Send netdisco-users mailing list submissions to
netdisco-users@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
netdisco-users-requ...@lists.sourceforge.net
You can reach the person managing the list at
netdisco-users-ow...@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Re: Changing a device's IP (Oliver Gorwits)
--- Begin Message ---
Hi Brian
Thanks for your patience.
The device_identity matches a device on the left hand side and one of its
interfaces on the right hand side, but it does check that the interface is
valid and receives SNMP connection (unlike, say, the "renumber" command
which does not check).
You cannot select a device on the left hand side based on its interfaces,
sorry. But you can put the interface check in the right hand side and rely
on it only matching ASA devices where such an interface exists.
host_groups:
cisco_asa:
- 'op:and'
- 'vendor:cisco'
- 'model:.*(?i:ASA).*'
device_identity:
'group:cisco_asa':
- 'op:and'
- '172.31.0.0/16'
- 'port:(?i)management'
I have tested this and it works.
regards,
Oliver.
On Wed, 22 Feb 2023 at 17:16, Brian Kelly <hiwa...@gmail.com> wrote:
> Thank you for writing back Oliver!
>
> I’m not that versed in YAML but trying. Following your lead, the website
> docs, and a lot of trial and error (including Deep recursion on
> subroutine "App::Netdisco::Util::Permission::check_acl"), I _think_ I
> have something that should work, but it doesn’t seem to.
>
> In a nutshell, I’m looking for something to match Cisco ASA devices if
> they have an IP in the 172.31.0.0/16 space on their management interface
> and if so use the management IP for the device’s ID.
>
> I posted in the IRC (
> https://kiwiirc.com/nextclient/irc.libera.chat/netdisco), but I’m
> probably being impatient waiting for an answer or posted it in the wrong
> area (haven’t used IRC in years), so apologies in advance.
>
> Thank you again for a great product and looking forward to maybe even
> making minor contributions in the future if I can!
>
> BK
>
> —
>
> *host_groups:*
> * cisco_asa:*
> * - 'op:and'*
> * - 'vendor:cisco'*
> * - 'model:.*(?i:ASA).*'*
> * device_with_management_ip:*
> * - 'op:and'*
> * - 'port:(?i)management'*
> * - 172.31.0.0/16 <http://172.31.0.0/16>*
> * asa_with_management_ip:*
> * - 'op:and'*
> * - 'group:cisco_asa'*
> * - 'group:device_with_management_ip'*
>
> *device_identity:*
> * 'group:asa_with_management_ip':*
> * - 'port:(?i)management'*
>
> —
>
> On Feb 9, 2023, at 5:09 AM, Oliver Gorwits <oli...@cpan.org> wrote:
>
> Hi Brian
>
> The renumber feature is not what you want to use. That is for when you
> actually change the IP of a device and remove the old one; it allows the
> user to keep all the history of connected nodes and so on in the database.
>
> The feature you want is device_identity in the configuration file:
> https://github.com/netdisco/netdisco/wiki/Configuration#device_identity
>
> At a guess, the config might look something like (check the Model field of
> your Device Details tab and the Port Name in Addresses tab):
>
> device_identity:
> 'model:asa': 'port:(?i)mgmt1'
>
> Hope that helps, and if you get stuck do come and ask on IRC.
>
> Thanks for using Netdisco :)
>
> regards,
> oliver.
>
> On Thu, 9 Feb 2023 at 09:59, Brian Kelly <hiwa...@gmail.com> wrote:
>
>> Hello all! Longtime user, first time poster. :-) I tried searching the
>> archives for the mailing list, but I wasn’t about to find anything on this
>> topic from more recent that around 2007.
>>
>> I have a question about how Netdisco selects an IP to identify a device.
>> I have a Cisco ASA used as a VPN that is being identified by the IP address
>> of the outside interface, my guess is because it has the lowest IP address
>> on the system.
>>
>> If I use "netdisco-do renumber -d <old outside interface IP> -e <new
>> management interface IP>“ then Netdisco seems to use the IP I want it
>> to, but at some point later it reverts back to using the outside interface
>> again.
>>
>> Is this expected behavior? Or, as I’m probably doing something wrong,
>> what would be the correct procedure?
>>
>> Thank you everyone and keep up the good work!
>>
>> BK
>> _______________________________________________
>> Netdisco mailing list
>> netdisco-users@lists.sourceforge.net
>> https://sourceforge.net/p/netdisco/mailman/netdisco-users/
>
> _______________________________________________
> Netdisco mailing list
> netdisco-users@lists.sourceforge.net
> https://sourceforge.net/p/netdisco/mailman/netdisco-users/
>
>
>
--- End Message ---
_______________________________________________
Netdisco mailing list - Digest Mode
netdisco-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/netdisco-users
