03-04-2013 02:58 AM - edited 03-07-2019 12:02 PM
Hi,
Would anybody have any experience or a good idea, how to tackle this problem ? :
- Have +300 cisco switches, each with has its own local vlans; each port configured for portsecurity/sticky/max 1
- need to change the portsecurity to max 2, but only on some vlans ( or to be more specific on vlans which belongs to one specific vrf);
I would really appreciate any good suggestion on how to automate this process;
Best Regards
Pawel
03-04-2013 03:24 AM
Assuming you don't have central management like CiscoWorks, I'd recommend executing shell/Expect scripts from a Linux box, in these steps:
This is not a fancy way, but it worked for me before. Please check all scripts as I only wrote them now without testing. Also note that there's no error checking, you have to check all data manually before executing the script.
Expect script:
#!/usr/bin/expect
set timeout 60
set host [lindex $argv 0]
set fname [lindex $argv 1]
set user [lindex $argv 2]
set password [lindex $argv 3]
spawn telnet "$host"
expect "Username:"
send "$user\n"
expect "Password: "
send "$password\n"
expect "#"
send "conf t\n"
expect "#"
set fp [open "$fname" r]
set file_data [read $fp]
set data [split $file_data "\n"]
foreach line $data {
send "interface $line\n"
expect "#"
send "port security max-mac-count 2\n"
expect "#"
}
send "end\n"
expect "#"
send "wri\n"
expect "#"
send "q\n"
expect eof
Shell script:
#!/bin/sh
for DEVICE_FILE in `ls *.txt`
do
HOST=`echo $DEVICE | cut -d "." -f 1
./myexpectscript $HOST $DEVICE_FILE $1 $2
done
03-04-2013 03:30 AM
One more thing. The script above assumes you have level 15 priveledge. If not, you need to add the enable command and its password to the Expect script.
03-04-2013 04:06 AM
Hi,
Thanks for quick replay, but the reale challenge I'm having here is to identify which ports should be reconfigured;
So, only ports which belong to a specific vlan should be changed (there is over 300 vlans which should be changed out of a few thousands other vlans);
Wath would be the best aprouch to make list of all of this switch/ports mapping?
Pawel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide