home *** CD-ROM | disk | FTP | other *** search
/ chilidog.highland.cc.ks.us / chilidog.highland.cc.ks.us.zip / chilidog.highland.cc.ks.us / backup / bradford.20110711.bsc-campusMgr-master_loader-telnetMibs.tar.gz / bradford.20110711.bsc-campusMgr-master_loader-telnetMibs.tar / bsc / campusMgr / master_loader / telnetMibs / ciscoASA.mib < prev    next >
Text File  |  2011-03-16  |  6KB  |  178 lines
  1. //Cisco Adaptive Security Appliance Software Version 7.1(2)
  2. //Device Manager Version 5.1(2)
  3. TELNET_PARAMETERS=
  4. {
  5.         WAITFOR=PARAM.USER_PROMPT
  6.         WRITE=PARAM.USER
  7.         WAITFOR=Password:
  8.         WRITE=PARAM.PASSWORD
  9.         WAITFOR=PARAM.ENABLE_WAITFOR_1
  10.         WRITE=PARAM.ENABLE_WRITE
  11.         WAITFOR=PARAM.ENABLE_WAITFOR_2
  12.         WRITE=PARAM.ENABLE
  13.         WAITFOR=#
  14.         WRITE=terminal pager 0
  15.         WAITFOR=#
  16. }
  17. TELNET_CONTROL_WORDS=
  18. {
  19.         WAITFOR=Continue
  20.         WRITE=SPACE
  21.         WAITFOR=More
  22.         WRITE=SPACE
  23. }
  24. TELNET_CONTROL_CHARS_ALLOWED=
  25. {
  26.         ALLOW_CONTROL=10
  27.         ALLOW_CONTROL=13
  28. }
  29.  
  30. // Command used to retrieve the list of configured connection profiles
  31. / (formerly "tunnel groups") on the ASA:
  32. //
  33. // ASA5510# show running-config all tunnel-group | grep general-attributes
  34. // tunnel-group DefaultL2LGroup general-attributes
  35. // tunnel-group DefaultRAGroup general-attributes
  36. // tunnel-group DefaultWEBVPNGroup general-attributes
  37. // tunnel-group BNVPN general-attributes
  38. // tunnel-group VANGUNDY general-attributes
  39. // tunnel-group internalwirelesstg general-attributes
  40. // tunnel-group InternalTest general-attributes
  41.  
  42. ATTRIBUTE_NAME=GroupSummary
  43. {
  44.         GROUP=GroupSummary
  45.         ATTRIBUTE=GroupSummary
  46.         WRITE= show running-config all tunnel-group | grep general-attributes
  47.         RETVAL=#
  48. }
  49.  
  50. // Command used to retrieve the list of configured group policies
  51. /  on the ASA:
  52. //
  53. // ASA5510# show running-config all group-policy | grep internal
  54. // group-policy DfltGrpPolicy internal
  55. // group-policy webvpnpolicy internal
  56. // group-policy internalwirelesstg internal
  57. // group-policy internalwirelesstg attributes
  58. // group-policy VANGUNDY internal
  59. // group-policy BNVPN internal
  60. // group-policy cm-test-policy internal
  61.  
  62.  
  63. // FooASA5550# show running-config  group-policy | grep internal
  64. // group-policy RemoteFooAdmin internal
  65. // group-policy RemoteFooAcad internal
  66. // group-policy RemoteFooStudent internal
  67. // group-policy RemoteFooIT internal
  68.  
  69. ATTRIBUTE_NAME=PolicySummary
  70. {
  71.         GROUP=PolicySummary
  72.         ATTRIBUTE=PolicySummary
  73.         WRITE= show running-config group-policy | grep internal
  74.         RETVAL=#
  75. }
  76.  
  77.  
  78. // Command used to retrieve the list of connected IpSec VPN users
  79. //
  80. // ASA5510# show vpn-sessiondb detail full remote | grep Session ID
  81. // Session ID: 12 | EasyVPN: 0 | Username: moe | Group: internalwirelesstg | Tunnel Group: internalwirelesstg | IP Addr: 172.16.201.10 | Public IP: 172.16.200.3 | Protocol: IKE IPsec | Session Subtype: None | Encryption: 3DES AES128 | Login Time: 08:36:20 EST Thu Dec 6 2007 | Duration: 0h:22m:04s | Bytes Tx: 0 | Bytes Rx: 6786 | NAC Result: Unknown | Posture Token:  | VLAN Mapping: N/A | VLAN:  0 ||
  82. //
  83. ATTRIBUTE_NAME=UserTableIpSec
  84. {
  85.         GROUP=UserTableIpSec
  86.         ATTRIBUTE=UserTableIpSec
  87.         WRITE=show vpn-sessiondb detail full remote | grep Session ID
  88.         RETVAL=#
  89. }
  90.  
