[rancid] backup problems with new element type

Hughes, Doug Douglas.Hughes at DEShawResearch.com
Wed May 1 19:13:07 UTC 2013


Hrm.. that is odd. I'd turn on debugging with panlogin and see what it's actually trying to send. It sure does seem like it's either a bad password or a failure to match the password prompt in some way.


From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Tim Eberhard
Sent: Wednesday, May 01, 2013 12:25 PM
To: rancid-discuss at shrubbery.net
Subject: [rancid] backup problems with new element type

Rancid folks,

I've hit a wall and I was hoping you all might be able to provide some insight.

In an attempt to get some palo alto firewalls added to rancid for config backup I'm having issues with rancid properly logging in.

>From the logs I see this for all the firewalls:
#
firewall1 panlogin error: Error: Check your passwd for firewall1
firewall1: missed cmd(s): show config running,set cli pager off,set cli configuration-output-format set,set cli scripting-mode on,show system info
firewall1: End of run not found
#

If I run it via CLI (sudo su - ranciduser before running it..) it completes correctly. Both are using the exact same clogin file as this works for a lot of routers and other firewalls. It's just specifically the palo alto firewalls that are failing.  Suggestions on what to check or how to debug this behavior?


#
[ranciduser at tools ~]$ /usr/local/rancid/bin/panrancid -d firewall1
executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;set cli configuration-output-format set;show system info;show config running" firewall1
line: firewall1
line: spawn ssh -c 3des -x -l ranciduser firewall1
line: Password:
line: Last login: Wed May  1 12:12:57 2013 from tools.removed.com<http://tools.removed.com>
line: ranciduser at fw1(passive)>
line: ranciduser at fw1(passive)>
line: ranciduser at fw1(passive)> set ranciduser at fw1(passive)> set cli ranciduser at fw1(passive)> set cli scripting-mode ranciduser at fw1(passive)> set cli scripting-mode on
PROMPT MATCH: ranciduser at fw1\(passive\)[#>]
HIT COMMAND:ranciduser at fw1(passive)> set ranciduser at fw1(passive)> set cli ranciduser at fw1(passive)> set cli scripting-mode ranciduser at fw1(passive)> set cli scripting-mode on
COMMAND is: set cli scripting-mode on|EatCommand
HIT COMMAND:ranciduser at fw1(passive)> set cli pager off
COMMAND is: set cli pager off|EatCommand
HIT COMMAND:ranciduser at fw1(passive)> set cli configuration-output-format set
COMMAND is: set cli configuration-output-format set|EatCommand
HIT COMMAND:ranciduser at fw1(passive)> show system info
COMMAND is: show system info|ShowInfo
    In ShowInfo:: ranciduser at fw1(passive)> show system info
HIT COMMAND:ranciduser at fw1(passive)> show config running
COMMAND is: show config running|ShowConfig
    In ShowConfig: ranciduser at fw1(passive)> show config running
line:
exiting
#


Thanks for your help!
-Tim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130501/80c5f019/attachment.html>


More information about the Rancid-discuss mailing list