I've been asked to get our IMC working with a couple of Cisco ASAs we have. I've gotten the IMC to poll them, but backing up their configuration fails every time. I'm trying to use SCP.
I've set the ASAs to support SCP, and manually running the commands work:
C:\Program Files\iMC\server\bin>pscp -scp username@192.168.70.1:system://running-config .
username@192.168.70.1's password:
running-config | 30 kB | 30.7 kB/s | ETA: 00:00:00 | 100%
In the IMC, I've set Single Device Transfer mode for the firewall = SCP, and added the OID 1.3.6.1.4.1.9.1.1421 to the C:\Program Files\iMC\server\conf\adapters\ICC\Cisco\adapter-index.xml file (under the CiscoASA adapter).
The log file seems to show it complaining about SCP right away, then switching over to TFTP (which doesn't match the accesstype) before landing on CLI.
Anyone have ideas on what I can investigate?
Thanks!
Greg
2019-03-08 12:49:08.908 [WARNING (6021)] [THREAD(6372)] Do not support scp protocol in function 'CFileTransferTask::transferFileEx'
2019-03-08 12:49:09.909 [WARNING (6021)] [THREAD(6372)] Do not support scp protocol in function 'CFileTransferTask::transferFileEx'
2019-03-08 12:49:10.909 [INFO (0)] [THREAD(6292)] Process backup transfer task completed, result: { -- SEQUENCE --
result { -- SEQUENCE --
operStep 'ff'H --
,
result '00'H --
}
,
devID '6a'H --
,
strSession ''H -- "" --,
devDescr '6173615374726174666f72642e636f72702e61677269636f72702e636f6d283139322e3136382e37302e3129'H -- "asaStratford.corp.agricorp.com(192.168.70.1)" --,
transferResultList { -- AsnDevFileTransferResultSeqOf SEQUENCE OF AsnTransferCfgFileResult
{ -- SEQUENCE --
resultList { -- AsnCfgBakOprResultList SEQUENCE OF AsnCfgBakOprResult
{ -- SEQUENCE --
operStep '00'H --
,
result '1785'H --
}
}
,
fileType '00'H --
,
cfgFileID '27'H --
,
hostFileName '72756e6e696e675f323633353737313539322e636667'H -- "running_2635771592.cfg" --,
devFileNamePath '3139322e3136382e37302e315f72756e6e696e675f32303139303330383132343930382e636667'H -- "192.168.70.1_running_20190308124908.cfg" --
}
{ -- SEQUENCE --
resultList { -- AsnCfgBakOprResultList SEQUENCE OF AsnCfgBakOprResult
{ -- SEQUENCE --
operStep '00'H --
,
result '1785'H --
}
}
,
fileType '01'H --
,
cfgFileID '28'H --
,
hostFileName '737461727475705f323633353737313630322e636667'H -- "startup_2635771602.cfg" --,
devFileNamePath '3139322e3136382e37302e315f737461727475705f32303139303330383132343930392e636667'H -- "192.168.70.1_startup_20190308124909.cfg" --
}
}
}
2019-03-08 12:49:10.911 [WARNING (32)] [THREAD(6292)] [CComponentAdapter::checkAccessTypeMatchTransferProtocol()] transfer protocol does not match access type,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:10.911 [WARNING (32)] [THREAD(6292)] [CComponentAdapter::isDevSupportServiceAction()] transfer protocol does not match access type,ServiceName = ConfigBackup,commandName=Custom,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:10.912 [WARNING (32)] [THREAD(6292)] [CComponentAdapter::checkAccessTypeMatchTransferProtocol()] transfer protocol does not match access type,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:10.912 [WARNING (32)] [THREAD(6292)] [CComponentAdapter::isDevSupportServiceAction()] transfer protocol does not match access type,ServiceName = ConfigBackup,commandName=ICC,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:10.913 [INFO (0)] [THREAD(6292)] [CComponentAdapter::isDevSupportServiceAction] dev_id: 106, adapter_name: CiscoASA
2019-03-08 12:49:15.946 [INFO (0)] [THREAD(7612)] [CThirdPartCfgfileMgr::backupRunning()] Begin to backup running cfgfile ...
