pool showen

and make commands ready for latest ios version(csr1000 ready)

.gitignore

@@ -0,0 +1 @@
+.idea/

Opdrachten/Week 1/Base config generator/run.py

@@ -0,0 +1,104 @@
+RSA_BITSIZE = 2048
+MANAGEMENT_INTERFACE = 'GigabitEthernet 2'
+
+
+def generate_config(s):
+    """
+    De volgende waarden moeten in een tuple meegegeven worden.
+    HOSTNAME DOMAIN SSH_USERNAME SSH_PASSWORD ENABLE_PASSWORD MANAGEMENT_IP MANAGEMENT_MASK
+    """
+    config = 'enable\n' \
+             'configure terminal\n' \
+             f"hostname {s['HOSTNAME']}\n" \
+             f"ip domain name {s['DOMAIN']}\n" \
+             f"crypto key generate rsa modulus {RSA_BITSIZE}\n" \
+             f"username {s['SSH_USERNAME']} privilege 15 password {s['SSH_PASSWORD']}\n" \
+             f"enable secret {s['ENABLE_PASSWORD']}\n" \
+             'service password-encryption\n' \
+             'ip ssh version 2\n' \
+             f"interface {MANAGEMENT_INTERFACE}\n" \
+             f"ip address {s['MANAGEMENT_IP']} {s['MANAGEMENT_MASK']}\n" \
+             f"ipv6 address {s['MANAGEMENT_IPv6']}\n" \
+             'no shutdown\n' \
+             'exit\n' \
+             'line console 0\n' \
+             'login local' \ 
+             'line vty 0 15\n' \
+             'transport input ssh\n' \
+             'login local\n' \
+             'end\n' \
+             'exit\n'
+    return config
+
+
+def ask_options():
+    opt = dict()
+
+    opt['HOSTNAME'] = input('Hostname: ')
+    while not opt['HOSTNAME']:
+        print('Hostname required!')
+        opt['HOSTNAME'] = input('Hostname: ')
+
+    opt['DOMAIN'] = input('Domain(hu.lan): ')
+    if not opt['DOMAIN']:
+        opt['DOMAIN'] = 'hu.lan'
+
+    opt['SSH_USERNAME'] = input('SSH Username(cisco): ')
+    if not opt['SSH_USERNAME']:
+        opt['SSH_USERNAME'] = 'cisco'
+
+    opt['SSH_PASSWORD'] = input('SSH Password(cisco): ')
+    if not opt['SSH_PASSWORD']:
+        opt['SSH_PASSWORD'] = 'cisco'
+
+    opt['ENABLE_PASSWORD'] = input('Enable Password(class): ')
+    if not opt['ENABLE_PASSWORD']:
+        opt['ENABLE_PASSWORD'] = 'class'
+
+    opt['MANAGEMENT_IP'] = input('Management IP: ')
+    while not opt['MANAGEMENT_IP']:
+        print('Address required!')
+        opt['MANAGEMENT_IP'] = input('Management IP: ')
+
+    opt['MANAGEMENT_MASK'] = input('Management Mask(255.255.255.0): ')
+    if not opt['MANAGEMENT_MASK']:
+        opt['MANAGEMENT_MASK'] = '255.255.255.0'
+        
+    opt['MANAGEMENT_IPv6'] = input('Management IPv6/netmask: ')
+    while not opt['MANAGEMENT_IPv6']:
+        print('Address required!')
+        opt['MANAGEMENT_IPv6'] = input('Management IPv6: ')
+
+    return opt
+
+
+def menu():
+    print(
+        f"{'_' * 64}\n"
+        'Static variabelen(pas script aan):\n'
+        f'    SSH RSA key bitsize: {RSA_BITSIZE}\n'
+        f'    Management interface: {MANAGEMENT_INTERFACE}\n'
+        f"{'_' * 64}\n"
+        f'q: quit\n'
+        f'g: generate config\n'
+        f"{'_' * 64}"
+    )
+
+    chosen = input('option: ')
+
+    if chosen == 'q':
+        exit()
+    elif chosen == 'g':
+        print(f"{'_' * 64}\n")
+        options  = ask_options()
+        config = generate_config(options)
+        print(f"copy paste the config below to the router, this config wil be saved to: {options['HOSTNAME']}.conf")
+        print(f"{'_' * 64}\n")
+        print(config)
+        print(f"{'_' * 64}\n")
+        with open(f"{options['HOSTNAME']}.conf", 'w') as file:
+            file.writelines(config)
+
+
+if __name__ == '__main__':
+    menu()

