[rancid] Rancid + Fortinet

[Mozzi]

Allo all

I have an issue with rancid backing up fortigate devices.
Everything seems correct, but when checking if nlogin works, it auto
logs in, but I get this:

rancid@thunderaxe:/backups/Networking/bin> ./nlogin -t 90 -c"get system
status;get conf" 192.168.0.51
192.168.0.51
spawn ssh -c 3des -x -l mozz 192.168.0.51
mo...@192.168.0.51's password:
ONEFIRE # get system status

Error: TIMEOUT reached
rancid@thunderaxe:/backups/Networking/bin> get system status
If 'get' is not a typo you can use command-not-found to lookup the
package that contains it, like this:
cnf get
rancid@thunderaxe:/backups/Networking/bin>

Now I just don't understand!!

Mozzi

_______________________________________________
Rancid-discuss mailing list
Rancid-...@shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

[Diego Ercolani]

fortigate clogin script is "fnlogin", not "nlogin".
Please notice that the script isn't error proof and you have to do probably
some modifications. If you do them please provide feedback to the list.

[Andy]

Hi,
Is the prompt set to expect "#" in your nlogin script?

Line 458 in nlogin should be;
set prompt "\[#\\$] $"

That works for me.

Andy

[Chris Kilian]

Guys

I was under the belief that fnlogin was used for Fortigate, is this correct, also I cant find that line you talk about Andy can you provide any more detail

[Andy]

You are correct, the script I use is fnlogin which is from a patch (provided
by Diego Ercolani) which modifies the original nlogin;

The line is remarked;

# FortiOS 2.x prompts can end in either '#' or '$'
set prompt "\[#\\$]"

Andy

[Iñaki Martínez Díez]

Hi,

I have some scrpt for fortigate with several patches applied and some fixed
but it really is not working correct.

The script connect correctly and get some config but not complete (i think
some paging <--more--> is ommiting some lines). Each time i run rancid-run
fortigate i got different config (without modification on the fortigate of course).

I have tried this script with this version of fortigate: Fortigate-1000AFA2
3.00,build0416,070821.

Someone has a good script that work with fortigates ?

I have attached my scripts (remember that do not work correctly for me)

Thank you.

El 08/12/10 12:02, Andy escribió:

> You are correct, the script I use is fnlogin which is from a patch (provided
> by Diego Ercolani) which modifies the original nlogin;
>
> The line is remarked;
>
> # FortiOS 2.x prompts can end in either '#' or '$'
> set prompt "\[#\\$]"
>
>
> Andy

>________________________________________
Iñaki Martínez Díez
Departamento de redes
acens Technologies S.L.
i...@acens.com
Teléfono: 637 772 156

Fax: 911 418 501
Este mensaje puede contener información confidencial dirigida exclusivamente a su destinatario.
No se permite su copia o distribución sin la autorización expresa y por anticipado de acens.
Si recibió este mensaje por error, por favor, comuníquelo al emisor y elimínelo de su ordenador. Gracias.
This message may contain confidential information exclusively addressed to its intended recipient.
The copy or distribution of this message is not permitted without the prior express consent by acens.
If you are not the intended recipient of this message please advise the sender and delete it. Thank you.

[Andy]

Hi,
I had the same problem, you need to make sure console paging is disabled.
The script version I have attached is v1.1.1.1 and this will disable paging
and then enable it again when the script has finished.
I have added a couple of lines to enter the global configuration mode for
use with vdoms and this seems to work OK, but I am still testing.

I have attached the script I am using, I have tested it on FortiOS 3.0 and
4.0. You must use an admin user account on the Fortigate to change the pager
settings.

Andy