-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Friday 08 April 2005 04:43 pm, Eli Dart wrote:
> Alan Young wrote:
> > What products out there can I use to automate/simplify ACL management?
>
> For IOS-like boxes, we've found that a tftp server works very well.
> You edit the command file (which contains the set of commands to
> install the acl) on the tftp server (where you have version control,
> etc) and then pull it into the router via tftp when you're done
> editing it.
>
> If you have to push a given list out to many routers, I could
> envision a perl Net::Telnet script to install an acl bound to a
> given interface in a given direction. You could also put together a
> make infrastructure that created the acls and then your perl script
> would only pull them down to the appropriate router. I've not had
> the need to build such a beast, but it feels fairly straightforward.
There is an open source project on SourceForge called the Cisco-centril Open
Source Initiative that has a bunch of scripts for dealing with cisco routers
and switches, include ACL management. Recommend a look:
http://sourceforge.net/projects/cosi-nms/
Chris Stone, MCSE
AxisInternet, Inc.
www.axint.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCVyuvG4PxJjbMvv0RAij1AKCeKR5s7Xhy1VCpgL6fYXTFzRBkWACgrQdd
B5vSSaEhn+R2kkhzElnngSc=
=4nWF
-----END PGP SIGNATURE-----
References:
|
|
