++++++++++++++++++++++++++++++++++++ Basic Configuration ++++++++++++++++++++++++++++++++++++ ***************************************** Lab 4 - Configuring Routers using SSH ***************************************** from netmiko import ConnectHandler ABC = { 'device_type': 'cisco_ios', 'host': '172.25.1.1', 'username': 'khawar', 'password': 'cisco' } myssh = ConnectHandler(**ABC) config_commands = [ 'banner motd #Authorized KBITS.LIVE Users Only#', 'no ip domain-lookup', 'line con 0', ' logg sync' ] myssh.send_config_set(config_commands) output1 = myssh.send_command('sh runn | inc banner') output2 = myssh.send_command('show run | sec line') print(output1) print(50 * '-') print(output2) *************************************************** Lab 5 - Device Interface Configuration Collection *************************************************** from netmiko import ConnectHandler with open('Devices.txt') as devfile: for IP in devfile: ABC = { 'device_type': 'cisco_ios', 'ip': IP, 'username': 'khawar', 'password': 'cisco' } myssh = ConnectHandler(**ABC) print('Connecting to ' + IP + '-' * 79) output = myssh.send_command('sh ip int brief') print(output) print('-' * 79) myssh.disconnect() *************************************************** Lab 6 - Backing up a router *************************************************** from netmiko import ConnectHandler IP = input('Enter the IP Address of the Device: ') USER = input('Enter the Username: ') PASS = input('Enter the Password: ') ABC = { 'device_type': 'cisco_ios', 'ip': IP 'username': USER, 'password': PASS } myssh = ConnectHandler(**ABC) shhost = myssh.send_command('show run | i hostname') hostname=shhost.split() print("Backing up " + hostname[1]) backupfilename = hostname[1] + '-Backup.txt' shrun = myssh.send_command('show run') backupfile = open(backupfilename, "w") backupfile.write(shrun) backupfile.close() *************************************************** Lab 7 - Backing up a group of routers *************************************************** from netmiko import ConnectHandler USER = input('Enter the Username: ') PASS = input('Enter the Password: ') with open('devices.txt') as devfile: for IP in devfile: ABC = { 'device_type': 'cisco_ios', 'ip': IP, 'username': USER, 'password': PASS } myssh = ConnectHandler(**ABC) shhost = myssh.send_command('show run | i hostname') hostname=shhost.split() print("Backing up " + hostname[1]) backupfilename = hostname[1] + '-Backup.txt' shrun = myssh.send_command('show run') backupfile = open(backupfilename, "w") backupfile.write(shrun) backupfile.close() ******************************************************************************* Lab 8 - Configuring a group of routers from corresponding Configuration files ******************************************************************************* from netmiko import ConnectHandler with open('Devices.txt') as devfile: for IP in devfile: ABC = { 'device_type': 'cisco_ios', 'ip': IP, 'username': 'khawar', 'password': 'cisco' } myssh = ConnectHandler(**ABC) shhost = myssh.send_command('show run | i hostname') hostname=shhost.split() print("Configuring " + hostname[1]) Configfilename = hostname[1] + '.txt' myssh.send_config_from_file(Configfilename) print(hostname[1] + ' Configured') myssh.disconnect() ++++++++++++++++++++++++++++++++++++ Routing Protocol Configurations ++++++++++++++++++++++++++++++++++++ ******************************************************************************* Lab 9 - Configuring EIGRP on multiple Routers - Interactive ******************************************************************************* from netmiko import ConnectHandler router_num = input("How many routers would you like to configure: ") router_num = int(router_num) while router_num > 0: hostip = input('Router IP: ') USER = input('SSH Username: ') PASS = input('SSH Password: ') ABC= { 'device_type': 'cisco_ios', 'ip': hostip, 'username': USER, 'password': PASS } myssh = ConnectHandler(**ABC) shhost = myssh.send_command('show run | i hostname') hostname=shhost.split() print("Configuring " + hostname[1]) eigrpas = input('EIGRP AS #: ') routereigrp = 'router eigrp ' + eigrpas network_num = input('How many networks would you like to enable in EIGRP: ') network_num = int(network_num) while network_num > 0: network_i = input('Please specify the network to enable: ') network_e = 'network ' + network_i config_commands = [routereigrp, network_e] output = myssh.send_config_set(config_commands) print(output) network_num -=1 print('Router \"' + hostname[1] + '\" configured') print('-'*79) router_num -=1 ***************************************************************************************** Lab 10 - Configuring EIGRP on multiple Routers - Enabling on all IP enabled interfaces ***************************************************************************************** from netmiko import ConnectHandler router_num = input("How many routers would you like to configure: ") router_num = int(router_num) USER = input('SSH Username: ') PASS = input('SSH Password: ') while router_num > 0: hostip = input('Router IP: ') ABC = { 'device_type': 'cisco_ios', 'ip': hostip, 'username': USER, 'password': PASS} myssh = ConnectHandler(**ABC) eigrpas = input('EIGRP AS #: ') routereigrp = 'router eigrp ' + eigrpas shhost = myssh.send_command('show run | i hostname') hostname=shhost.split() print("Configuring " + hostname[1]) SIIB = myssh.send_command('show ip int brief') log_file = open('TEMP.txt', "w") log_file.write(SIIB) log_file.write("\n") log_file.close() file_a = open('TEMP.txt', "r") lines = file_a.readlines() file_a.close() del lines[0] int_file = open('TEMP.txt', "w+") for line in lines: int_file.write(line) int_file.close() with open('TEMP.txt') as FILE: for LINE in FILE: x=LINE.split() if (x[1] == 'IP-Address') or (x[1] == 'unassigned'): pass else: network_e = 'network ' + x[1] + ' 0.0.0.0' config_commands = [ routereigrp, network_e] output=myssh.send_config_set(config_commands) print(output) router_num -=1 print('Router "' + hostname[1] + '" configured') print('-' * 79) ***************************************************************************************** Lab 11 - Configuring OSPF on multiple Routers - Interactive ***************************************************************************************** from netmiko import ConnectHandler router_num = input("How many routers would you like to configure: ") router_num = int(router_num) USER = input('SSH Username: ') PASS = input('SSH Password: ') while router_num > 0: hostip = input('Router IP: ') ABC = { 'device_type': 'cisco_ios', 'ip': hostip, 'username': USER, 'password': PASS } myssh = ConnectHandler(**ABC) shhost = myssh.send_command('show run | i hostname') hostname=shhost.split() device = hostname[1] ospfprocid = input('OSPF Process ID #: ') ospfrouterid = input('Router-ID: ') routerospf = 'router ospf ' + ospfprocid router_id = 'router-id ' + ospfrouterid print('Interface Configuration') print(50 * '-') SIIB=myssh.send_command('sh ip int brief') print(SIIB) network_num = input('How many networks would you like to enable in OSPF: ') network_num = int(network_num) config_commands = [routerospf, router_id] output = myssh.send_config_set(config_commands) print(output) while network_num > 0: network_i = input('Please specify the network and mask to enable[10.1.0.0 0.0.255.255]: ') area_id = input('Enter the area to assign this network to: ') network_e = 'network ' + network_i + ' area ' + area_id config_commands = [routerospf, network_e] output = myssh.send_config_set(config_commands) print(output) network_num -=1 print('Router \"' + device + '\" configured') print('-'*79) router_num -=1 ++++++++++++++++++++++++++++++++++++ VPN Configurations ++++++++++++++++++++++++++++++++++++ ******************************************************************************* Lab 12 - Configuring L2L IPSec - Crypto Maps ******************************************************************************* from netmiko import ConnectHandler router_num = input("How many routers would you like to configure: ") router_num = int(router_num) while router_num > 0: HOST = input("Enter IP Address of Device to be Configured: ") user = input("Enter your SSH username: ") PASS = input("Enter your Password: ") ABC = { 'device_type': 'cisco_ios', 'host': HOST, 'username': user, 'password': PASS } MYSSH = ConnectHandler(**ABC) peer = input('Type the IP Address of remote peer:') print('\nPhase I