Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Config changes on multiple remote devices

Hello, we have many different devices which we would like to make bulk changes on. Currently we use RANCID for configuration backups. We are thinking of using RANCID's use of expect scripts to do these changes. Some remote sites require accessing one device via its public IP address and then accessing the internal devices through there. This requires a lot of extra configuration in RANCID, however. And we will need to add many devices that aren't currently in RANCID for these changes.

So, my question is, does anyone have any ideas of tools that can make bulk changes to routers and switches with this type of scenario? The main issue here are the network devices that are only available behind one Internet-facing device.

Thanks in advance for any and all ideas!

  • Network Management

Re: Config changes on multiple remote devices

No matter what tool you will use, that tool needs access to the devices behind the one with public IP address. From your explanation, I assume that Rancid (or the new tool) is located somewhere remote and the connection to the devices that has to be managed is done over Internet.

In this conditions, I would suggest that at least temporary to configure static NAT inside on the device with public IP address and to forward some ports to the devices behind it. E.g. for ssh connection

port 22 - remain for device with public IP

port 2221 forward through NAT - 1st device with private IP behind the device with public one

port 2222 forward through NAT - 2nd device with private IP behind the device with public one

and so on...

If you have problems with NAT configuration let us know.

Even is you have a Cisco tool, like CiscoWorks, and configure the devices with private IP address with SNMP to reach the CiscoWorks system, this will not know how to get back to those devices. So, again back to NAT.

If this helps please rate!

This widget could not be displayed.