- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 06:40 PM - edited 03-05-2019 09:06 AM
Hello everyone,
Need some help with python script. I never used python before. I need to deploy tacacs config for con0 and aux line to all routers and switches.
I have Python 2.7.13 installed on my windows 7
1. I have a router I want to test it by deploying script to it via telnet. How do you suggest i do that while having this router connected to a production network? My thought is to not have any routing enabled and only configure a loop back on the router with an IP address that is routable via the production network. Best practices?
2. I have attached what i have so far scripted very rough draft. I have no idea how to deploy it with python via telnet and what the script is lacking. would i put the IP address of the router where it says "(HOST)". Can anyone give me some pointers?
Thank you!
Solved! Go to Solution.
- Labels:
-
Other Routing
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 08:47 PM
Hi,
First of all, to test on a router, let's configure its physical interface with a static IP and attach it to your switch. Let's say, you connect the physical interface to your switch port in access vlan 10 and your router will have IP 10.10.0.10 (static free IP in your vlan 10).
then you need to run the following script and it will ask:
- username
- password
- List or IP ==> If you want to run it on 1 device for test type ip or if you want to run on multiple device type list
- if your choice was list, you'll need to write the full path with the filename like /user/.../list.txt
- if your choice was ip, then just type your device IP. The telnet command seems to be ok.
Attached is the script modified a bit.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 07:41 PM
I will help you but before giving some configs i would ask some questions.
How do you connect to your router in your production environment?
Do you have a list of ip for all your routers where you want to apply those commands?
If not, how will you get ip addresses of routers? Dynamically?
I can help to build a script to read a text file containing all ip for example and running all those commands in 1 shot.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 08:13 PM - edited 09-08-2017 08:14 PM
Thank you Francesco!
How do you connect to your router in your production environment?
We have an inventory based on location (city and state) with IP of routers, switches, and accesspoints. It's basically a sharepoint site that has all this inventory. Go there then grab an IP of device in question and telnet or ssh to it. some devices are soo old they only support ssh1 - in those cases i just use telnet. So telnet would work for this script.
Do you have a list of ip for all your routers where you want to apply those commands? Yes, I can do look up in our inventory and sort by devices which i can select routers and then all the routers and their IPs will show up.I can do the same for switches and accesspoints.
If not, how will you get ip addresses of routers? Dynamically? no, I would use the above.
I can help to build a script to read a text file containing all ip for example and running all those commands in 1 shot.
SUPER COOL! I am sure i can get a text file that has all these IPs. I can probably export from sharepoint. For now, I have the one router not in production i would like to test on. My other thing is that I never have connected a router to LAN with out it doing the routing for production. In this case, I want enough connectivitiy to be able to telnet and test the script on that router but not have it routing and wrecking havoc. My thought is to just have a loop back address on their that would be routable from my layer 3 switch. - Would that work? how would you set up a test router for this instance?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 08:38 PM
Thank you Francesco!
1. ) I connect to my routers by looking up the address where the issue is or where there is a project going on sharepoint.
On share point I can get the IP of network device (router, switch, and AP). I am sure I can pull a txt or csv file out of there some how.
I usually then just use putty or secure CRT to telnet or ssh.
we have old routers that dont support ssh2 and only ssh1 in those cases I tend to telnet.
2.) I will pull the list from sharepoint. I think I can put it in explorer view and export some how.
For now, to test script I have a 2911 router unplugged and will want to connect it with enough connectivity not to impact production and just to use to test. I plan to just put a loop back address on it that is routable via the production network. no routing protocol enabled or static route. - how would you setup a test router for this instance?
thanks again!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 08:47 PM
Hi,
First of all, to test on a router, let's configure its physical interface with a static IP and attach it to your switch. Let's say, you connect the physical interface to your switch port in access vlan 10 and your router will have IP 10.10.0.10 (static free IP in your vlan 10).
then you need to run the following script and it will ask:
- username
- password
- List or IP ==> If you want to run it on 1 device for test type ip or if you want to run on multiple device type list
- if your choice was list, you'll need to write the full path with the filename like /user/.../list.txt
- if your choice was ip, then just type your device IP. The telnet command seems to be ok.
Attached is the script modified a bit.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 08:51 PM
To run the script you'll need to run the following command:
python2.7 scriptname.py
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 09:04 PM - edited 09-08-2017 09:08 PM
Are those two different scripts in one?
one for a list and one for a single IP?
or
If i am reading this correctly its for both and it will prompt me to provide a list directory or a single IP?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 09:10 PM
If a list then you need to fill in the full path+ filename otherwise and IP
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2017 09:14 PM
Wow you are friggen awesome! I will test this out maybe over the weekend if not on Monday! I am a little anxious so I will try to get into the office over the weekend.
Keep you posted
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-09-2017 06:28 PM
Hey Francesco, Does it matter what the file type is for the file with a list of all the IPs?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-09-2017 06:32 PM
It's preferable that you use a text file and all ip should be on separate lines otherwise you'll need to adapt the script on how to read this file and which value you take.
On the script i forwarded to you, i assume that you have 1 ip per line and nothing else.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-09-2017 07:05 PM
ok, I need to verify how i am going to export the inventory.
it maybe an excel spreadsheet or csv.. but in any case there will be 1 IP address per line.
How did you get so good at Python scripting? is there a course you recommend specific for network engineers?
Can you break down the not so intuitive parts for me what it is doing? I want to learn. the tn.writes is pretty intuitive that it's executing those commands on the router.
I really appreciate your help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-09-2017 07:18 PM
If you have an excel sheet, it's not a big deal to copy paste into a text file looking like:
1.1.1.1
2.2.2.2
.
.
I read some books, viewed some videos and lot of hard work to accomplish what i was trying to do. I'm not an expert but i can easily do lot of boring and manual stuff.
I know there're some Python courses on GNS3 right now with a cheap price.
You can also take a look on Cisco devnet website.
I'm in my mobile phone right now and quite complex to add notes on each line of the script.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-09-2017 07:29 PM
Thanks for your quick replies Francesco.
This is super cool so I will definetly look into the GNS courses and anything else to bring me up to speed. I really want to learn.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2017 10:58 AM
Hi Francesco,
I tried the script and it didnt work.
I noticed via term mon that the script does telnet and logs in but after that it does nothing.
I set my local credentials to privilege 15 and have an enable secret set.
I dont get prompted to type enable.I am already in exec mode.
I removed the enable line from the script but it still didnt work.
I am going to try creating a simple script and see if I can get it to work.
