RANCID module for Lantronix SLC and vSLM.

Today I finished my work on RANCID module to backup configuration of Lantronix devices (SLC and vSLM). Tomorrow I will deploy the module on production system. Here is not the right place to upload the files. I will probably send them to “rancid-discuss” email group, but do know they are reluctant to upload anything new even to ftp://ftp.shrubbery.net/pub/rancid/contrib/.

Well, now I understand how rancid works a little bit later. What I can say is I’ve never saw so cumbersome undocumented scripts (expect and perl) in my life before. That was horrible experience. Never again!

Lantronix SLC 8000 - Configuring NTP client.

Today I realized the config that I put in Lantronix SLC 8000 to sync it with NTP servers doesn’t work and here is why - I haven’t enabled NTP client properly. Working configuration looks as following:

set datetime timezone PST8PDT
set ntp localserver1 10.0.0.1
set ntp localserver2 10.0.0.2
set ntp sync poll
set ntp state enable

Order is important as well as last two command. Show command outputs should look like this:

[Lantronix-01]> show datetime
Date/Time: Wed Jun 29 11:13:21 2016
Timezone: PST8PDT
Uptime: 62 days, 19 hours, 44 minutes
[Lantronix-01]> show ntp
___Current NTP Settings________________________________________________________
NTP: enabled
Synchronize via: Poll NTP Server
Poll NTP Server: Local Server
Local Server #1: 10.0.0.1
Local Server #2: 10.0.0.2
Local Server #3: 
Public Server: 0.pool.ntp.org
Available Public Servers - NTP Pool: 0.pool.ntp.org (random)
                           Australia: ntp2.tpg.com.au (203.26.24.6)
                           Brazil: c.ntp.br (200.192.232.8)
                           Canada: time.nrc.ca (132.246.168.148)
                           China: t2.hshh.org (61.129.66.79)
                           France: ntp.duckcorp.org (193.17.192.211)
                           India: ntp.vrlsoftwaresolutions.in (119.226.101.130)
                           Russia: ntp.xland.ru (194.67.106.186)
                           UK: ntp3.tcpd.net (109.169.86.133)
                           US/Arizona: ntp1.linocomm.net (69.64.72.238)
                           US/New Jersey: tick.jrc.us (67.128.71.65)
                           US/Texas: ntp.fwwds.com (99.72.86.235)
                           Switzerland: clock.tix.ch (194.42.48.120)
Current NTP status:
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*10.0.0.1        105.109.47.100   3 u   46   64  377    0.288   -5.874   3.223
+10.0.0.2        105.109.47.100   3 u   43   64  377    0.729   12.684   4.559
 LOCAL(0)        .LOCL.          10 l    -   64    0    0.000    0.000   0.000
[Lantronix-01]>

Opengear - How to change user/root password from CLI. [SOLVED]

Here is a real example - I got a SSH access to my remote terminal concentrator and wanted to change password for root user from CLI. It is possible to do according to the official recommendation, this method you can use for root or any other user.

Check the FW version (the latest one):

# cat /etc/version
OpenGear/CM41xx Version 3.15.2 0de50f6e --  Thu Apr 30 14:17:14 EST 2015
#

Get the current user configuration (there was only root user configured):

#  /bin/config --get=config.users
config.users.total 1
config.users.user1.description Root User
config.users.user1.groups.total 6
config.users.user1.password_nvflash on
config.users.user1.username root
#

Then change the password for the username root (user1) then run the configurator:

# /bin/config -s config.users.user1.plaintext_password=NEWPASSWORD
# /bin/config -r users

Done.

Automation of Remote Lab.

Взял на заметку хороший пример автоматизации удаленной лабы на основе терминального концентратора (Linux based) Opengear IM4216 (бывают и на большее количество портов) + APC Switched PDU 7901 или 7902. Все достаточно подробно описано тут. Также очень хорошо описал другой хорошо известный чувак тут про CM4116K. Как будет свободное время стоит заняться ибо железа много и жаль, что оно не приносит пользу.

Cisco 2811 and NM-32A. [TESTED]

Again, again and again about Cisco as Terminal Concentrator (Async ports). Step by step how to use Cisco 2811 and NM-32A.