  91. // Command used to retrieve the list of connected SSL VPN users
  92. //
  93. // ASA5510# show vpn-sessiondb detail full svc | grep Session ID
  94. // Session ID: 57 | EasyVPN: 0 | Username: moe | Group: internalwirelesstg | Tunnel Group: CampusManager | IP Addr: 172.16.201.10 | Public IP: 172.16.200.3 | Protocol: Clientless SSL-Tunnel DTLS-Tunnel | License: SSL VPN | Session Subtype: With client | Encryption: RC4 AES128 | Login Time: 08:00:26 UTC Mon Feb 25 2008 | Duration: 0h:04m:57s | Bytes Tx: 2569032 | Bytes Rx: 1408973 NAC Result: Unknown | Posture Token:  | VLAN Mapping: N/A | VLAN:  0 ||
  95. //
  96. ATTRIBUTE_NAME=UserTableSSL
  97. {
  98.         GROUP=UserTableSSL
  99.         ATTRIBUTE=UserTableSSL
  100.         WRITE=show vpn-sessiondb detail full svc | grep Session ID
  101.         RETVAL=#
  102. }
  103.  
  104. // Command to retrieve IP to MAC mapping when device is used as Firewall.
  105. //
  106. // ASA5510# show arp
  107. //        GREEN 192.168.15.1 0009.4378.91ff
  108. //        RED 216.153.209.1 0020.d227.11fc
  109. //        LINKSYS 172.16.200.3 001c.109e.4b8c
  110.  
  111. ATTRIBUTE_NAME=ShowArp
  112. {
  113.         GROUP=ShowArp
  114.         ATTRIBUTE=ShowArp
  115.         WRITE=show arp
  116.         RETVAL=#
  117. }
  118.  
  119. // {0} is the index number of the session to clear
  120. //
  121. ATTRIBUTE_NAME=ClearUser
  122. {
  123.         GROUP=ClearUser
  124.         ATTRIBUTE=ClearUser
  125.         SET=vpn-sessiondb logoff ipaddress {0} noconfirm
  126.         WAITFOR=#
  127. }
  128.  
  129. // {0} is the index number of the session to clear
  130. //
  131. ATTRIBUTE_NAME=ClearUser_SSL
  132. {
  133.         GROUP=ClearUser_SSL
  134.         ATTRIBUTE=ClearUser_SSL
  135.         SET=vpn-sessiondb logoff ipaddress {0} noconfirm
  136.         WAITFOR=#
  137. }
  138.  
  139. // {0} - the remote user's tunnel IP on which the ACL restriction is to be
  140. //       removed.
  141. // {1} - the network group object from which the IP is removed so that 
  142. //       it is no longer restricted by the ACL lines that only apply to the IPs
  143. //       in network object group.       
  144. ATTRIBUTE_NAME=ClearACL
  145. {
  146.         GROUP=ClearACL
  147.         ATTRIBUTE=ClearACL
  148.         WRITE=config t
  149.         WAITFOR=#
  150.         SET=object-group network {1}
  151.         WAITFOR=#
  152.         SET=no network-object host {0}
  153.         WAITFOR=#
  154. }
  155.  
  156. // {0} - the tunnel IP to be "restricted" again.
  157. // {1} - the network group object to which the tunnel IP should be added back
  158. //       so it will be a "restricted" IP when reassigned to a newly connecting
  159. //       client.
  160. ATTRIBUTE_NAME=RestrictIP
  161. {
  162.         GROUP=RestrictIP
  163.         ATTRIBUTE=RstrictIP
  164.         WRITE=config t
  165.         WAITFOR=#
  166.         SET=object-group network {1}
  167.         WAITFOR=#
  168.         SET=network-object host {0}
  169.         WAITFOR=#
  170. }
  171.  
  172. ATTRIBUTE_NAME=Logout
  173. {
  174.         GROUP=Logout
  175.         ATTRIBUTE=Logout
  176.         WRITE=exit
  177. }
  178.