1
0
-1

Need help with opConfig module unable to communicate with ASA context

ASA 5515 is setup in multiple context, node configured in nmis8 and opConfig - automatically show run command fails with following error:

Failed to connect: Warning: Permanently added 'asacontext1' (RSA) to the list of known hosts.

the warning and error repeats with every command sent to this device

as a result running config is not being saved.

same for cli command:

/usr/local/omk/bin/opconfig-cli.pl act=test_connect host=asacontext1 transport=ssh personality=asa username=admin password=******* command="show running-config"
opconfig-cli.pl Version 2.84.0

Copyright (C) 2015 Opmantek Limited (www.opmantek.com)
This program comes with ABSOLUTELY NO WARRANTY;
See www.opmantek.com or email contact@opmantek.com

opConfig 3.0.7 is licensed to Vecima Networks Inc for 20 Nodes Courtesy of Opmantek

"rror, connection test returned "Personality Error", error message "Warning: Permanently added 'asacontext1' (RSA) to the list of known hosts.

let me know what might be missing and where I need to focus next in fixing this issue.

Thx,

VK

    CommentAdd your comment...

    3 answers

    1.  
      1
      0
      -1

      Vlad,

      Can you post the following files:

       

      Also run a more verbose debug and post the resulting file:

       

      Thanks, Chris

        CommentAdd your comment...
      1.  
        1
        0
        -1

        Hi Mark, thanks for prompt response!

        here is what I get on opconfig-cli test_connect, same personality error. I verified the username/password in credential set to be a working set for this device and i can access asacontext1 device from this nmis host using these credentials.

         

        [nmis ~]$ /usr/local/omk/bin/opconfig-cli.pl  act=test_connect node=asacontext1 debug=1
        opconfig-cli.pl Version 2.84.0

        ...
        Attempting to connect with these node settings:
        {
          '_id' => 'asacontext1',
          'activated' => {
            'opConfig' => 1
          },
          'active' => 'true',
          'addresses' => [
            '104.36.12.157',
            '10.200.8.254',
            '10.220.36.105',
            '10.220.255.4'
          ],
          'authprotocol' => 'md5',
          'businessService' => 'Core Network',
          'calls' => 'false',
          'cbqos' => 'none',
          'collect' => 'true',
          'comments' => undef,
          'connection_info' => {
            'credential_set' => 'office ASA admin',
            'default_continuation' => '',
            'device_preset' => 'normal',
            'line_endings' => '',
            'personality' => 'asa',
            'privileged_paging' => 1,
            'transport' => 'SSH'
          },
          'context' => '',
          'customer' => 'Opmantek',
          'depend' => '',
          'display_name' => '',
          'group' => 'HeadOffice',
          'host' => 'asacontext1',
          'location' => 'Cloud',
          'max_msg_size' => 1472,
          'max_repetitions' => 0,
          'model' => 'CiscoASA',
          'name' => 'asacontext1',
          'netType' => 'wan',
          'node_context_name' => 'Node Context',
          'node_context_url' => 'https://somelink.com/map/thing/',
          'notes' => '',
          'os_info' => {
            'featureset' => '',
            'image' => '',
            'major' => '9.6',
            'os' => 'ASA',
            'platform' => '',
            'train' => '9.6',
            'version' => '9.6(2)'
          },
          'ping' => 'true',
          'polling_policy' => 'default',
          'port' => 161,
          'privprotocol' => 'des',
          'remote_connection_name' => 'SSH to Node',
          'remote_connection_url' => 'ssh://$host',
          'roleType' => 'core',
          'serviceStatus' => 'Development',
          'services' => '',
          'threshold' => 'true',
          'timezone' => 0,
          'uuid' => '526f3460-fd86-11e7-9354-ac4783de5f38',
          'version' => 'snmpv2c',
          'webserver' => 'false'
        }
        and this credential set:
        {
          'always_privileged' => '0',
          'description' => 'asa admin',
          'lastupdate' => 1516655517,
          'password' => '<present but not shown>',
          'password_privileged' => '<present but not shown>',
          'setname' => 'office ASA admin',
          'ssh_key' => '<NOT PRESENT>',
          'username' => 'admin'
        }
        [Thu Feb  1 13:14:10 2018] [info] applying device behaviour presets for "normal"
        [Thu Feb  1 13:14:11 2018] [warn] failed to execute command: Warning: Permanently added 'asacontext1' (RSA) to the list of known hosts.
        'Thu Feb  1 13:14:11 2018] [debug] get_session returned status 'Personality Error' and message 'Warning: Permanently added 'asacontext1' (RSA) to the list of known hosts.
        "rror, connection test returned "Personality Error", error message "Warning: Permanently added 'asacontext1' (RSA) to the list of known hosts.
        [nmis ~]$

         

        any pointers, I don't think I'm successfully connecting to this device to be able to run any commands ?

        Thx,

        VK

          CommentAdd your comment...
        1.  
          1
          0
          -1

          Hello Vlad,

          Please check this related Question & Answer for some information regarding Cisco ASA devices - Why will opconfig not run command sets on cisco asa

          Also, I would suggest you start from the command line of your opConfig server and attempt to SSH to the device in question and run the command(s) you want. Can you connect from the command line? Do the commands return the expected content?

          If that works you may need to expand support for this specific OS. Please see this excellently written article by Keith Sinclair and Chris Gatlin: Adding a new device to be supported by opConfig

           

           

            CommentAdd your comment...