cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
389
Views
0
Helpful
2
Replies

PIX and unix scripts

aafkhami
Level 1
Level 1

Hi,

I am trying to use a simple script to backup my network devices' configurations automatically. It works for all of them except our PIX 525. It uses telnet and telnet access is configured for the originating machine in the PIX.

When I run the script it can connect and login to the PIX (user level) but nothing happens after that (PIX does not accept any other command via the script). I was wondering if there is any way to fix this.

Thanks a lot,

Ali

2 Replies 2

tbissett
Level 1
Level 1

To copy the the configuration in the PIX to TFTP, you need to have enable access.

If you are worried about the security implications of your script doing enable, you can add users to the PIX local database, then set up priviledge levels, with your script user only being able to do a "write net"

Thanks for your quick reply. My problem is the fact that I cannot go to enable mode with the script or even run anything else at user level prompt. Also my intention is to copy and paste the running configuration (wri t and then copy-paste the output). I can telnet to the PIX from the unix box and go to enable mode and etc with no problem but if I do the same steps from the same machine by using a script, it does not go further than the first step (getting to user mode prompt).

And this is the script:

DATE=`date +'%y%m%d'`

TAG=$DATE

(echo "password";\

echo "term len 0";\

echo "en";\

echo "password";\

echo "wri t";\

echo "show access-lists";\

echo "exit";\

echo "q";\

sleep 30) | telnet 10.10.10.10 > /logs/conf_backup/pix.$TAG

Ali

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: