the .cloginrc file to tell RANCID to use "term pager 0" for ASAs (vs. the standard "term len 0" for switches and routers)

I'd also double check your enable login for the ASA in the RANCID config.

Go to solution
johnlloyd_13
Level 9
Level 9
In response to Marvin Rhoads

‎01-05-2015 02:22 PM

hi marvin,

thanks for this info! guess i have to ask our server guy.

we're using AAA. what do you mean by "enable login" for the ASA?

 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to johnlloyd_13

‎01-05-2015 02:30 PM

John,

On ASAs (at least before 9.2 which introduced the "auto-enable" keyword to extend the "aaa authentication" setting) you always have to enter the "enable" command after authenticating to move from user exec to enable mode.

That behavior is unlike switches and routers which allow you to drop straight into enable mode (# prompt).

0 Helpful

Go to solution
johnlloyd_13
Level 9
Level 9
In response to Marvin Rhoads

‎01-05-2015 04:09 PM

Marvin,

 

Thanks! Let me try that command before asking our server guy.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card