FTD/FMC syslog messages listed by Severity level
Listed on following link.
You need 3 files:
devices.txt would look like this:
192.168.0.100 192.168.0.101 192.168.0.102 |
config.sh would look like this:
!/bin/bash Feed the expect script a device list & the collected passwords for device in cat devices.txt ; do./exp-config.exp $device ; done |
exp-config.exp would look like this:
!/usr/bin/expect -f ############## First Segment set hostname [lindex $argv 0] set username “USERNAME” set password “PASSWORD” set Directory /home/user/log-directory #Log results # #uncomment to use this to log every host separately #log_file -a $Directory/session_$hostname.log # #uncomment to use all logs in one file #log_file -a logfile.log # ############## Second Segment Announce which device we are working on and at what time send_user “\n” send_user “>>>>> Working on $hostname @ [exec dateo] <<<<<\n” send_user “>>>>> Working on $hostname @ [exec dateo] <<<<<\n” send_user “\n” spawn telnet $hostname expect { timeout { send_user “\nTimeout Exceeded – Check Host\n”; exit 1 } eof { send_user “\nTelnet Connection To $hostname Failed\n”; exit 1 } “ser” { send “$username\n” expect “assword:” { send “$password\n” expect “#” } } } ############## Third Segment #show command example #uncomment to skip “press any key to continue” or “–More–“ #send “term len 0\n” expect “#” send “show ip route\n” expect “#” # # #configuration example send “conf t\n” expect “(config)#” send “aaa authorization commands 1 default group tacacs+ local \n” # send “exit\n” expect “:~\$” exit |
Edit ASDM launcher shortcut and change target to “C:\Windows\System32\wscript.exe invisible.vbs run.bat”
Tried to migrate ACS 5.8 to ISE 3.0 but I was getting following message: “The server selected protocol version TLS10 is not accepted by client preferences [TLS12]”.
Since TLS 1.0 is disabled by default I had to enable it in java control panel (Oracle java 1.8) and also edit file C:\Program Files (x86)\Java\jre1.8.<some_version>\lib\security\java.security, remove TLSv1 from option jdk.tls.disabledAlgorithms and finally restart the migration application.
You can do the same in linux environment for openjdk by editing /usr/lib/jvm/java-11-openjdk-amd64/conf/security/java.security
Tnx to stackoverflow
“Troubleshoot DHCP in Catalyst Switch or Enterprise Networks” as explained here.
“ASA DHCP Relay Configuration Example” with nice packet capture examples.
ssh to device, and connect to fxos
FTD> connect fxos
FXOS# scope chassis 1
FXOS/ chassis# show chassis inventory expand