Is there a template for a Nortel VPN Gateway 3050.
Haven't had any luck trying on my own.
Get the config listed, but cannot get the download script to exit correctly.
It just sits there.
I'm using info/sys to show
and /menu/exit to exit.
Can you please post the session trace and the current template you are using?
Chris.
I actually got it to work this morning. Here's what I used.
<Configuration-Management Device="Alteon iSD SSL HW3050 SW" SystemOID="1.3.6.1.4.1.1872.1.11.2"> <Commands> <Command Name="Reset" Value=""/> <Command Name="ExitConfigMode" Value="/main/exit"/> <Command Name="DownloadConfig" Value="info/sys" Delay="300" RegEx="Information#"/> <Command Name="More" Value="Press q to quit, any other key to continue"/> </Commands></Configuration-Management>
I do have a question though. I need to set up a template for a SecureComputing Sidewinder G2 firewall.
Do you have any suggestions?
I was intrigued by this post, but the config dump for the NVG 3050 is not /info/sys it's /cfg/dump -- this is a bit tricky, since it has a blurb about 'do you want to dump your configuration keys?' that you have to say yes/no to before you can actually dump it. Too bad we can't chain commands!
I was inspired by someone else actually owning a nortel 3050 device, so...
Enjoy!
I'll post this to the content sharing zone, but I think this below will be much better for you.
It will extract /cfg/dump output perfectly.
<Configuration-Management Device="Alteon iSD SSL HW3050 SW" SystemOID="1.3.6.1.4.1.1872.1.11.2"> <Commands> <Command Name="Reset" Value=""/> <Command Name="Reboot" Value=""/> <Command Name="EnterconfigMode" Value=""/> <Command Name="Startup" Value=""/> <Command Name="Precommand" Value="No" Regex="Kill other sessions (yes/no) [no]" /> <Command name="DownloadConfig" Value="no${CRLF}/cfg/dump${CRLF}No" Delay="300" Regex="Configuration#"/> <Command Name="Version" Value="/info/sys" Regex="Information#"/> <Command Name="More" Value="Press q to quit, any other key to continue"/> <Command Name="VirtualPrompt" Value="Main#" /> <Command Name="MenuBased" Value="True" /> <Command Name="MenuDrivenConfigStart" Value="Collecting data, please wait..."/> </Commands></Configuration-Management>
If you've ever restored a G2 Sidewinder, you'll probably understand why NCM is not going to be a useful tool in your belt for that task. Sidewinders get restored from Emergency Config backups that are created via the Sidewinder Cobra GUI, and stored on USB sticks or off the Sidewinder on the network. The CLI procedure for this, while available, is ugly--I strongly recommend using the simple GUI procedure, which is well documented, easy, and intuitive.
Restoring a Sidewinder requires booting it from the imaging CD, recreating some basic connectivity settings (or restoring them from a separate emergency backup file that you must have created previously on your admin station) and then accessing the emergency backup info stored on the USB stick, which has to be inserted locally on the Sidewinder. Of course, licensing is required, which requires more unique user actions, and you'll be required to repatch all the Sidewinder with all the updates from the McAfee web site before you can run the emergency restore. This leaves NCM out of the running for being a backup & restore tool.
Work with Sidewinder Support (Now McAfee) to get you set up with a simple procedure for both manually creating an Emergency Backup to USB drive, and also to automate the Sidewinder so it will automatically backup a restorable configuration to an SCP server on your network.
But NCM MAY be a player in Sidewinder configuration management reporting. I'm going down this path with NCM and SolarWinds Support right now. When I called McAfee Secure Firewall Support for info on how I might use NCM for backing up the firewall, they said it wouldn't be able to do a proper backup and restore. But it MIGHT be able to create a useable set of information about the current configuration settings that can be used to track changes. That's what I want.
McAfee looked at it from what their systems could do: it might be possible to create a cronjob that would run all the cf commands necessary to display the Sidewinder's configs, and then cat them all into one file. Then NCM might be able to retrieve this file and use it for configuration change comparisons and management.
SolarWinds sent me the questionairre for commands necessary to build a new template. I filled it out and sent it back yesterday; they're working on it now. My goal is to avoid doing the cf commands and their CAT on the Sidewinder--NCM might be able to do it all by itself, making the process simpler.
Once logged in, NCM's template will need to run all these cf commands and store them for comparison against future changes:
Once this template is complete, I can share it when it comes back from SolarWinds Support--after it has been tested successfully. But understand that it will not do a restore of the firewall--only report config changes. Also understand it will not necessarily set you up to be able to do bulk changes, or changes on multiple Sidewinders. McAfee has a tool for that--Enterprise Manager. If you have many Sidewinders, you probably already have it.
Definitely work with McAfee support on automating and understanding the firewall backup options. Those guys are very competent, and will set you up quickly.
