Wednesday, December 23, 2020

Python Script Telnet to cisco device

 Python Script:- Telnet to cisco device

import telnetlib
import time

host = '10.10.10.1'
port = '23'
user = 'cisco'
password  = 'cisco'

tn = telnetlib.Telnet(host=host, port=port)

tn.read_until(b'Username: ')
tn.write(user.encode() + b'\n')

tn.read_until(b'Password: ')
tn.write(password.encode() + b'\n')

tn.write(b'show ip int brie \n')
tn.write(b'exit \n')
time.sleep(1)

Output






Posted by at No comments:

Python Script for Cisco Config Backup

 This is a simple python script to backup the config of your cisco device, with date and time into a txt file

import paramiko
import time
from datetime import datetime

ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())

router = {'hostname': '10.10.10.1', 'port': '22', 'username':'cisco', 'password':'cisco'}
print(f'Connecting to Device...{router["hostname"]}')

ssh_client.connect(**router, look_for_keys=False, allow_agent=False)

shell = ssh_client.invoke_shell()

shell.send('terminal length 0\n')
shell.send('enable\n')
shell.send('cisco\n')
shell.send('show run\n')

time.sleep(2)

output = shell.recv(10000).decode()
print(output)

now = datetime.now()
year = now.year
month = now.month
day = now.day
hour = now.hour
minute = now.minute

file_name = f'{router["hostname"]}-{year}-{month}-{day}-{hour}-{minute}.txt'

with open(file_name, 'w') as f:
    f.write(output)

print('Closing Connection')
ssh_client.close()
Posted by at No comments:

Tuesday, December 22, 2020

Python Script for OSPF Config

 Script for basic ospf configuration

gns3 Topology



import paramiko
import time
import getpass
from pip._vendor.distlib.compat import raw_input

ssh_client = paramiko.SSHClient()
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())

username = raw_input('Enter username:')
password = getpass.getpass('Enter Password:')
router = {'hostname': '10.10.10.1', 'port': '22', 'username': username, 'password': password}
print(f'Connecting to Device...{router["hostname"]}')
ssh_client.connect(**router, look_for_keys=False, allow_agent=False)

shell = ssh_client.invoke_shell()
shell.send('enable\n')
shell.send('cisco\n')
shell.send('conf t\n')
shell.send('router ospf 10\n')
shell.send('net 0.0.0.0 0.0.0.0 area 0\n')
shell.send('end\n')
shell.send('show ip protocols\n')
time.sleep(2)

output = shell.recv(10000).decode()
print(output)

print('Closing Connection')
ssh_client.close()

Output post execution of the Script













Posted by at No comments:

Python Script to Connect Cisco Device

 

Topology is in gns3 loopback interface is configured on the desktop to connect the router


Python Script Username and password will be prompted for input from the user

import paramiko
import time
import getpass
from pip._vendor.distlib.compat import raw_input

ssh_client = paramiko.SSHClient()

ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
username = raw_input('Enter Username:')
password = getpass.getpass('Enter Password:')
router = {'hostname': '10.10.10.1', 'port': '22', 'username':username, 'password':password}
print(f'Connecting to Device....{router["hostname"]}')
ssh_client.connect(**router, look_for_keys=False, allow_agent=False)

shell = ssh_client.invoke_shell()
shell.send('show ip int brie\n')
time.sleep(1)

output = shell.recv(10000)
output = output.decode()
print(output)

print('Closing Connection')
ssh_client.close()

c:>python sshconnect.py

Below is the output of the command executed





Posted by at No comments:

Thursday, December 3, 2020

VRF-Lite IPSec Aware

 VRF-Lite Configuration With IPSec




==================R1========================
!
ip vrf CUST-A
ip vrf CUST-B
!
interface Ethernet0/0
 ip vrf forwarding CUST-A
 ip address 192.168.13.1 255.255.255.0
!
interface Ethernet1/0
 ip vrf forwarding CUST-A
 ip address 192.168.12.1 255.255.255.0
router eigrp 10
 !
 address-family ipv4 vrf CUST-A autonomous-system 100
  no auto
  network 192.168.12.0
  network 192.168.13.0
 exit-address-family
================R2===================
!
ip vrf CUST-A
ip vrf CUST-B
!
interface Ethernet0/0
 ip vrf forwarding CUST-A
 ip address 192.168.24.2 255.255.255.0
!
interface Ethernet1/0
 ip vrf forwarding CUST-A
 ip address 192.168.12.2 255.255.255.0
 !
router eigrp 10
 !
 address-family ipv4 vrf CUST-A autonomous-system 100
  no auto
  network 192.168.12.0
  network 192.168.24.0
 exit-address-family
==================R3===============
interface Loopback0
 ip address 3.3.3.3 255.255.255.0
!
interface Ethernet0/0
 ip address 192.168.13.3 255.255.255.0
!
router eigrp 100
 no auto
 network 3.0.0.0
 network 192.168.13.0
==============R4================
!
interface Ethernet0/0
 ip address 192.168.24.4 255.255.255.0
!
interface Loopback0
 ip address 4.4.4.4 255.255.255.0
!
router eigrp 100
 no auto
 network 4.0.0.0
 network 192.168.24.0


===============R1 Site-2-Site=======VRF Aware===================
! Phase1 Policy
crypto isakmp policy 10
 auth pre-share
 hash md5
 enc 3des
 group 2

! Create Key ring
crypto keyring KEY-1 vrf CUST-A
 pre-shared-key address 192.168.12.2 key cisco123

! Create Isakmp profile
crypto isakmp profile PROF-A
 match identity address 192.168.12.2 255.255.255.255 CUST-A
 keyring KEY-1
 vrf CUST-A

! Transform Set
crypto ipsec transform-set TSET esp-3des esp-md5

!
access-list 101 permit ip 3.3.3.0 0.0.0.255 4.4.4.0 0.0.0.255

! Crypto MAP
crypto map CUST-A 10 ipsec-isakmp
 match address 101
 set peer 192.168.12.2
 set transform-set TSET
crypto map CUST-A isakmp-profile PROF-A

! Apply to the interface
int eth1/0
 crypto map CUST-A
===============R2 Site-2-Site=======VRF Aware===================
! Phase1 Policy
crypto isakmp policy 10
 auth pre-share
 hash md5
 enc 3des
 group 2

! Create Key ring
crypto keyring KEY-1 vrf CUST-A
 pre-shared-key address 192.168.12.1 key cisco123

! Create Isakmp profile
crypto isakmp profile PROF-A
 match identity address 192.168.12.1 255.255.255.255 CUST-A
 keyring KEY-1
 vrf CUST-A

! Transform Set
crypto ipsec transform-set TSET esp-3des esp-md5

!
access-list 101 permit ip 4.4.4.0 0.0.0.255 3.3.3.0 0.0.0.255

! Crypto MAP
crypto map CUST-A 10 ipsec-isakmp
 match address 101
 set peer 192.168.12.1
 set transform-set TSET
crypto map CUST-A isakmp-profile PROF-A

! Apply to the interface
int eth1/0
 crypto map CUST-A


Now ping from R4 to R3


We see packets are getting encrypted




Posted by at No comments:
Subscribe to: Posts (Atom)