Welcome, Guest. Please login or register.

Author Topic: Backup problems with Avaya 5698T when I secure the switch.  (Read 5276 times)

ToddMurray

  • Guest
Backup problems with Avaya 5698T when I secure the switch.
« on: August 07, 2011, 04:26:02 PM »
I have an Avaya 5698T.
I have the "cmd-interface cli" added to this switch, and set Telnet/WEB Switch password Type to "none"
This just lets anyone login by control/Y when I telnet to the device.
This allows backups to work when I run ./nedi.pl -vb -a 10.0.0.3
See attached 5698T_no_passwords.txt
Now when I enable the local security on this this switch as follows (This config requires me to press control/Y, then add username "RO", password "user".)

telnet-access login-timeout 1
telnet-access retry 99
telnet-access inactive-timeout 15
telnet-access logging all
cli password switch telnet local
username "RO" "user" ro
username "RW" "secure" rw

Add this config to the nedi.conf
usr RO user

Now if I run ./nedi.pl -vb -a 10.0.0.8, It fails to login to perform the show run for backup.
See the attached log called 5698T_backup_failed.txt


Any ideas as how to resolve this one?
Thanks in advance.
ToddMurray - Ajax,Ontario,Canada

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2697
    • View Profile
    • NeDi
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #1 on: August 07, 2011, 08:21:43 PM »
Moved to discovery...

This points to a wrong pw, since it matches username prompt after entering it:

CLI3:Matched Username: , login failed


But could also be something else. If you use -d (debug), you can tail -f on input and output.log to ecactly see, what's going on...
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo

ToddMurray

  • Guest
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #2 on: August 08, 2011, 05:44:03 PM »
Update.
I've changed the authentication on the switch to tacacs the following command was run:
./nedi.pl -vbBda 172.20.43.68

The login works, however when the "show run" command is run,  I get the following error:
Use of uninitialized value $misc::curcfg[0] in concatenation (.) or string at ./inc/libcli-iopty.pm line 697.
Attached is my output from ./nedi.pl -vbBda 172.20.43.68

I did login to the switch using my tacacs account, typef "enable", "terminal length 0", "show run", to verify I actually see a running config and it displayed the full configuration.
Thanks
Todd

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2697
    • View Profile
    • NeDi
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #3 on: August 09, 2011, 12:05:22 AM »
Run nedi -vbda 172.20.43.68 with 2 more terminals open. Do tail -f input.log and tail -f output.log to exactly follow the communication. I'll try to reproduce with the Baystack I have...
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo

ToddMurray

  • Guest
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #4 on: August 09, 2011, 03:35:56 AM »
Cool, I did a quick test at home and I see what you mean about the following commands in separate windows:
tail -f input.log
tail -f output.log

I will try this when I get to work on a switch that has tacacs enabled.
Thanks

ToddMurray

  • Guest
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #5 on: August 12, 2011, 03:08:26 PM »
I have re-run this test on Nortel 5520 with the following switch software  ***************************************************************
  *** Ethernet Routing Switch 5520-48T-PWR                    ***
  *** Nortel                                                  ***
  *** Copyright (c) 1996-2010,  All Rights Reserved           ***
  *** BOSS 6.0 SSH                                            ***
  *** HW:35       FW:6.0.0.9   SW:v6.1.3.025                  ***
  ***************************************************************
SNMP RO string:public
Local Read only username:  RO
Local Read only password:  user


From the  input.log file, I see the prompt stuck at username. Perhaps this is the problem.
The output suggests it does send the password however.
Login still fails.See attached logs.

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2697
    • View Profile
    • NeDi
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #6 on: August 14, 2011, 02:23:11 PM »
Hmm, I wasn't aware that they use ESC sequences as well. This is a problem with the ProCurve switches too. Can this device be configured to use vt100 only?
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo

ToddMurray

  • Guest
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #7 on: August 15, 2011, 12:48:05 AM »
I looked for a possible VT100 Setting and found only a terminal command via the command line.
#terminal ?
  length  Set number of lines on a screen
  speed   Set the transmit and receive speeds
  width   Set width of the display terminal

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2697
    • View Profile
    • NeDi
Re: Backup problems with Avaya 5698T when I secure the switch.
« Reply #8 on: September 10, 2011, 01:16:15 AM »
Since I had my Baystack470 up and running for working on NDP, I also looked at the login stuff. You're absolutely right with the line wrap problem! Also since the whole login screen is being rebuilt, after one enters the password, it matches "Username:" again, which results in an error, even thought login would have actually worked. Unfortunately this logic is required, since some other switches only come back with this prompt upon entering wrong credentials (no other indicators)...
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo