Quantcast
Channel: THWACK: Popular Discussions - Kiwi CatTools
Viewing all 21331 articles
Browse latest View live

Fortinet Fortigate Backups via TFTP

September 10, 2013, 3:46 am
$
0
0

Hi

 

I have managed to get a full back of a Fortigate firewall working using TFTP and I thought I would share how I did it with the community.

 

We have a pair of Fortigates 3600C and we run multiple VDOMs on these, this meant the default script withing Cattools didn't work for us. We also require a keystroke before logging in as well. All this meant I had to use a combination of variations and also the TFTP backup method.

 

Variations configuration

 

  • Add your devices using the "Generic.Device" type, this will allow you to use "Variations"
  • Give them a group name - it is well worth using the same group name for all Fortinets as this will allow you to apply the same variations to all devices within that "Group"
  • Fill in the rest of the device info and passwords as you would do normally
  • Go to the "variations" tab and click "use variations"
  • Go to the "prompts" tab and fill in the information as shown in the "qoutes":-

DEVICE_USERNAMEPROMPT = "login as:"

DEVICE_PASSWORDPROMPT = "password:"

DEVICE_STANDARDPROMPT = "#"

DEVICE_PRIVILEGEDPROMPT = "#"

DEVICE_CONFIGPROMPT = "(global) #"

  • Go to the "additional commands" tab and fill in the information as shown in the "qoutes":-

COMMAND_ENTERCONFIG = "configure global"

COMMAND_EXITCONFIG = "end"

  • Go to the "pre/post login" tab and fill in the information as shown in the "qoutes":-
  • NOTE: you may not need to do this if you aren't asking for a pre login key stroke.

PRE_LOGIN_MESSAGE = "(Press 'a' to accept):"

PRE_LOGIN_KEYSTROKE = "a"

  • Then click on the "group save" button as this will then save the changes to the group you specified. This will allow you to add more devices to this group and it will pre-populate the variations for you. This saves a lot of work in the future.

 

 

TFTP activity configuration

 

  • Go to activities and click add
  • Set Type to "Device.Backup.TFTP"
  • Fill in name and description
  • Set schedule under the time tab
  • Add your devices
  • Go to "Options" tab
  • Untick the "file to write to tftp server"
  • Untick the "enter commands in enable mode"
  • In the "optional alternative list of commands" section input the following:-

%ctUM: Timeout 100

%ctUM: EchoOff

config global

%ctUM: EchoOff

execute backup config tftp %ctDeviceName-Running-Config <input your IP Address>

%ctUM: EchoOff

  • If your not using the default file locations don't forget to change them, I got caught out on this. Mine look like:-

F:\CatTools2\Configs\%GroupName%\Config.Current.Running.%BaseFile%.txt

F:\CatTools2\Configs\Archives\%GroupName%\Config.Dated.Running.%BaseFile%.%DateISO%-%TimeHHMM%.txt

  • Click ok to save

 

Now run the activity to check it all works. What you will find is there is about a 5 minute delay where it shows as a busy task. Be patient as it will finish. I would recommend running this task outside of any other backups as it does take a bit longer than others.

 

Hope this helps others getting this working.

 

EDIT

 

I have updated this to change from using the command "execute backup full-config" to use "execute backup config". This is because we had an issue recently where we were unable to restore the backup taking using the "execute backup full-config" command.

Fortinet recommend using the "execute backup config" command as this just restores the configuration that has been changed.

I have now tested this on our lab device and I was able to restore the configuration successfully.

 

Cheers

 

Jay

 

Message was edited by: Jaybed --

Search

Reason (30012) Protocol version mismatch error.. Giving up after 3 connection attempts"

June 28, 2011, 4:29 am
$
0
0

Dear Sir 


 


I am new to KIWIcat tool, first time I have installed this tool to integarate with cisco asa for backup purpose. We manage around 100 cisco asa firewall and used to take manual backup. So we want to convert this process automatically with the help of kiwicat tool. However I am getting error message while take backup through tool which is listed below.


 


Reason (30012) Protocol version mismatch error.. Giving up after 3 connection attempts"


 


 


 


Could you please let me know if I have wrongly configured this or having this error due to any other reason.


 


Version of tool is 3.6.0 which I believe is latest one.


 


Please let me know if you require any other information to dig out the problem.


 


Thanks in advance

Brocade 6430 switch - Kiwi CatTools - Did not receive command prompt after connecting via SSH

December 17, 2014, 6:47 am
$
0
0


I can't figure out why this isn't working:

Scenario:SSH is configured on switch and works via SecureCRT

In Kiwi, SSH username and password is filled in.

