Wired Intelligent Edge (Campus Switching and Routing)

Reply
New Contributor

"show run" (Orion vs enhanced secure-mode)

I'm using SolarWinds Orion to manage several devices, including Aruba switches. (Specifically, the JL557A 2930F, but I think this issue applies to any device running ArubaOS.)

 

Orion can download the running config for a switch; there are templates that supply the relevant command for each platform. When an Aruba switch uses standard secure-mode, that works fine. However, if I put an Aruba switch into enhanced secure-mode, Orion can't download the config anymore.

 

If I log into the Aruba switch directly and type "show running-config", the response is "Do you want to show sensitive information (y/n)?" As an interactive user, I can press "y" to display the running config. However, Orion just gets stuck at that point, then it discards that single line of output as being too short for a config file.

 

So, my question. Is there a way to bypass that extra prompt? E.g. in MS-DOS, you could often specify a "/Y" parameter to stop if from asking you whether you were sure. I can't find a way to do that on an Aruba, but maybe I've missed something? Or maybe this could be added in a future version? I'm not fussed about the sensitive information, so if there's a way to suppress the second question by answering "no", that would be good enough for my purposes. (In actual fact, I've compared the output when I answer yes or no, and it seems to be identical, but maybe that's because I haven't used certain commands in the config.)

 

For now, the only way to get the config into Orion is to go back to standard secure-mode, which seems like a shame.

Occasional Contributor II

Re: "show run" (Orion vs enhanced secure-mode)

I don't know anything about Solarwinds Orion. However, I have two ideas. Maybe this helps maybe not.

 

You said that there are templates in the software to download the configs. Can't you just change the template so that it issues the show command, presses enter and types 'y' afterwards?

 

The other idea is that you can also copy a configuration via TFTP/SCP/... with the copy command. To be honest I don't know if this works in enhanced secure mode but I guess so.

Maybe your software has an integrated TFTP server or similar.

MVP Expert

Re: "show run" (Orion vs enhanced secure-mode)

It is not posible to use API with your Orion ?

 




PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info


PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info


PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)


PowerArubaIAP: Powershell Module to use Aruba Instant AP




ACMP 6.4 / ACMX #107 / ACCP 6.5
New Contributor

Re: "show run" (Orion vs enhanced secure-mode)

Thanks for the idea. I couldn't edit the built-in Orion template, but I've created a new template specifically for this Aruba model.

 

 

<Configuration-Management Device="Aruba Switch" SystemOID="1.3.6.1.4.1.14823" AutoDetectType="BySystemOid">
  <Commands>
    <Command Name="RESET" Value="terminal length 1000" />
    <Command Name="Reboot" Value="reload${CRLF}Yes" />
    <Command Name="RebootAt" Value="reload at ${HH}:${NN}${CRLF}Yes" />
    <Command Name="EnterConfigMode" Value="config" />
    <Command Name="ExitConfigMode" Value="end" />
    <Command Name="Startup" Value="startup-config" />
    <Command Name="Running" Value="running-config" />
    <Command Name="DownloadConfig" Value="show ${ConfigType}${CRLF}y" />
    <Command Name="UploadConfig" Value="${EnterConfigMode}${CRLF}${ConfigText}${CRLF}${ExitConfigMode}" />
    <Command Name="DownloadConfigIndirect" Value="copy ${ConfigType} ${TransferProtocol}://${StorageAddress}/${StorageFilename}" />
    <Command Name="UploadConfigIndirect" Value="copy ${TransferProtocol}://${StorageAddress}/${StorageFilename}  ${ConfigType}" />
    <Command Name="EraseConfig" Value="write erase${CRLF}Yes" />
    <Command Name="SaveConfig" Value="write memory" />
    <Command Name="Version" Value="show version" />
  </Commands>
</Configuration-Management>

 

The built-in template had these lines:

 

		<Command Name="Startup" Value="startup-config"/>
		<Command Name="Running" Value="running-config"/>
		<Command Name="DownloadConfig" Value="Show ${ConfigType}"/>

In other words, it would normally do "show running-config", but I've changed it to do "show running-config" (carriage return) then "y".

 

Unfortunately, we still get the same error. Orion doesn't show the output, so I can only guess at what it's seeing.

 

Orion does support scp and tftp, so I'll investigate those options and report back.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: