Re: basic asa ansible playbook

mkazam001 · ‎02-08-2019

Would anyone be able to provide an example of an ansible yaml file with basic cmds under asa_config module, I have managed to get the asa_command module working. Connection from control node to ASA is via SSH.

I have tried google but found nothing that works yet.

Regards

mk

balaji.bandi · ‎02-08-2019

Look some example from GIT repository (hope this help you ?)

https://techbloc.net/archives/2360

https://github.com/networklore/ansible-cisco-asa/tree/master/example-playbooks/how-to

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mkazam001 · ‎02-08-2019

Thank you Balanji, I have seen that before and I think its a little complex for a beginner.

I will post more details shortly.

Regards

balaji.bandi · ‎02-08-2019

I know bit complicate for starter, i can see the pain, But that what it is..

when i get chance over weekend, i had some notes will try to share the one i did last year.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mkazam001 · ‎02-08-2019

This is what I'm testing in GNS3, confirmed SSH access from control node to ASA & can ping via hostname.

Please let me know if you can spot anything.

root@Network Automation-1:~# cat ansible.cfg
[defaults]
hostfile = ./hosts
host_key_checking = false
timeout = 5

root@Network Automation-1:~# cat hosts

[gns3-asa]
ASA

root@Network Automation-1:~# cat asa3.yml
---
- name: testing asa playbook
hosts: ASA
gather_facts: false
connection: local

tasks:
- name: create network object
asa_config:
lines:
- conf t
- network-object host 10.80.30.18
- network-object host 10.80.30.19
parents: ['object-group network SERVERS']

register: print_output

- debug: var=print_output.stdout_lines

All the formatted messed up when I pasted that in, anyway I prompt for userame & password when I run the playbook but it doesn't seem to work.

Regards

mk

balaji.bandi · ‎02-08-2019

Hopefully you have access from you Linux to ASA(inside GNS3 ) ? is your linux node inside GNS3 ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mkazam001 · ‎02-08-2019

linux node has ssh access to asa on mgmt interface..

regards, mk

vsurresh · ‎06-04-2019

If you are using the asa_config module, conf t line is not needed. Please remove the line and try again. I followed the below Ansible guide and was able to send config commands via ssh

JesseSmith8517 · ‎07-07-2021

Hi,

Do you recall how you handled NAT on the ASA?

Regards,

Jesse Smith

mkazam001 · ‎02-12-2019

Hi Balaji,

Did you manage to find your notes?

Regards, mk

sasegha01 · ‎06-01-2019

Hi All,

I am looking for some help to prepare a script to upgrade cisco ASA.

Thanks in Advance.

Thanks

Sanjay Sehgal

jan.murin · ‎07-30-2019

Hello everyone,

I am playing around with the asa_module (ansible version 2.8.2) and I have a little problem to list the running configuration.

Everything looks fine when a full admin is logged. However when a read only admin is used, only the part until first page break is listed. Is it possible to send "enter" to the cli within the module, or somehow list full config.

This is how my playbook looks right now:

- name: show run
  asa_command:
    commands: show run
  register: run
  become: yes
  tags:
    - show_run

- debug:
    msg: "{{run.stdout[0]}}"
  tags:
    - show_run

Thanks a lot

Seb Rupik · ‎10-28-2019

(...an old post to resurrect I know, but I was searching for something and ended up here...)

Instead of trying tab through the show run output, why not remove the terminal pager. Try the following:

- name: show run
  asa_command:
    commands: 
        - terminal pager 0
        - show run
        - terminal pager 24
  register: run
  become: yes
  tags:
    - show_run

..since we passed three commands, stdout will be a three element list, so you want to view the second element:

- debug:
    msg: "{{  run.stdout[1]  }}"
  tags:
    - show_run

cheers,

Seb.