Parameters\n') P1_hash = input('Specify the Phase I Hash - [MD5 | SHA]: ') P1_encryption = input('Specify the Phase I Encryption - [DES | 3DES] :') P1_group = input('Specify the Phase I DH Group: [1 | 2 | 5] : ') psk = input('Specify the Pre-shared-Key : ') print('\nPhase II Parameters\n') P2_hash = input('Specify the Phase II Hash - [MD5 | SHA]: ') P2_encryption = input('Specify the Phase II Encryption - [DES | 3DES] :') print('\nCrypto ACL Networks\n') s_network = input('Specify the source network: ') s_mask = input('Specify the source wildcard mask: ') d_network = input('Specify the Destination network: ') d_mask = input('Specify the Destination wildcard mask: ') print('\nInterface\n') int_o = input('Specify the outgoing interface: ') config_file = open('ipsec.txt', "w") config_file.write('crypto isakmp policy 10\n') config_file.write(' authentication pre-share\n ') config_file.write(' hash ' + P1_hash) config_file.write("\n") config_file.write(' encryption ' + P1_encryption) config_file.write("\n") config_file.write(' group ' + P1_group) config_file.write("\n") config_file.write('!\ncrypto isakmp key ' + psk + ' address ' + peer + '\n') config_file.write('!\ncrypto ipsec transform-set TSET esp-' + P2_hash + '-hmac esp-' +P2_encryption + '\n') config_file.write('!\nip access-list extended CRYPTO-ACL\n') config_file.write(' permit ip ' + s_network + ' ' + s_mask + ' ' + d_network + ' ' + d_mask + '\n') config_file.write('!\ncrypto map C_MAP 10 ipsec-isakmp\n') config_file.write(' set peer ' + peer + '\n') config_file.write(' set transform-set TSET\n') config_file.write(' match address CRYPTO-ACL\n') config_file.write('!\nInterface ' + int_o + '\n') config_file.write(' crypto map C_MAP\n') config_file.close() cmdfile = 'ipsec.txt' output=MYSSH.send_config_from_file(cmdfile) print(output) print('IPSec Configured') MYSSH.disconnect() router_num -=1 ******************************************************************************* Lab 13 - Configuring S-VTI VPN IPsec ******************************************************************************* from netmiko import ConnectHandler router_num = input("How many routers would you like to configure: ") router_num = int(router_num) while router_num > 0: HOST = input("Enter IP Address of Device to be Configured: ") USER = input("Enter your SSH username: ") PASS = input("Enter your Password: ") ABC = { 'device_type': 'cisco_ios', 'host': HOST, 'username': USER, 'password': PASS } z=0 inter_t = 'Tunnel' MYSSH = ConnectHandler(**ABC) SIIB = MYSSH.send_command('show ip int brief') log_file = open('TEMP.txt', "w") log_file.write(SIIB) log_file.write("\n") log_file.close() with open('TEMP.txt') as Tunnelfile: for line in Tunnelfile: if inter_t in line: x = line.split() y = x[0] z = y[6:] z = int(z) z += 1 int_t = str(z) peer = input('Type the IP Address of remote peer:') print('\nPhase I Parameters\n') P1_hash = input('Specify the Phase I Hash - [MD5 | SHA]: ') P1_encryption = input('Specify the Phase I Encryption - [DES | 3DES] :') P1_group = input('Specify the Phase I DH Group: [1 | 2 | 5] : ') psk = input('Specify the Pre-shared-Key : ') print('\nPhase II Parameters\n') P2_hash = input('Specify the Phase II Hash - [MD5 | SHA]: ') P2_encryption = input('Specify the Phase II Encryption - [DES | 3DES] :') print('\nTunnel Information\n') int_o = input('Specify the Source Interface: ') t_network = input('Specify the Tunnel IP Address: ') print('\nRouting Information\n') eigrp_as = input('Specify EIGRP AS: ') s_network = input('Specify the Network to Advertise: ') config_file = open('svti.txt', "w") config_file.write('crypto isakmp policy 10') config_file.write("\n") config_file.write(' authentication pre-share ') config_file.write("\n") config_file.write(' hash ' + P1_hash) config_file.write("\n") config_file.write(' encryption ' + P1_encryption) config_file.write("\n") config_file.write(' group ' + P1_group) config_file.write("\n") config_file.write('!\ncrypto isakmp key ' + psk + ' address ' + peer + '\n') config_file.write('!\ncrypto ipsec transform-set TSET esp-' + P2_hash + '-hmac esp-' +P2_encryption + '\n') config_file.write('!\ncrypto ipsec profile IPROF\n') config_file.write(' set transform-set TSET\n') config_file.write('!