Tel Scripting for Cisco IOS



Similar documents
Tcl Scripting for Cisco IOS

Table of Contents. Introduction

Cisco ASA. Administrators

Cisco Certified Security Professional (CCSP)

McAfee SIEM Alarms. Setting up and Managing Alarms. Introduction. What does it do? What doesn t it do?

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

SolarWinds Certified Professional. Exam Preparation Guide

PKI Uncovered. Cisco Press. Andre Karamanian Srinivas Tenneti Francois Dessart. 800 East 96th Street. Indianapolis, IN 46240

1. INTERFACE ENHANCEMENTS 2. REPORTING ENHANCEMENTS

TPAf KTl Pen source. System Monitoring. Zenoss Core 3.x Network and

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

1. INTERFACE ENHANCEMENTS 2. REPORTING ENHANCEMENTS

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Tim Bovles WILEY. Wiley Publishing, Inc.

Panel 2 Self Management: Separating Facts from Fiction

Securing Networks with PIX and ASA

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

You can specify IPv4 and IPv6 addresses while performing various tasks in this feature. The resource

Cisco ASA, PIX, and FWSM Firewall Handbook

F5 Local Traffic Manager

Managing Dynamic Configuration

Overview of Inventory Management

CISCO UNIFIED CUSTOMER VOICE PORTAL IMPLEMENTATION (CVPI)

RSA Authentication Manager

Security. AAA Identity Management. Premdeep Banga, CCIE # Cisco Press. Vivek Santuka, CCIE # Brandon J. Carroll, CCIE #23837

orrelog SNMP Trap Monitor Software Users Manual

Implementing a Microsoft Windows 2000 Network Infrastructure

NNMi120 Network Node Manager i Software 9.x Essentials

Zabbix 1.8 Network Monitoring

T H E P O W E R O F B U I L D I N G A N D M A N A G I N G N E T W O R K S. Operations

PANDORA FMS NETWORK DEVICES MONITORING

Deploying Unified Contact Center Enterprise DUCCE v10.0; 5 Days, Instructor-led

ehealth Integration for Cisco VPN Solutions Center User Guide

How to Configure Dynamic DNS on a Virtual Access Router

Maintaining Non-Stop Services with Multi Layer Monitoring

CISCO IOS NETWORK SECURITY (IINS)

PANDORA FMS NETWORK DEVICE MONITORING

Firewall Builder Architecture Overview

BlackBerry Enterprise Service 10. Version: Configuration Guide

Task Manager. Tasks. Starting Task Manager CHAPTER

Implementing Cisco IOS Network Security v2.0 (IINS)

Using LiveAction with Cisco Secure ACS (TACACS+ Server)

Cisco Which VPN Solution is Right for You?

Monitoring System Status

Deploying the BIG-IP LTM with the Cacti Open Source Network Monitoring System

Accellion Secure File Transfer

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam

Tracking Network Changes Using Change Audit

A Model Design of Network Security for Private and Public Data Transmission

IP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview

Lab Developing ACLs to Implement Firewall Rule Sets

School of Information Technology and Engineering (SITE) CEG 4395: Computer Network Management. Lab 4: Remote Monitoring (RMON) Operations

Edge Configuration Series Reporting Overview

NetBrain Workstation Professional Edition 2.3 Release notes

LT Auditor Windows Assessment SP1 Installation & Configuration Guide

Contents. Part 1 SSH Basics 1. Acknowledgments About the Author Introduction

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

Embedded Syslog Manager Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)

NetFlow Tracker Overview. Mike McGrath x ccie CTO mike@crannog-software.com

Course MS20696A Managing Enterprise Devices and Apps using System Center Configuration Manager

mbits Network Operations Centrec

LogLogic Trend Micro OfficeScan Log Configuration Guide

Cortado Corporate Server 6.1 The Mobile Business Formula for Success What s New?

Interconnecting Data Centers Using VPLS

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH Operations

Managing Enterprise Devices and Apps using System Center Configuration Manager 20696B; 5 Days, Instructor-led

Troubleshooting for Yamaha router

Case Study for Layer 3 Authentication and Encryption

Network Monitoring with SNMP

SysAid Remote Discovery Tool

HP TippingPoint Security Management System User Guide

Simple Network Management Protocol (SNMP) Causes High C

A10 Networks Load Balancer

About this Getting Started Guide. Enabling Log Management... 2 Applying a License... 4 Using Log Management How to forward logs...

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

CCNP Switch Questions/Answers Implementing High Availability and Redundancy

VMware Site Recovery Manager with EMC RecoverPoint

Lab Configure IOS Firewall IDS

How To Configure Syslog over VPN

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

NMS300 Network Management System

Note: With v3.2, the DocuSign Fetch application was renamed DocuSign Retrieve.

Managing Enterprise Security with Cisco Security Manager

Tue Apr 19 11:03:19 PDT 2005 by Andrew Gristina thanks to Luca Deri and the ntop team

Introduction to the EIS Guide

ZTE Australia Help Guides MF91

Government of Canada Managed Security Service (GCMSS) Annex A-7: Statement of Work - Security Information and Event Management (SIEM)

CCNP: Implementing Secure Converged Wide-area Networks

Configuring Basic Settings

HOWTO: How to configure IPSEC gateway (office) to gateway

Table of Contents. Cisco How Does Load Balancing Work?

External Device Management - Using SNMP - Enabling the Next Wave of Connectivity

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

SiteCelerate white paper

Classic IOS Firewall using CBACs Cisco and/or its affiliates. All rights reserved. 1

Transcription:

Tel Scripting for Cisco IOS Ray Blair, CCIE No. 7050 Arvind Durai, CCIE No. 7016 John Lautmann Cisco Press 800 East 96th Street Indianapolis, IN 46240

Tel Scripting for Cisco IOS Contents Introduction xiv Chapter 1 The Origin of Tel 1 Tel and Cisco IOS Software 3 Embedded Event Manager and Tel 4 Restriction of Tel in IOS 4 Tel with EEM Support in IOS 5 Using Tel Scripts in the Network 8 Troubleshooting Problems 8 Monitoring the Network 8 Adding Intelligence to Cisco IOS Protocols 9 Summary 9 References 9 Chapter 2 Tel Interpreter and Language Basics 11 Simple Variables in Tel 12 Storing Variables 12 Viewing Variables 13 The append Command 13 The incr Command 13 Representation of Variables in Tel 14 Command Substitution 14 Variable Substitution 15 Lists 17 läppend 18 lindex 18 linsert 18 llength 19 Isearcb 19 Ireplace 20 Irange 20 Isort 20 Procedures 21 for Command 22 foreach Command 23 while Command 23

ix Arrays 24 if Command 26 switch Command 27 Files 28 Summary 31 References 31 Chapter 3 Tel Functioning in Cisco los 33 Understanding the Tel Interpreter in Cisco IOS 33 Using Cisco IOS Exec-Mode Parser in the Tel Shell 34 Entering an IOS Command into the Tel Command Interpreter 35 Using Tel to Enter Commands 36 Copying a Tel Script to a Cisco IOS Device 38 Fetching a Cisco IOS Tel Script from a Remote Device 41 Using Tel to Examine the Cisco IOS Device Configuration 41 Using Tel to Modify the Router Configuration 43 Using Tel with SNMP to Check MIB Variables 44 Other Uses of SNMP 44 Enabling SNMP on a Cisco IOS Device 47 Querying the Configuration of a Cisco IOS Device Using SNMP 48 Modifying the Configuration of a Cisco IOS Device Using SNMP 51 Summary 53 References 53 Chapter 4 Embedded Event Manager (EEM) 55 EEM Architecture 55 Policies 56 EEM Server 56 Event Detectors 57 Software Release Support for EEM 60 Platform and IOS Considerations for EEM 65 Writing an EEM Applet 66 Practical Example of an Event Trigger 68 Using Object Tracking as an Event Trigger 69 Creating Applet Actions 70 Examples of EEM Applets 70 Configuring the IP SLA Sender and Responder 72 Applet and IP SLA Route Failover Example 74