• Check if Router detected the module:

Router#show inv
NAME: "2811 chassis", DESCR: "2811 chassis"
PID: CISCO2811         , VID: V01 , SN: FHK0914F21W

NAME: "Thirtytwo Port Low-Speed Async on Slot 1", DESCR: "Thirtytwo Port Low-Speed Async"
PID: NM-32A=           , VID: 0.1, SN: 32250175

Router#show ver | i bin
System image file is "flash:c2800nm-advipservicesk9-mz.124-24.T8.bin"
Router#
Router#show ver | i terminal
32 terminal lines
Router#
Router#sh run | s line
line 1/0 1/31
Router#

• Basic configuration:

Router#conf t
Router(config)#int fa0/0
Router(config-if)#ip address 10.0.0.250 255.255.255.0
Router(config-if)#no sh
Router(config-if)#do ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms
Router(config-if)#
Router(config-if)#line 1/0 1/31
Router(config-line)#no exec
Router(config-line)#transport input telnet
Router(config-line)#end
Router#

• After that you can try to connect to any async port using TELNET to 2000+TTY_port_number:

Router#show line
   Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int
*     0    0 CTY              -    -      -    -    -     0      0    0/0      -
      1    1 AUX   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/0   66 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/1   67 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/2   68 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/3   69 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/4   70 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/5   71 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/6   72 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/7   73 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/8   74 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    1/9   75 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/10   76 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/11   77 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/12   78 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/13   79 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/14   80 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/15   81 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/16   82 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/17   83 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/18   84 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/19   85 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/20   86 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/21   87 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/22   88 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/23   89 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/24   90 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/25   91 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/26   92 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/27   93 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/28   94 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/29   95 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/30   96 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
   1/31   97 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
    514  514 VTY              -    -      -    -    -     0      0    0/0      -
    515  515 VTY              -    -      -    -    -     0      0    0/0      -
    516  516 VTY              -    -      -    -    -     0      0    0/0      -
    517  517 VTY              -    -      -    -    -     0      0    0/0      -
    518  518 VTY              -    -      -    -    -     0      0    0/0      -

Line(s) not in async mode -or- with no hardware support:
2-65, 98-513

Router#

• It means that NM-32A port 0 has TCP port 2066, port 1 has 2067 and so on.
• To make connection process from Router CLI easier, we can configure loopback interface and hosts:

conf t
 int loopback 99999
  ip address 172.31.255.254 255.255.255.255
  exit

 ip host p1 2066 172.31.255.254
 ip host p2 2067 172.31.255.254
 ip host p3 2068 172.31.255.254
 ip host p4 2069 172.31.255.254
 ip host p5 2070 172.31.255.254
 ip host p6 2071 172.31.255.254
 ip host p7 2072 172.31.255.254
 ip host p8 2073 172.31.255.254
 ip host p9 2074 172.31.255.254
 ip host p10 2075 172.31.255.254
 ip host p11 2076 172.31.255.254
 ip host p12 2077 172.31.255.254
 ip host p13 2078 172.31.255.254
 ip host p14 2079 172.31.255.254
 ip host p15 2080 172.31.255.254
 ip host p16 2081 172.31.255.254
 ip host p17 2082 172.31.255.254
 ip host p18 2083 172.31.255.254
 ip host p19 2084 172.31.255.254
 ip host p20 2085 172.31.255.254
 ip host p21 2086 172.31.255.254
 ip host p22 2087 172.31.255.254
 ip host p23 2088 172.31.255.254
 ip host p24 2089 172.31.255.254
 ip host p25 2090 172.31.255.254
 ip host p26 2091 172.31.255.254
 ip host p27 2092 172.31.255.254
 ip host p28 2093 172.31.255.254
 ip host p29 2094 172.31.255.254
 ip host p30 2095 172.31.255.254
 ip host p31 2096 172.31.255.254
 ip host p32 2097 172.31.255.254

• Then you can use use “pX” command in CLI:

Router#p1
Trying p1 (172.31.255.254, 2066)... Open

ciscoasa#

Admin area