\nInterface Tunnel ' + int_t + '\n') config_file.write(' Tunnel destination ' + peer + '\n') config_file.write(' Tunnel Source ' + int_o + '\n') config_file.write(' ip address ' + t_network + ' 255.255.255.0\n') config_file.write(' Tunnel mode ipsec ipv4\n') config_file.write(' Tunnel protection ipsec profile IPROF\n') config_file.write('!\nrouter eigrp ' + eigrp_as + '\n') config_file.write(' network ' + s_network + '\n') config_file.write(' network ' + t_network + ' 0.0.0.0\n') config_file.close() cmdfile = 'svti.txt' output=MYSSH.send_config_from_file(cmdfile) print(output) print('IPSec Configured') MYSSH.disconnect() router_num -=1 ******************************************************************************* Lab 14 - Configuring DMVPN - Phase III ******************************************************************************* from netmiko import ConnectHandler router_num = input("How many routers would you like to configure: ") router_num = int(router_num) USER = input("Enter your SSH username: ") PASS = input("Enter your Password: ") print('\nIKE Phase I Parameters\n') P1_hash = input('Specify the Phase I Hash- [MD5 | SHA1]: ') P1_encryption = input('Specify the Phase I Encryption - [DES | 3DES] :') P1_group = input('Specify the Phase I DH Group: [1 | 2 | 5] : ') psk = input('Specify the Pre-shared-Key : ') print('\nPhase II Parameters\n') P2_hash = input('Specify the Phase II Hash - [MD5 | SHA]: ') P2_encryption = input('Specify the Phase II Encryption - [DES | 3DES:]') while router_num > 0: HOST = input("Enter the IP Address of Device to be Configured: ") ABC = { 'device_type': 'cisco_ios', 'host': HOST, 'username': USER, 'password': PASS } z=0 inter_t = 'Tunnel' MYSSH = ConnectHandler(**ABC) SIIB = MYSSH.send_command('show ip int brief') log_file = open('TEMP.txt', "w") log_file.write(SIIB) log_file.write("\n") log_file.close() with open('TEMP.txt') as Tunnelfile: for line in Tunnelfile: if inter_t in line: x = line.split() y = x[0] z= y[6:] z = int(z) z += 1 int_t = str(z) hub = input('Is the device a NHS [Y/N]: ') print('\nTunnel Information\n') int_o = input('Specify the Source Interface: ') t_network = input('Specify the Tunnel IP Address: ') print('\nRouting Information\n') eigrp_as = input('Specify EIGRP AS: ') s_network = input('Specify the Network to Advertise: ') config_file = open('dmvpn.txt', "w") config_file.write('crypto isakmp policy 5') config_file.write("\n") config_file.write(' hash ' + P1_hash) config_file.write("\n") config_file.write(' encryption ' + P1_encryption) config_file.write("\n") config_file.write(' group ' + P1_group) config_file.write("\n") config_file.write(' authentication pre-share\n') config_file.write('!\ncrypto isakmp key ' + psk + ' address 0.0.0.0\n') config_file.write('!\ncrypto ipsec transform-set TSET esp-' + P2_hash + '-hmac esp-' + P2_encryption + '\n') config_file.write('!\ncrypto ipsec profile IPROF\n') config_file.write(' set transform-set TSET\n') config_file.write('!\nInterface Tunnel ' + int_t + '\n') config_file.write(' ip address ' + t_network + ' 255.255.255.0\n') config_file.write(' Tunnel source ' + int_o + '\n') config_file.write(' Tunnel mode gre multipoint\n') config_file.write(' ip nhrp network-id ' + eigrp_as + '\n') if hub.lower() =='y': config_file.write(' ip nhrp map multicast dynamic\n') config_file.write(' ip nhrp redirect\n') config_file.write(' no ip split-horizon eigrp ' + eigrp_as + '\n') config_file.write(' Tunnel protection ipsec profile IPROF\n') else: nhs_priv = input('Please enter the Tunnel IP of the NHS: ') nhs_pub = input('Please enter the Public IP of the NHS: ') config_file.write(' ip nhrp nhs ' + nhs_priv + '\n') config_file.write(' ip nhrp map ' + nhs_priv + ' ' + nhs_pub + '\n') config_file.write(' ip nhrp map multicast ' + nhs_pub + '\n') config_file.write(' ip nhrp shortcut\n') config_file.write(' Tunnel protection ipsec profile IPROF\n') config_file.write('!\nrouter eigrp ' + eigrp_as + '\n') config_file.write(' network ' + s_network + '\n') config_file.write(' network ' + t_network + ' 0.0.0.0\n') config_file.close() cmdfile = 'dmvpn.txt' output=MYSSH.send_config_from_file(cmdfile) print(output) print('IPSec Configured') MYSSH.disconnect() router_num -=1