Cisco and Juniper ssh backup example

In this example I will explain how to backup cisco and juniper devices using ssh device manager.

For this tutorial I have created two virtual cisco routers and one juniper switch, that I would like to backup using the output of “show run” command in cisco and “show configuration | display set” in juniper.

Screenshot were taken from the SSHdm Version 1.0.39.

Adding devices

At first start with adding the devices. In the “Device Info” tab click on “New Device” button.

In case of this example, the following detail were filled:

Device Name :   Cisco1

Device Address or host:  10.0.0.100

Username : cisco

Password :  cisco

Additional password :  cisco (I configured the cisco without enable password, but I filled this field anyway)

Connection Script :  empty for now

Group :  General (will change later)

Same thing goes with the other cisco, but in it’s case the IP address is different:

Device Name :  Cisco1

Device Address or host:  10.0.0.101

Username : cisco

Password : cisco

Additional password :    cisco (the cisco is configured without the enable password, but I filled this field anyway)

Connection Script :  empty for now

Group :  General (will be changed later)

The following details were filled for the juniper switch:

Device Name : Juniper

Device Address or host: 10.0.0.102 (lets assume it 10.0.0.102

Username :   root

Password :  My password

Additional password :  1234567890 (juniper doesn’t have enable password so I configured gibberish here )

Connection Script :  empty for now

Group :  General (will change later)

Now it is required to create a groups for the above devices. We will create a group called Cisco_devs for cisco devices and Juniper_devs for the juniper device(s). For this we need to go to “Groups” tab, write a groups name and click the Add new button:

Now we need to go to Scripts tab and create a few script:

  1. Connection script for cisco
  2. Connection script for Juniper
  3. “show run” script for cisco that will save the output to executions folder
  4. “show configure | display set” script for juniper that will also save the output to executions folder.

Create a connection script for cisco

At the “Scripts” tab write a script name called “connection_cisco_no_en” and click add new.

At the window that will pop up, write:

<PAUSE>2000</PAUSE>

termi wi 120

terminal length 0

When the program will connect to the device it will use the username and password that we used when we added a new device. Then it will wait for 2000 milliseconds. Sometimes when connecting to a cisco there is a little pause between the login and until a user get command prompt. This pause makes sure the program will remain connected. After the pause the program will expand the terminal to width of 120, and after that the command “terminal length 0” will make sure that when printing the configuration the cisco will not send “—more–” to the user, with the expectation of the user to press any key:

Current configuration : 1875 bytes

!
! Last configuration change at 11:41:41 UTC Wed Jun 21 2017 by cisco
!
version 15.5
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
platform console virtual
!
hostname Router-IPv6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
 --More--

If the cisco was configured with enable password, the connection script would look like this:

<PAUSE>2000</PAUSE>
en
<GET_ENPASS></GET_ENPASS>
<PAUSE>2000</PAUSE>
termi wi 120
terminal length 0

The pause keywords would wait for cisco prompt, and the keyword  <GET_ENPASS></GET_ENPASS> will get the additional password that entered while adding a new device.

Adding juniper connection script

When a connection to juniper is made, after entering username and password juniper sends get this prompt:

root@:RE:0%

before typing the command that will print the configuration, the user need to enter “cli” command. Junipers equivalent to cisco’s “terminal lenth 0” is the following command : “set cli screen-length 0”. So this is the connection script for juniper:

<PAUSE>2000</PAUSE>
Cli
<PAUSE>500</PAUSE>
set cli screen-length 0

The pause of 500 millisecond should be added because I noticed that juniper waits a little before going to the next mode.  Save this script as “connection_juniper”.

Cisco “show run” script

No it is time to create a script that saves cisco configuration. Lets create a script called “sh_run_cisco” to display cisco configuration:

sh run
<PAUSE>2000</PAUSE>

After issuing the “show run” command, the program waits for 2 second for the cisco to start printing the configuration. When printing starts, the program will continue to read output buffer until no more new characters where printed.

Let us call a script that does the same for the juniper switch as “sh_run_juniper”. Enter this name above the “Add new” button and click the button. Add this script and click on Save and close button.

show configuration | display set
<PAUSE>1000</PAUSE>

Assign connection script and groups to devices

Go back to the “Device Info” tab.

Click on the first cisco device, and then click on “Edit device”.

Choose the “connection_cisco_no_en” that was created earlier and click on confirm.

In the “Device Info” tab,  select a cisco device, and use the arrows buttons to add Cisco_devs group to cisco device and remove the General groups

Do the same for the second cisco device.

To the Juniper device, assign the connection script for juniper we called “connection_juniper”, and assigned it do group Juniper_devs.

Adding a job

To add a job go to the “Jobs” tab.

In the jobs tab, first create a job for the cisco devices.

Above the “Add new” button, write “cisco_save_config” and click “Add new”

Then click on the job that now appears in the list, select execution time.

In the repeat in, write 3600. This means that the job will repeat itself every 3600 second, meaning one hour. Every time a job finished executing the program will add to execution time the amount of second written in “repeat in” and save this new time in the database.

Click on save timings

All buttons should have been grayed out. Click on the job again in the list, select a scripted called  “show_run_cisco” and click on assign.

Click on the job again in the list and click on the “Active” selection box.

Repeat this process and add a job called “juniper_save_config”. Set the execution time about 5 minutes after the previous job, in order to give the program time to finish executing this job on all the devices. Make sure the script “show_run_junper” is assigned to this job.

Assign job to group

Go to “Groups” tab.

In the list , click on group “Cisco_devs”.

On the dropdown box select the job “cisco_save_config” and click on the button “Assign” to assign this a job to this group.

Repeat this process to assign the job “juniper_save_config” to the group “Juniper_devs”

Job Execution

When the time comes to execute the job, the console will display a message that job execution started.

When job completes a message notifing that the job completed will be displayed.

The results of jobs execution will be in the program folder in the executions directory. The files in the executions directory contains the output of the entire session to the devices. The filenames are created using the device name and the data time of the job execution.