2019-03-08 12:49:15.946 [INFO (0)] [THREAD(7612)] [CScriptProcessor::exec()] Begin to execute, data: ServiceName = ConfigBackup
ActionName = backup_running_config
InputParam = TFTPFile=C:/Program Files/iMC/server/tmp/running_2635771662.cfg?_?TFTPServer=192.168.4.187?_?VpnName=
OutputParam =
CmdResp =
ErrorMessage =
ActionResult = 19
2019-03-08 12:49:15.947 [WARNING (32)] [THREAD(7612)] [CComponentAdapter::checkAccessTypeMatchTransferProtocol()] transfer protocol does not match access type,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:15.947 [WARNING (32)] [THREAD(7612)] [CComponentAdapter::isDevSupportServiceAction()] transfer protocol does not match access type,ServiceName = ConfigBackup,commandName=Custom,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:15.950 [WARNING (32)] [THREAD(7612)] [CComponentAdapter::checkAccessTypeMatchTransferProtocol()] transfer protocol does not match access type,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:15.950 [WARNING (32)] [THREAD(7612)] [CComponentAdapter::isDevSupportServiceAction()] transfer protocol does not match access type,ServiceName = ConfigBackup,commandName=ICC,iTransferProtocol=4,iAccessType=3
2019-03-08 12:49:15.951 [INFO (0)] [THREAD(7612)] [CComponentAdapter::isDevSupportServiceAction] dev_id: 106, adapter_name: CiscoASA
2019-03-08 12:49:15.951 [INFO (0)] [THREAD(7612)] [CScriptProcessor::exec()] Begin to execute by cli.
2019-03-08 12:49:15.951 [INFO (0)] [THREAD(7612)] [CScriptProcessor::exec()] Case_no: 8624_2635771663, service_name: ConfigBackup, action_name: backup_running_config, input_vars: TFTPFile=C:/Program Files/iMC/server/tmp/running_2635771662.cfg?_?TFTPServer=192.168.4.187?_?VpnName=
2019-03-08 12:49:15.993 [INFO (0)] [THREAD(7612)] [CScriptProcessor::exec()] Success to spawn process, pid: 8568
2019-03-08 12:49:16.245 [INFO (0)] [THREAD(7612)] [CScriptProcessor::exec()] Success to execute process, pid: 8568
2019-03-08 12:49:16.245 [INFO (0)] [THREAD(7612)] [CScriptProcessor::exec()] Check result file: C:\Program Files\iMC\server\bin\..\..\server/tmp/scripttool_8624_2635771663.cfg
2019-03-08 12:49:16.257 [INFO (0)] [THREAD(7612)] [imcscriptttol] log: =============================== Begin=============================
2019-03-08 12:49:16.257 [INFO (0)] [THREAD(7612)]
2019-03-08 12:49:16.210 [INFO (0)] [THREAD(8388)] [ScriptTool::execScriptAction()] component_name: ICC, service_name: ConfigBackup, action_name: backup_running_config, input_vars: TFTPFile=C:/Program Files/iMC/server/tmp/running_2635771662.cfg?_?TFTPServer=192.168.4.187?_?VpnName=
2019-03-08 12:49:16.224 [INFO (2001)] [THREAD(8388)] [CCLIScriptProcessor::init()] Device login type is 2,dev_id=106,AdaptName=CiscoASA
2019-03-08 12:49:16.229 [ERROR (100)] [THREAD(8388)] [CSSHScriptProcessor::setSpawnPhrase()] ssh command does not match that user defined.
2019-03-08 12:49:16.229 [ERROR (38)] [THREAD(8388)] [CCLIScriptProcessor::init()] Fail to call setSpawnPhrase().AdaptName=CiscoASA
2019-03-08 12:49:16.229 [ERROR (38)] [THREAD(8388)] [CTelnetScriptProcessor::exec()] Fail to initilize environment. AdaptName = CiscoASA. DevIP = 192.168.70.1
2019-03-08 12:49:16.231 [INFO (0)] [THREAD(8388)] [ScriptTool::execScriptAction()] ResultNo: 38, CmdResp: , ResultMap:
2019-03-08 12:49:16.257 [INFO (0)] [THREAD(7612)] [imcscriptttol] log: =============================== End===============================
#asa#scp