eindopdracht/virtuele omgeving/ansible setup/README.md

@@ -0,0 +1,27 @@
+# Ansible setup
+![topologie](.assets/topo.png)
+
+Inprincipe moet je alleen maar de setup.sh script te runnen(of de commando er in) om de gehele omgeving automatisch op te zetten.
+Mits alles juist is aangesloten / ssh is geconfigureerd.
+
+ISP LOOPBACK	100.2.2.0/24
+
+ISP - Edgerouter Link	172.24.2.0/24
+
+Edgerouter - R3 link	192.168.5.0/24
+
+R3 loopback	192.168.9.0/24
+
+Edgerouter loopback	192.168.8.0/24
+
+ansible network	10.5.5.0/24
+
+Edge AS: 65001
+
+ISP AS: 65000
+
+OSPF ID/Area: 1/0
+
+
+## opzetten
+Als je setup.sh of de commando die er in staat uitvoert zou je inprincipe de omgeving volledig werkend moeten hebben. Mits ssh al voor geconfigureerd is.

eindopdracht/virtuele omgeving/ansible setup/acl.yml

@@ -0,0 +1,21 @@
+# berat
+---
+- name: ACL Config
+  hosts: R3
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: extended ACL om telnet te blokkeren
+     ios_config:
+       lines:
+         - deny   tcp host 192.168.9.1 host 192.168.8.1 eq telnet
+         - permit ip any any
+       parents: ip access-list extended 110
+       match: exact
+
+   - name: ACL op interface
+     ios_config:
+       lines:
+         - ip access-group 110 in
+       parents: interface Loopback0

eindopdracht/virtuele omgeving/ansible setup/ansible.cfg

@@ -0,0 +1,3 @@
+[defaults]
+inventory = ./inventory.cfg
+host_key_checking = False

eindopdracht/virtuele omgeving/ansible setup/backup.yml

@@ -0,0 +1,21 @@
+# gescreven door taha
+---
+- hosts: routers
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: Maak lokaal backup directory aan
+     local_action:
+       module: file
+       path: backup
+       state: directory
+   - name: Running config opvragen 
+     ios_command:
+       commands:
+         - show run   
+     register: config
+   - name: Config uitschrijven
+     copy: 
+       content: "{{ config.stdout[0] }}"
+       dest: "./backup/{{ inventory_hostname }}_{{ '%Y-%m-%d' | strftime }}T{{ '%H:%M:%S' | strftime }}.txt"

eindopdracht/virtuele omgeving/ansible setup/backup/.gitkeep

@@ -0,0 +1 @@
+dit folder moet bestaan om de configuratie backups op te slaan

eindopdracht/virtuele omgeving/ansible setup/basis.yml

@@ -0,0 +1,99 @@
+# Door Taha aanpassingen ivo
+---
+- name: basis services / passwords
+  hosts: routers
+  gather_facts: false
+  connection: network_cli
+  tasks:
+   - name: service password encryption
+     ios_config:
+       lines:
+         - service password-encryption
+         - netconf-yang
+
+- name: Interfaces ISP
+  hosts: ISP
+  gather_facts: false
+  connection: network_cli
+  tasks:
+   - name: ISP Interface L1
+     ios_interfaces:
+       config:
+       - name: GigabitEthernet 1
+         enabled: true
+       - name: GigabitEthernet 3
+         enabled: true
+       - name: Loopback0
+         enabled: true
+   - name: ISP Interface L3
+     ios_l3_interfaces:
+       config:
+       - name: GigabitEthernet 1
+         ipv4:
+         - address: 172.24.2.1/24
+       - name: GigabitEthernet 3
+         ipv4:
+         - address: 10.5.5.2/24
+       - name: Loopback0
+         ipv4:
+         - address: 100.2.2.1/24
+   
+- name: Interfaces EdgeRouter
+  hosts: EdgeRouter
+  gather_facts: false
+  connection: network_cli
+  tasks:
+   - name: Edgerouter Interface L1
+     ios_interfaces:
+       config:
+       - name: GigabitEthernet 1
+         enabled: true
+       - name: GigabitEthernet 2
+         enabled: true
+       - name: GigabitEthernet 3
+         enabled: true
+       - name: Loopback0
+         enabled: true
+   - name: Edgerouter Interface L3
+     ios_l3_interfaces:
+       config:
+       - name: GigabitEthernet 1
+         ipv4:
+         - address: 172.24.2.2/24
+       - name: GigabitEthernet 2
+         ipv4:
+         - address: 192.168.5.1/24
+       - name: GigabitEthernet 3
+         ipv4:
+         - address: 10.5.5.3/24
+       - name: Loopback0
+         ipv4:
+         - address: 192.168.8.1/24
+
+- name: Interfaces R3
+  hosts: R3
+  gather_facts: false
+  connection: network_cli
+  tasks:
+   - name: R3 Interface L1
+     ios_interfaces:
+       config:
+       - name: GigabitEthernet 2
+         enabled: true
+       - name: GigabitEthernet 3
+         enabled: true
+       - name: Loopback0
+         enabled: true
+   - name: R3 Interface L3
+     ios_l3_interfaces:
+       config:
+       - name: GigabitEthernet 2
+         ipv4:
+         - address: 192.168.5.2/24
+       - name: GigabitEthernet 3
+         ipv4:
+         - address: 10.5.5.4/24
+       - name: Loopback0
+         ipv4:
+         - address: 192.168.9.1/24
+         

