Are the Device Command Templates available for the Cisco ASA firewall? The existing PIX templates use the "no pager" command to disable pagination. The ASA needs "terminal pager 0" to disable pagination. So needless to say, the ASA firewalls are not currently being backed up by Cirrus. Any advice or pointer would be welcome.
We can assist you in creating a device command template for the Cisco ASA device. Please provide the following information:
Is the correct command to disable pagination "terminal pager 0"?Is the correct command to reboot the device "reload noconfirm"?Is the correct command to enter configuration mode "config terminal"?Is the correct command to exit configuration mode "quit"?Is the correct command to specify the running config "startup"? Is the correct command to specify the running config "running"?Is the correct command for downloading the config via telnet/ssh "Show ${ConfigType}"?Is the correct command for uploading the config via telnet/ssh "${EnterConfigMode}${CRLF}${ConfigText}${CRLF}${ExitConfigMode}"?Is the correct command for downloading the config via snmp "write net ${StorageAddress}:/${StorageFilename}"?Is the correct command for uploading the config via snmp "copy ${TransferProtocol}://${StorageAddress}/${StorageFilename} ${ConfigType}${CRLF}${CRLF}"?Is the correct command for erasing the config "write erase${CRLF}Yes"?Is the correct command for saving the config "write memory"?Is the correct command for version information "show version"? Please provide the Machine Type which is available in the Node Details screen within Cirrus.Please provide the System OID which is available in the Node Details screen within Cirrus.
Is the correct command to disable pagination "terminal pager 0"? YesIs the correct command to reboot the device "reload noconfirm"? YesIs the correct command to enter configuration mode "config terminal"? YesIs the correct command to exit configuration mode "quit"? YesIs the correct command to specify the running config "startup"? startup-config, but startup will workIs the correct command to specify the running config "running"? running-config but running will workIs the correct command for downloading the config via telnet/ssh "Show ${ConfigType}"? YesIs the correct command for uploading the config via telnet/ssh "${EnterConfigMode}${CRLF}${ConfigText}${CRLF}${ExitConfigMode}"? YesIs the correct command for downloading the config via snmp "write net ${StorageAddress}:/${StorageFilename}"? YesIs the correct command for uploading the config via snmp "copy ${TransferProtocol}://${StorageAddress}/${StorageFilename} ${ConfigType}${CRLF}${CRLF}"? YesIs the correct command for erasing the config "write erase${CRLF}Yes"? YesIs the correct command for saving the config "write memory"? YesIs the correct command for version information "show version"? YesPlease provide the Machine Type which is available in the Node Details screen within Cirrus. -
Cisco PIXFirewall 515 E or Cisco Adaptive Security Appliance Version 7.0(2)
Please provide the System OID which is available in the Node Details screen within Cirrus.
1.3.6.1.4.1.9.1.669 is the System OID for the ASA
1.3.6.1.4.1.9.1.451 is the System OID for PIX running 7.X software.
PIX 7.X software is dramatically different from previous versions. Both the PIX and the ASA run the new software.
I posted a modified Device Template for the Cisco ASA version 7 device in the Device Command Templates sharing zone at http://thwack.com/files/folders/cirrus_device_templates/entry21930.aspx. For the Cisco ASA device to use this template, perform the steps below:
Please let me know if this new device template works for you. Also, if the Cisco PIXFirewall 515 E device is SNMP enabled and setting the Device Command Template field to Auto Determine does not work properly or if selecting Cisco PIX Firewall 515E as the Device Command Template value does not work properly, then try selecting Cisco Adaptive Security Applicance Version 7 as the device template.
Hmmm... bombs saying it wants a RW SNMP string - how do you set that on an ASA?
Cirrus provides you the ability to connect to devices via telnet, ssh, or snmp. It looks like you currently have the "Transfer Configs Using" setting set to snmp. This setting is visible in the Node Details window. If you do not have a read/write SNMP community string defined on the ASA, then I recommend modifying the setting to either telnet or ssh, depending on the method you typically use.
Hi
We have a test version of Cirrus but are buying the full version soon. We are doing some very important testing with our ASA firewalls. We have been able to download the configs but are unable to to upload the configs back to the box due to a wrong command being entered should be "pager 0". I have downloaded the command template resource and followed the instructions given about how to implement it but the new template isn't showing up in the Device Command Template list. Any tips?
It's ok I found the solution for this thanks
Great! If you need any additional assistance, please let us know.