Intital login requires username/password is selected.

For the purposes of troubleshooting, I cleared all the Prompts.  I had tried various permutations.

 

Here is the debug file.  Please help me understand what I am doing wrong....


<NEWSESSION CatTools 3.10.0 12/17/2014 9:17:56 AM>
<PROTOCOL=SSH2>
<DEVICE TYPE=Brocade.Switch>
<ACTIVITY TYPE=Device.Backup.Running Config>
<ACTIVITY SCRIPT=C:\Program Files (x86)\CatTools3\Scripts\Client.Device.Backup.Running Config.txt>
<USERS NAME FOR DEVICE=03-NO-TECH-6430-24-03-10.11.100.3>
<C OK 9:18:00 AM>
<R-9:18:00 AM>SSH@NO-TECH-6430-24-03#

================================================================================
WFMDRetVal=1 Waiting for: ">"
WFMDRetVal=3 Waiting for: "login:"
WFMDRetVal=4 Waiting for: "Password:"
WFMDBuffer="ssh@no-tech-6430-24-03#"
================================================================================

HP Procurve configuration backup using SSH problem

September 10, 2009, 6:49 am
$
0
0

Hello,

We have an HP Procurve J4903A Switch 2824 and it is integrated with RADIUS Server for authentication.
We are using Cat Tools 3.4 demo version and tried to configure the switch for configuraton backup using Method SSH2.
And using Device.Backup.Running Config  Type and SSH Username/Password are supplied. When Run the backup it shows the errors:
"Did not receive expected prompt when entering enable mode", and "Aborting: Unable to enter enable mode".

Do anybody faced this issue with SSH? Please help me to solve this problem.

Regards,

Achu

Fortigate With Vdom backup is not happening

March 31, 2010, 3:50 am
$
0
0

Hi All ,

 

I am not able to take the backup of Fortigate  which has configured on VDOM environment .

Some Fortigate's I am able to take but Vdom configuration's are missing from the Backup .

Did any one faced this issues and what was the solutions you found on Kiwi Cat tools

 

Please help thanks in advance

 

Regards

Vineeth

Linux Jump Server

September 9, 2014, 9:07 pm
$
0
0

Greetings,

 

I'm attempting to backup our devices that are accessible via a Linux server and according to the CatTools help section, sited bellow,  under "Connect via" this should be achievable:

 

For example, if your device is behind an access list, but a Linux box has access to that device, you can connect via the Linux box first, then launch a telnet or SSH session to the destination device from there.

 

So looks like this: http://i.imgur.com/IFoVOYz.png

 

And it's obvious looking at the debug log that when the back connects to the Linux server there are no issue, it's from the Linux to the Cisco device there is an issue and it appear that issue is with the ssh command it's passing:

 

-8:55:20 PM>ssh -2 -l  x.x.x.x

<R-8:55:20 PM>ssh -2 -l  x.x.x.x

<W-8:55:20 PM>[13]

<R-8:55:20 PM>[13][10]usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec][13][10]

<W-5:41:52 PM>ssh -2 -l  x.x.x.x

<R-5:41:52 PM>ssh -2 -l  x.x.x.x

<W-5:41:52 PM>[13]

 

It's attempting to use a Cisco ssh command and not a a Linux/Bash ssh syntax which looks like this username@<IP Address>

 

 

Am I missing something in the config?

 

Thanks for your suggestions.

get config command stops at --- more --- paging prompt

October 25, 2011, 6:10 am
$
0
0

Hey guys,

we have the following problem when running Kiwi Cat tool's Device.Backup.Running Config with the command  "get conf" on a Juniper Netscreen Firewall:

It always stops at the end of a page infront of the paging prompt "--- more ---"

debug log:

<W-14:26:41>ssh -2 -l root ip <R-14:26:41>ssh -2  -l root ip<W-14:26:41>[13]<R-14:26:42>[13][13][10]<R-14:26:42>root@ip's  password:  <W-14:26:42>pw[13]<R-14:26:42>[13][10]<R-14:26:43>Remote  Management Console[13][13][10]DE-MAR-GW-001->
================================================================================
WFDRetVal=0. Waiting for: "accept this agreement y/[n]"
WFDBuffer="[13][10]remote management console[13][13][10]de-mar-gw-001-> "
================================================================================
<W-14:26:46>[13]<R-14:26:46>[13][10]<R-14:26:46>[13][13][10]DE-MAR-GW-001->  <W-14:26:46>get conf<R-14:26:46>get  conf<W-14:26:46>[13]<R-14:26:46>[13][10]<R-14:26:47>get  conf[13][13][10]Total Config size 36578:[13][13][10]BEGIN  CONFIG******************************END CONFIG [13][13][10]--- more ---  <W-14:26:47>  <R-14:26:47>
================================================================================
WFMDRetVal=1 Waiting for: "--unknown keyword"
WFMDRetVal=2 Waiting for: "command not completed"
WFMDRetVal=3 Waiting for: "insufficient arguements"
WFMDRetVal=4 Waiting for: "[y]/n"
WFMDRetVal=5 Waiting for: "y/[n]"
WFMDRetVal=6 Waiting for: "--- more --- "
WFMDRetVal=7 Waiting for: "DE-MAR-GW-001->"
WFMDRetVal=8 Waiting for: "DE-MAR-GW-001->"
WFMDRetVal=9 Waiting for: "DE-MAR-GW-001("
WFMDBuffer=" "
================================================================================
<W-14:27:17>exit[13]<D 14:27:17>
<SCRIPT VALUES>
<HOSTNAME="DE-MAR-GW-001">
<PROMPT VTY="DE-MAR-GW-001->">
<PROMPT ENABLE="DE-MAR-GW-001->">
<PROMPT CONFIG="">

Does someone have an idea what could be the problem? It should run, actually, as we have other netscreen firewalls that work fine with the command get conf.

Config:

- Kiwi CatTools 3.3.17 Enterprise (Device.Backup Running Config)

- OS: Windows Server 2003

- Device: Firewall NetScreen SSG5.

I'll highly appreciate getting your quick feedback for resolving this problem.

Thank you in advance,

dash

Script for HP/H3C Switches

September 26, 2012, 12:33 am
$
0
0

Hi!

 

I'm trying to backup the config of our new HP (H3C) Switches (5120, 5800, 10500). The script I created out of the Custom.Template is not working. The prompt of the switches is "<SWITCHNAME>", not "SWITCHNAME>" as in Ciscos IOS. So the script returns the error "Did not receive expected prompt when entering Enable mode".

Has anybody managed to create a script that works with the HP H3C switches?

 

Regards, lls71

Search

Customized changes to 600+ routers

June 15, 2015, 1:36 pm
$
0
0

I need to add a static route to 600+ cisco routers, but each gateway is going to be different.  How would I accomplish that?

Telnet Username

December 21, 2009, 6:36 am
$
0
0

Hi ,

I am trying to use Cattools to back up some Cisco Switches and Routers.

The problem I am having is that the devices are set up for login local and therefore require a Username and a password. I can't seem to find anywhere in the device setup to add the username and when I run the backup job I get

"Specified Username is invaid for device (prompt: Username:)"

This is the same with both the Cisco.Router.General  and the Cisco.Switch.IOS types.

Help please !

 

Nigel

How to define login parameters for CatTools v3.4 for Cisco wlc 5508?

August 25, 2010, 12:45 pm
$
0
0

Hello,

 

I'm trying to setup new device, Cisco WLC 5508.  I'm not having success when defining the credentials under the password and prompt tabs.  For our installation, via ssh the wlc 5508 controller prompts for 3 parms:

  1) login as:

  2) user:

  3) password:

Under the password tab I have defined the credentials for #2 & #3 above to match ssh username & ssh password.  I'm not sure how to map #1 above.   Under the prompts tab I defined #2 and #3 above to Username prompt and Password prompt. 

thanks,

james

how to backup juniper srx

March 12, 2014, 6:04 am
$
0
0

How do you config cattools to backup juniper srx?

Backup APC SmartUPS Network Management Card Config

November 2, 2010, 1:33 am
$
0
0

Hi!

Is there a chance that CatTools could retrieve the config.ini of a APC SmartUPS AP9617/AP9630 Network Management Card using FTP? It would be great if someone of the development team could have a look at it.

Here's a "capture" of a FTP session:

ftp> open 10.0.0.1
Connected to 10.0.0.1.
220 AP9617 Network Management Card AOS v3.7.3 FTP server ready.
User (10.0.0.1:(none)): admin
331 User name okay, need password.
Password:
230 User logged in, proceed.
ftp> bin
200 TYPE Command okay.
ftp> hash
Hash mark printing On  ftp: (2048 bytes/hash mark) .
ftp> get config.ini
200 PORT Command okay.
150 File status okay; about to open data connection.
#######################226 Closing data connection.
ftp: 47311 bytes received in 15,25Seconds 3,10Kbytes/sec.
ftp> close
221 Thank you for using APC products!
ftp> quit

Regards, Leonardo

kiwi cattools v3.5 - trying to backup cisco wireless lan controller wlc using Device.TFTP.Upload.Config

September 13, 2010, 6:30 am
$
0
0

Hi

 

I am trying to use

kiwi cattools v3.5 - trying to backup cisco wireless lan controller wlc using Device.TFTP.Upload.Config

 

i can sucesfully logon and issue command ; eg a show tech using the send commands

i can also issue a transfer upload start script

 

what i really want though is to do a - device backup TFTP so that the script is correcly archive...