eindopdracht/virtuele omgeving/ansible setup/bgp.yml

@@ -0,0 +1,25 @@
+# Geschreven door Taha
+---
+- hosts: ISP
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: Setup BGP 65000(ISP)
+     ios_config:
+       parents: router bgp 65000
+       lines:
+         - neighbor 172.24.2.2 remote-as 65001
+         - network 100.2.2.0 mask 255.255.255.0
+
+- hosts: EdgeRouter
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: Setup BGP 65001(EdgeRouter)
+     ios_config:
+       parents: router bgp 65001
+       lines:
+         - neighbor 172.24.2.1 remote-as 65000
+         - redistribute ospf 1

eindopdracht/virtuele omgeving/ansible setup/dhcp.yml

@@ -0,0 +1,16 @@
+# gescreven door Ivo gecorrigeerd door taha
+---
+
+- name: Configureren van DHCP
+  hosts: EdgeRouter
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+    - name: Configureren van gigabit interface
+      ios_config:
+        parents: ip dhcp pool SDN_POOL
+        lines:
+          - network 192.168.8.0 255.255.255.0
+          - default-router  192.168.8.1
+          - dns-server 1.1.1.1

eindopdracht/virtuele omgeving/ansible setup/gre.yml

@@ -0,0 +1,27 @@
+#ansible-playbook gretunnel.yml -u cisco -k  
+#Gemaakt door Robbin van Dijk
+---
+- name: Configure GRE Tunnel between ISP and R3
+  hosts: ISP, R3
+  gather_facts: no
+
+  tasks:
+
+  - name: R3 GRE tunnel naar ISP doormiddel van int 2
+    ios_config:
+      parents: interface tunnel 0
+      lines:
+       - 'ip address 10.0.0.1 255.255.255.0'
+       - 'tunnel source GigabitEthernet2'
+       - 'tunnel destination 172.24.2.1'
+    when: '"R3" in inventory_hostname'
+
+  - name: ISP GRE tunnel naar R3 doormiddel van int 2
+    ios_config:
+      parents: interface tunnel 0
+      lines:
+       - 'ip address 10.0.0.2 255.255.255.0'
+       - 'tunnel source GigabitEthernet2'
+       - 'tunnel destination 192.168.5.2'
+    when: '"ISP" in inventory_hostname'
+

eindopdracht/virtuele omgeving/ansible setup/inventory.cfg

@@ -0,0 +1,16 @@
+[routers:vars]
+ansible_network_os=ios
+ansible_python_interpreter=/usr/bin/python3
+username=cisco
+password=cisco
+auth_pass=cisco
+ansible_become=yes
+ansible_become_method=enable
+ansible_become_password=class
+ansible_connection=network_cli
+
+
+[routers]
+ISP ansible_host=10.5.5.2
+EdgeRouter ansible_host=10.5.5.3
+R3 ansible_host=10.5.5.4

eindopdracht/virtuele omgeving/ansible setup/ipsla.yml

@@ -0,0 +1,39 @@
+# Diederik Roovers
+
+---
+- hosts: ISP
+  gather_facts: no
+  connection: network_cli
+
+  tasks:
+   - name: IP SLA 1 rules (ISP)
+     ios_config:
+      parents: ip sla 1
+      lines:
+        - icmp-echo 172.24.2.2 source-ip 172.24.2.1
+        - frequency 5
+      before: no ip sla schedule 1
+   - name: IP SLA 1 schedule (ISP)
+     ios_config:
+      lines:
+        - ip sla schedule 1 life forever start-time now
+
+- hosts: EdgeRouter
+  gather_facts: no
+  connection: network_cli
+
+  tasks:
+   - name: IP SLA rules (EdgeRouter)
+     ios_config:
+      parents: ip sla 1
+      lines:
+        - icmp-echo 172.24.2.1 source-ip 172.24.2.2
+        - frequency 5
+      before: no ip sla schedule 1
+   - name: IP SLA schedule (ISP)
+     ios_config:
+      lines:
+        - ip sla schedule 1 life forever start-time now
+
+
+#ansible-playbook ipsla.yml -u cisco -k

eindopdracht/virtuele omgeving/ansible setup/nat.yml

@@ -0,0 +1,13 @@
+# berat
+---
+- name: NAT config
+  hosts: R3
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: NAT outside global
+     ios_config:
+       lines:
+         - ip nat outside source static 192.168.5.2 192.168.9.1
+       parents: interface GigabitEthernet 2

eindopdracht/virtuele omgeving/ansible setup/ospf.yml

@@ -0,0 +1,30 @@
+#Gemaakt door Ruben Blom 1788844.
+---
+- name: OSPF configuratie EdgeRouter
+  hosts: EdgeRouter
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: OSPF inschakelen EdgeRouter
+     ios_config:
+       parents: router ospf 1
+       lines:
+         - router-id 2.2.2.2
+         - redistribute bgp 65001 subnets
+         - network 192.168.5.0 0.0.0.255 area 0
+         - network 192.168.8.0 0.0.0.255 area 0
+
+
+- name: OSPF configuratie R3
+  hosts: R3
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: OSPF inschakelen R3
+     ios_config:
+       parents: router ospf 1
+       lines:
+         - router-id 3.3.3.3
+         - network 192.168.5.0 0.0.0.255 area 0

eindopdracht/virtuele omgeving/ansible setup/save.yml

@@ -0,0 +1,14 @@
+# Geschreven door Taha
+---
+- hosts: routers
+  gather_facts: false
+  connection: network_cli
+
+  tasks:
+   - name: copy running-config startup-config
+     ios_command:
+       commands:
+       - command: 'copy running-config startup-config'
+         prompt: 'Destination filename [startup\-config]?'
+         answer: "\r"
+

eindopdracht/virtuele omgeving/ansible setup/setup.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+# als alle playbooks in de zelfde folder als deze script zit
+# en als alles juist is aangesloten/ssh is ingesteld moet dit
+# de omgeving automatisch volledig configureren. -taha
+ansible-playbook -u cisco -k backup.yml basis.yml bgp.yml ospf.yml gre.yml dhcp.yml nat.yml acl.yml ipsla.yml save.yml backup.yml

