It's ok any help is appreciated.

I gave the latest script a shot and it didnt even launch. saved it as a py file extension and then it just flashed for a second then disappeared.

Yes, definitely one IP to test on one router. Once I get it working I will then do a list. 

Just clicking on on the script from desktop. 

What does that command do?  Is that setting the  debug level on router?

I have python 2.7.13 

I didn't know you can run py script via cli on cisco..?

Sorry i meant via your laptop cli. As you'll activate debug you need to keep your window open to copy then and paste here the result. 

Hi Guys, nice topic.

Sorry, I don't wanna hijack the discussion but there's a similar demand I've been working on. In my case it's a switch assessment, but the idea is more or less the same (and also using telnet)...(and this subject is also new to me)...

Francesco,

I ran the script you shared (thanks for that!). The only lib I had to install was pexpect. Btw, I'm running CentOS in a VM on my laptop.. there are a lot less issues related to lib compatibility...

For my test I replaced all command lines sent to the devices to just:

output = tn.write("show version\r\n")

print(output)

However, it looks like it didn't run successfully. Following the logs:

[root@localhost flavio]# python test3.py
Username: admin
Password:
list or ip: list
Path and filename: /home/flavio/Devices.txt
Telnet(10.0.0.1,23): recv '\xff\xfb\x01\xff\xfb\x03\xff\xfd\x18\xff\xfd\x1f'
Telnet(10.0.0.1,23): IAC WILL 1
Telnet(10.0.0.1,23): IAC WILL 3
Telnet(10.0.0.1,23): IAC DO 24
Telnet(10.0.0.1,23): IAC DO 31
Telnet(10.0.0.1,23): recv '\r\nUser Access Verification\r\n\r\nUsername: '
Telnet(10.0.0.1,23): send 'admin\r\n'
PASS
Telnet(10.0.0.1,23): recv '\xff\xfc\x01\xff\xfc\x03\xff\xfe\x18\xff\xfe\x1f'
Telnet(10.0.0.1,23): IAC WONT 1
Telnet(10.0.0.1,23): IAC WONT 3
Telnet(10.0.0.1,23): IAC DONT 24
Telnet(10.0.0.1,23): IAC DONT 31
Telnet(10.0.0.1,23): recv 'admin'
Telnet(10.0.0.1,23): recv '\r\nPassword: '
Telnet(10.0.0.1,23): send 'C1sc0123\r\n'
Telnet(10.0.0.1,23): send 'show version\r\n'
None

I was able to get it working using netlib, with the attached script..It does a "show version" and stores the output in a txt file with the switch ip as the file name... The problem is that for most switches it works fine, but for some other it doesn't bring any output(if I access the switch manually, it returns the information fine), that's why I'm also trying telnetlib.... also authentication fails when I try to access tacacs managed devices, but I workaround this issue by sending authentication as commands (in another script)...

Thanks.

Hm... it worked when I replaced the "show version" by:

tn.write("conf t\r\n")
time.sleep(2)
tn.write("hostname R1\n")
time.sleep(2)
tn.write("end\n")
time.sleep(2)
tn.write("wr mem\n")

Logs attached.

To apply the commands it's working fine. Any help on how to extract configuration?

Thanks

It works, thank you very much Francesco! You helped a lot!

I made some adjustments to reflect my needs, follows the script attached for reference.

The next step I need to do is somehow parse the txt files created with each switch config and then determine if on each switch port, a given feature is enable(for instance portsecurity, dhcp snooping, etc)... Do you think Pexpect can help on this matter or do you know any other library that could help? The idea is to import a list of IPs and extract (in csv, txt, or any other readable format) a summary report... sth like:

switch1:

 interface fa0/1: feature 1:OK, feature 2: Disabled

 interface fa0/2: feature 1:OK, feature 2: Disabled

 ....

switch2:

 interface fa0/1: feature 1:OK, feature 2: OK

 interface fa0/2: feature 1:OK, feature 2: OK

 ....

...and so on and so fourth.

ps: Just a side note..if I'm not wrong, on the  main function, in the ip option, it was passing "iprtr", while the function cmd_ip expects  just "ip".

Thanks.

hm..I found ciscoconfparse library. I believe this is exactly what I need.

https://github.com/mpenning/ciscoconfparse

Hi

Happy that helped you.

If that helped, please select as validated answer and helpful.

The link from github was 1 of the methode I was gonna to answer you.

The other method would be to do the same thing and compare everything. But more complex than using a library already existing.

Hi!

Sorry I have been out on business and was unable to get back to you.

So during one of my testing is that it did configure in global config mode the aaa

but it did not configure it for line con0 or aux

I am thinking the prompt changed from global config to line config and that may have something to do with it but I havent tested since.

I will get back to you this week.