02-29-2008 07:07 AM
I have a router 1760 installed in a remote site with DSL, a serial link and LAN users behind it. Under normal conditions it should avoid using the DSL interface to access the Internet for security reasons. It should route all traffic via the serial link to the HQ where users have all services they need including Internet access.
This site, however, is included in our D&R plan and therefore we need that under special conditions (HQ down, for instance) I could easyly reconfigure the router to meet the requirements. I might need to change interfaces status, fw policies, routing table, etc to make the router use the DSL Internet access and allow users to surf the web and incoming mail to come trhu.
The problem is that I want any of my IT peers to do that and not all of them are proficient with Cisco administration. So I thought of some kind of script that could be automatically run when somebody logins in the router with the right account and the right password. For instance I could have all the regular administration accounts and also accounts like: "disaster-status" and "normal-status" and each of them will run the necessary commands to reconfigure the router without the user needing to write one single command... not even "enable".
I remember one Cisco course that I attended that we had a remote lab and the topology of the lab was changed just by logging in the switches with a user that automaticaly, without we interacting, changed the switch configuration (VLANS, etc.) and therefore changed the network topology.
Is this possible? any ideas?
Regards and thanks!
Alberto
02-29-2008 12:22 PM
Yeah, this sounds right up the alley for the Tcl/Tk and Expect scripting languages, Tcl/Tk for writing the interactive navigation menus, Expect for interpretting human and/or router responses, then issuing instructions and/or IOS commands accordingly.
02-29-2008 03:16 PM
Thanks for your answer,
Before posting here, I came accross this document but I wans't sure if TCL was the way to go...
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gt_tcl.html
Anyway, TCL could help be prepare the scripts I need to run in each case but, how do I build this interactive menus that you pointed out?... is there a document with examples of this?.
Thanks again,
Regards,
Alberto
03-01-2008 07:55 AM
Here is a sample:
#!/usr/local/bin/expect
set timeout 10
set name [lindex $argv 0]
set user [lindex $argv 1]
set password [lindex $argv 2]
set enable [lindex $argv 3]
spawn telnet $name
expect "*name:"
send "$user\r"
sleep 1
expect "*word:"
sleep 1
send "$password\n"
expect "*>"
sleep 1
send "enable\n"
expect "*:"
sleep 1
send "$enable\n"
expect "*#"
sleep 1
send "configure t\r"
expect "*#"
sleep 1
send "end \r"
expect "*#"
send "disable \r"
expect "*>"
send "exit\r\r\r\r"
#
# ./xxx 10.109.114.2 user exec_pass enable_pass
spawn telnet 10.109.114.2
Trying 10.109.114.2...
Connected to 10.109.114.2.
Escape character is '^]'.
*******************************************************************
******************************************
* UNAUTHORIZED ACCESS PROHIBITED *
******************************************
*******************************************************************
CCIE Sec Corporation Perimeter Cisco IOS with Firewall Feature Set
User Access Verification
Username: cciesec
Password:
CCIE Sec Corporation Perimeter Cisco IOS with Firewall Feature Set
C2621>enable
Password:
C2621#configure t
Enter configuration commands, one per line. End with CNTL/Z.
C2621(config)#end
C2621#disable
C2621>#
CCIE Security
03-01-2008 11:42 AM
There is a new feature coming in 12.4(20)T called the Embedded Menu Manager which will do what you want. This will allow you to display a menu to the user that you customize completely using an XML menu definition file. The inputs from the user are passed to TCL on the backend. This release is scheduled for June of this year.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide