Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

automate telnet login and excute cisco command procedures (batch)

Posted on 2004-08-26
14
Medium Priority
?
39,831 Views
Last Modified: 2012-08-13
    I have asked this question before and noone replied. So here it goes again. I have like 25-30 switchs on my network; 2950s to be exact. I need to log into each switch and copy each config over to a central repository for disaster recovery or a way to log into each switch and run some commands like mac-address-table for all ports on a particular switch. The point is i need to automate the login and excute cisco command procedures (batch the procedure). Telnet through DOS doesn't enable you to feed a password to it as far is i know. There is a program called "expect" that i guess has that capability but im short on tutorials and resources to configure the program. Has anyone done this and how?
0
Comment
Question by:Fubyou
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
  • 2
  • +4
14 Comments
 
LVL 11

Expert Comment

by:PennGwyn
ID: 11904036
We use Kermit as a scriptable console for this.

0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 11904352
You can use the advanced version of Hyperterm. It's called HyperAccess and it allows you to build scripts to automate tasks like that.

http://www.hilgraeve.com/hyperaccess/win32/index.html

-Don
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11904559
You know, I use Perl to do this sort of thing. You can install Perl on Windows. there is a module called Net::Telnet::Cisco that is written to understand Cisco prompts. I once wrote a script to tftp a bunch of configs to my machine so I could work with them, without having to take the time to do it by hand.

Of course, now I use Ciscoworks for that. But Perl is the perfect tool for your needs. Here's a script I wrote to do that. There were some quirks here, like we didn't need the enable password- they had a local user with privilege 15 (a really stupid idea). But the module above supports the enable password so that's not a problem, I've used it for other things since.

# USE -F OPTION TO READ LIST OF ROUTERS *OR*
# USE THESE INDIVIDUAL OPTIONS TO PULL AN INDIVIDUAL CONFIG:
# -h [hostname or IP]
# -p [password -optional- script will create standard station password]
# -u [username-probably "root"]
#
$username="[put a username here]"; # login name if needed
$infile="routerlist.txt"; # list of routers to read from
#
use Net::Telnet::Cisco;
use Getopt::Long;
GetOptions(
      "host=s"     =>      \$host,
      "password=s" =>      \$pass,
      "username=s" =>      \$username,
      "file"       => \$usefile,
);
if ($usefile) {
      open (LIST,"$infile") or die "Couldn't open file $infile";
      @list=<LIST>;
      foreach (@list) {
                  ($host)=split(/\s+/,$_);
                  &TELNET;
                  }
} else {
      &TELNET;
}
# End of script
      
sub TELNET {
      ($station) = $host =~/(^\w+)/;
      ($initial) = $host =~/(^\w)/;
      $pass = join '',$initial,"123",$station;
      $t = Net::Telnet::Cisco->new(
            Timeout => 10,
            Host    => $host
                  );
      $t->errmode("return");
      print "Trying $host\n";
      $t->login($username,$pass);
                  my @out=$t->cmd("copy start tftp");
                  my @out=$t->cmd("xxx.xxx.7.90");
                  my $out=$t->cmd("$station-router-confg");
                  print "downloading config...\n";
                  my $out=$t->cmd("");
                  $t->close;
}

And here a sample from "routerlist.txt"
a20-2509-router
a30-2509-router
a40-2509-router
a50-2509-router
a60-2509-router
a70-2509-router
a75-2610-router
a80-2509-router
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11904642
So if you have a single password for all your switches and you always want to work off a list, you can just specify them like so. If you don't have a username, just don't put it in $t->login. If you have multiple passwords, put them on the same line as the router name (or IP) and use the split function to grab it.

$pass="password";
$enable="enable";
$username="[put a username here]"; # login name if needed
$infile="routerlist.txt"; # list of routers to read from
#
use Net::Telnet::Cisco;
open (LIST,"$infile") or die "Couldn't open file $infile";
     @list=<LIST>;
     foreach (@list) {
               ($host)=split(/\s+/,$_);
               &TELNET;
               }
}
     
sub TELNET {
     $t = Net::Telnet::Cisco->new(
          Timeout => 10,
          Host    => $host
               );
     $t->errmode("return");
     print "Trying $host\n";
     $t->login($username,$pass);
               my @out=$t->enable($enable);
               my @out=$t->cmd("copy start tftp");
               my @out=$t->cmd("xxx.xxx.7.90");
               my $out=$t->cmd("$station-router-confg");
               print "downloading config...\n";
               my $out=$t->cmd("");
               $t->close;
}
0
 

Author Comment

by:Fubyou
ID: 11905075
mikebernhardt

Cisco Works for Windows 6.1 has the ability to automate this?? How exactlly is that.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11905963
Ciscoworks should be configured to automatcially tftp all of your device startup and running configs at regular intervals and upon changes, and archive them. You can view them any time. The Campus Manager can be used to look at MAC addresses, IPs, etc. on your switches.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11905978
The RME module does all of your config management and downloading. I don't believe it's any different on Windows or Solaris.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11906991

CiscoWorks for Windows does not have the capability to automate that function. It is in the RME portion of CiscoWorks 2000.

You can try an application like Kiwi CATtools...
http://www.kiwisyslog.com/cattools2.htm

I like 1.x version better than the 2.x version, but that's just personal preference..


0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 11907063
Well that sucks...

With perl as described above, you can get anything you want out of a router or switch. Of course, you have to learn a little perl... but if you have any scripting experience it's well worth it.  FYI, the above script pulled down 40-some-odd configs in like 5 minutes.
0
 

Author Comment

by:Fubyou
ID: 11967953
Give me a couple days to award points im going to test the perl code you left. I pretty sure that perl is the right answer. I've done alot of cool programs in perl its a very powerful scripting language.
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 2000 total points
ID: 11968132
the main thing I had trouble with was making sure that the script was giving the correct responses to the router/switch during the telnet session. the device asks questions and you have to answer them correctly. But the questions may very slightly by device and IOS version. You might do a manual session, run copy start tftp and pay attention to the questions asked to make sure the script is going to respond correctly.
0
 

Expert Comment

by:sibleyc
ID: 12059345
I've used the telnet scripting tool to get the configsfrom lots of switches and routers saved on a regular basis as you can automate it by adding it to your scheduled tasks. You can get it here
http://www.freewareweb.com/cgi-bin/archive.cgi?download=1&ID=645
Simple to use and set up but if you have any problems let me know.
0
 
LVL 1

Expert Comment

by:TroyGA
ID: 12887755
Trying out the scripting took Sibleyc and having a few probs with it.  Seems that whenever it send the text to the screen it is duplicating the text, like local echo is turned on or something.  Have you seen this happen before?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 14470995
Mikebernhardt,
Can you look here? We can use your expertise to create a telnet script for a PIX:
http://www.experts-exchange.com/Security/Firewalls/Q_21495231.html#14470973
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question