x Tel Scripting for Cisco IOS Applet That Monitors the Default Route 83 Applet and Application Failover with a Network Address Translation Example 88 Using EEM and Tel Scripts 96 Programming Policies with Tel 97 Tel Example Used to Check for Interface Errors 98 Tel Example Used to Check the CPU Utilization 104 Summary 110 References 110 Chapter 5 Advanced Tel Operation in Cisco IOS 111 Introduction to the Syslog Protocol 112 Configuring Syslog Server Parameters in Cisco IOS 113 Syslog Tel Script Example 116 Syslog Tel Script Sample Output 118 Sending Syslog Messages to a File 121 Syslog Server Script Procedures 124 Syslog Server Script Body 127 Putting the Syslog Script into Operation 129 Introduction to Embedded Syslog Manager 130 Filtering Syslog Messages 130 ESM Global Variables 134 Rebuilding a Syslog Message from Its Components 136 Displaying/Adding ESM Tel Script Filters 137 Introduction to Embedded Menu Manager 139 Using Tel as a Web Server 144 Obtaining a Free Web Server Application 147 Reverse Engineering the Web Server 149 Creating Your Own Simple Web Page 152 Creating a Web Page Using IOS show Commands 154 Adding User Input to the Web Page 157 Introduction to IP SLA 160 Adding the IP SLA Measurement to the Web Page 162 Modifying the Button and Label for User Input 162 Creating a Tel Script to Display IP SLA Measurement Results 163 Putting the New Tel Scripts into Operation 165 Reformatting the IP SLA Output for Readability 167

xi Automatic Removal and Creation of IP SLA Entries 170 Displaying the Results of the IP SLA Measurement with Auto-Refresh 174 Tel Script Refresh Policy 177 SNMP Proxy Event Detector 178 Remote-Procedure Call Requests 179 Multiple-Event Support for Event Correlation 180 Using the clear Command 181 Summary 182 References 182 Chapter 6 Tel Script Examples 183 Creating an Application from Start to Finish 183 Determine What You Want to Accomplish 183 Creating a Flowchart 184 Deciding What the User Interface Should Look Like 185 Write the Code in Pseudo-Code 187 Before You Begin 188 Starting to Program the Application 190 Configuring the Web Server 190 Writing Code for the MPLS VPN Script 191 Configuring HTML 209 Writing Code for the MPLS CFG Script 216 Troubleshooting as You Go 228 Using Tel to Troubleshoot Network Problems 230 Monitoring the Console for Events 233 Creating a Web Application for Remote SNMP Graphing 236 Summary 241 References 241 Chapter 7 Security in Tel Scripts 243 Introduction to PKI Infrastructure 243 PKI Prerequisite 244 Confidentiality with PKI 244 Digital Signatures with PKI 245 Using Digital Signatures to Sign a Tel Script 247 Step 1: Decide on the Final Tel Script Contents (Myscript) 248 Step 2: Generate a Public/Private Key Pair 248

xii Tel Scripting for Cisco IOS Step 3: Generate a Certificate with the Key Pair 250 Step 4: Generate a Detached S/MIME pkcs7 Signature for Myscript Using the Private Key 250 Step 5: Modify the Format of the Signature to Match the Cisco Style for Signed Tel Scripts and Append It to the End of Myscript 251 Tel Script-Failure Scenario 256 Scaling Tel Script Distribution 257 Summary 258 References 258 Appendix A Cisco IOS Tel Commands Quick Reference 259 Index 287