Config changes on multiple remote devices

Unanswered Question
Jun 1st, 2010

Hello, we have many different devices which we would like to make bulk changes on. Currently we use RANCID for configuration backups. We are thinking of using RANCID's use of expect scripts to do these changes. Some remote sites require accessing one device via its public IP address and then accessing the internal devices through there. This requires a lot of extra configuration in RANCID, however. And we will need to add many devices that aren't currently in RANCID for these changes.


So, my question is, does anyone have any ideas of tools that can make bulk changes to routers and switches with this type of scenario? The main issue here are the network devices that are only available behind one Internet-facing device.

Thanks in advance for any and all ideas!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Calin Chiorean Tue, 06/01/2010 - 16:02

No matter what tool you will use, that tool needs access to the devices behind the one with public IP address. From your explanation, I assume that Rancid (or the new tool) is located somewhere remote and the connection to the devices that has to be managed is done over Internet.

In this conditions, I would suggest that at least temporary to configure static NAT inside on the device with public IP address and to forward some ports to the devices behind it. E.g. for ssh connection

port 22 - remain for device with public IP

port 2221 forward through NAT - 1st device with private IP behind the device with public one

port 2222 forward through NAT - 2nd device with private IP behind the device with public one

and so on...

If you have problems with NAT configuration let us know.

Even is you have a Cisco tool, like CiscoWorks, and configure the devices with private IP address with SNMP to reach the CiscoWorks system, this will not know how to get back to those devices. So, again back to NAT.

If this helps please rate!

Actions

This Discussion