 

when i run this i get the follwoing error...

 

Client script error : Variable is undefined:'TFTPReportInfo' on line: 1472

 

does anyone know what the problem (and solution!) might be please?

 

thanks

dave

Going back from cattools professional to free edition but unable to remove the license

May 18, 2009, 3:21 pm
$
0
0

I am trying to go back to the free edition of cattools.

In the past the free edition only allowed to use 5 devices, the current free edition allows 20 devices which is sufficient for me.

In the past I purchased the professional edition of cattools, this version can no longer be purchased, its either the free or the enterprise edition.

I completely uninstalled the cattools software and manually removed the remains in the registry under: HKLM\Software\Kiwi Enterprise\Cattools

After a reboot I reinstalled the cattools free edition, which I downloaded from the website.

If I try to start the cattools manager I get the error message:

Warning! Your current software maintenance plan is not valid for this version.

Please purchase a software maintenance plan extension, or install an older version.

If you have new license details, press OK to enter them now.

After this popup I have the option to "Enter New Details" in the licenseinformation. Clearing these fields is not accepted (old license info remains intact).

It seems the license is stored somewhere outside of the installation directory or standard registry location.

I am pretty sure that I have the correct version, my download is named: CatTools-v3-Free.zip but in the zipfile the installer is: Kiwi_CatTools_3.3.17.setup.exe

I wonder if there are actually two different installers or that the difference is only determined by the enterprise licenseinformation.

Does anyone have an idea how I can remove the old expired license?

Search

Connect failed:(10060) The current connection has timeout.

July 27, 2009, 2:34 am
$
0
0
Hi,

I have configured the FW  in Kiwi cat tool to backup the run-config every sunday. Last week I was able to see the backup, but this weekedn it failed with the below error.

Connect failed:(10060) The current connection has timeout.

Thanks,
Sridhar

Backups using Groups in Cattools I only get one group?

May 11, 2015, 11:14 am
$
0
0

I'm using Cattools version 3.10 the latest I believe.  I'm backing up only a limited number of devices, less than 30 and have created three groups besides default. The groups are Firewall, Router and switch.  Since creating these groups my Dated Configs folder has only created a subfolder for Firewall but not the other two. So I only have dated history now for only the firewalls. I've poked around Cattools settings and see no way to tell a device or a group I wanted older versions saved.  Anyone have some ideas or Cattools folks what's up?

Error while unpacking program, code LP5. Please report to author.

May 11, 2011, 1:57 am
$
0
0

Kiwi Cattools is stopping after trying to execute it.  Error windows pops up with message: "Error while unpacking program, code LP5. Please report to author."

Tried to unistall and reinstall the product (Kiwi CatTools 3.4.0) without success.  CatTools has been running since years without any problems, until now.  Probably some other recently (automatic) installed application or service is the cause, but I am not able to identify; I have installed nothing new for the last weeks.

Any help or advise is appreciated... thanks

Reason (30012) Protocol version mismatch error.. Giving up after 3 connection attempts"

June 28, 2011, 4:29 am
$
0
0

Dear Sir 


 


I am new to KIWIcat tool, first time I have installed this tool to integarate with cisco asa for backup purpose. We manage around 100 cisco asa firewall and used to take manual backup. So we want to convert this process automatically with the help of kiwicat tool. However I am getting error message while take backup through tool which is listed below.


 


Reason (30012) Protocol version mismatch error.. Giving up after 3 connection attempts"


 


 


 


Could you please let me know if I have wrongly configured this or having this error due to any other reason.


 


Version of tool is 3.6.0 which I believe is latest one.


 


Please let me know if you require any other information to dig out the problem.


 


Thanks in advance

Services not STOPPING on Kiwicattools

June 14, 2011, 3:39 am
$
0
0

Hi All,

We are using Kiwicattools to take backup of all our network devices, but we are experiencing problem while accessing the tool. We are not able stop the services on our kiwicat, because of which no backup of configuration is taking place.

I have marked the button with RED on which whenever we click to stop the services we are not able to do so.

We have tried number of times to stop service by clicking the button but no luck.

Please guide us what could be done as its very critical.

 

 

Rohit Sood

Mobile: +91- 8826007797

Email : -  rohitsood@hcl.com


Viewing all 21331 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>