eindopdracht/virtuele omgeving/basisconf.py

@@ -0,0 +1,218 @@
+# ruben
+import paramiko
+import time
+
+# Verbinden via SSH
+
+host = input("Wat is het ip of de hostname van uw cisco router? ")
+gebruikersnaam = "cisco"
+wachtwoord = "cisco"
+
+ssh_client = paramiko.SSHClient()
+ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+ssh_client.connect(hostname=host, username=gebruikersnaam, password=wachtwoord)
+
+print("\nSSH verbinding met " + host + " tot stand gebracht.")
+print("Configureer het apparaat door onderstaande wizard te doorlopen.\n")
+
+ssh = ssh_client.invoke_shell()
+
+# Hostnaam en stiekem no ip domain lookup
+
+hostnaam = input("Welke hostname moet het apparaat krijgen? ")
+
+ssh.send("enable\n")
+ssh.send("class\n")
+ssh.send("config terminal\n")
+ssh.send("no ip domain lookup\n")
+ssh.send("hostname " + hostnaam + "\n")
+ssh.send("end\n")
+
+# Enable wachtwoord
+
+enable_wachtwoord = "class"
+
+ssh.send("config terminal\n")
+ssh.send("enable secret " + enable_wachtwoord + "\n")
+ssh.send("end\n")
+
+# Console wachtwoord
+
+console_wachtwoord = "cisco"
+
+ssh.send("config terminal\n")
+ssh.send("line console 0\n")
+ssh.send("password " + console_wachtwoord + "\n")
+ssh.send("end\n")
+
+# VTY wachtwoord
+
+vty_wachtwoord = "cisco"
+
+ssh.send("config terminal\n")
+ssh.send("line vty 0 15\n")
+ssh.send("password " + vty_wachtwoord + "\n")
+ssh.send("transport input ssh\n")
+ssh.send("end\n")
+
+# Gebruikers maken
+
+gebruiker = "cisco"
+wachtwoord = "cisco"
+
+ssh.send("config terminal\n")
+ssh.send("username " + gebruiker + " privilege " + "15" + " password 0 " + wachtwoord + "\n")
+ssh.send("end\n")
+
+# Wachtwoord encryptie
+
+wachtwoord_encryptie = input("Wil je wachtwoord encryptie instellen? [Ja/Nee] ")
+
+if wachtwoord_encryptie != "Ja":
+        print("\nDe wachtwoorden zijn niet encrypted!")
+
+else:
+    ssh.send("config terminal\n")
+    ssh.send("service password-encryption\n")
+    ssh.send("end\n")
+    print("\nDe wachtwoorden zijn encrypted!")
+
+# Banner MOTD
+
+banner_motd = input("Welke banner MOTD moet het apparaat krijgen? ")
+
+ssh.send("config terminal\n")
+ssh.send("banner motd %" + "\n")
+ssh.send(banner_motd + "%" + "\n")
+ssh.send("end\n")
+
+
+# Interface gigabitethernet1 configuratie
+
+print("\n[INTERFACE GIG 1 CONFIGURATIE]\n")
+config_intgig1 = input("Wilt u interface gigabitethernet 1 configureren? [Ja/Nee] ")
+
+if config_intgig1 != "Ja":
+    pass
+else:
+    interface_ip = input("Welk IP adres moet " + "int gig 1" + " krijgen? ")
+    interface_subnetmask = input("Welk subnetmasker moet " + "int gig 1" + " krijgen? ")
+    interface_beschrijving = input("Welke beschrijving moet " + "int gig 1" + " krijgen? ")
+
+    ssh.send("config terminal\n")
+    ssh.send("interface " + "gig 1" + "\n")
+    ssh.send("ip address " + interface_ip + " " + interface_subnetmask + "\n")
+    ssh.send("description " + interface_beschrijving + "\n")
+    ssh.send("no shutdown\n")
+    ssh.send("end\n")
+    time.sleep(2)
+
+# Interface gigabitethernet2 configuratie
+
+print("\n[INTERFACE GIG 2 CONFIGURATIE]\n")
+config_intgig2 = input("Wilt u interface gigabitethernet 2 configureren? [Ja/Nee] ")
+
+
+if config_intgig2 != "Ja":
+    pass
+else:
+    interface_ip = input("Welk IP adres moet " + "int gig 2" + " krijgen? ")
+    interface_subnetmask = input("Welk subnetmasker moet " + "int gig 2" + " krijgen? ")
+    interface_beschrijving = input("Welke beschrijving moet " + "int gig 2" + " krijgen? ")
+
+    ssh.send("config terminal\n")
+    ssh.send("interface " + "gig 2" + "\n")
+    ssh.send("ip address " + interface_ip + " " + interface_subnetmask + "\n")
+    ssh.send("description " + interface_beschrijving + "\n")
+    ssh.send("no shutdown\n")
+    ssh.send("end\n")
+    time.sleep(2)
+
+# Interface gigabitethernet3 configuratie
+
+print("\n[INTERFACE GIG 3 CONFIGURATIE]\n")
+config_intgig3 = input("Wilt u interface gigabitethernet 3 configureren? [Ja/Nee] ")
+
+if config_intgig3 != "Ja":
+    pass
+else:
+    interface_ip = input("Welk IP adres moet " + "int gig 3" + " krijgen? ")
+    interface_subnetmask = input("Welk subnetmasker moet " + "int gig 3" + " krijgen? ")
+    interface_beschrijving = input("Welke beschrijving moet " + "int gig 3" + " krijgen? ")
+
+    ssh.send("config terminal\n")
+    ssh.send("interface " + "gig 3" + "\n")
+    ssh.send("ip address " + interface_ip + " " + interface_subnetmask + "\n")
+    ssh.send("description " + interface_beschrijving + "\n")
+    ssh.send("no shutdown\n")
+    ssh.send("end\n")
+    time.sleep(2)
+
+# Interface loopback0 configuratie
+
+print("\n[INTERFACE lo0 CONFIGURATIE]\n")
+config_intlo0 = input("Wilt u interface lo0 configureren? [Ja/Nee] ")
+
+if config_intlo0 != "Ja":
+    pass
+else:
+    interface_ip = input("Welk IP adres moet " + "int lo0" + " krijgen? ")
+    interface_subnetmask = input("Welk subnetmasker moet " + "int lo0" + " krijgen? ")
+    interface_beschrijving = input("Welke beschrijving moet " + "int lo0" + " krijgen? ")
+
+    ssh.send("config terminal\n")
+    ssh.send("interface " + "lo0" + "\n")
+    ssh.send("ip address " + interface_ip + " " + interface_subnetmask + "\n")
+    ssh.send("description " + interface_beschrijving + "\n")
+    ssh.send("no shutdown\n")
+    ssh.send("end\n")
+    time.sleep(2)
+
+# IPv6 configuratie
+
+print("\n[IPv6 CONFIGURATIE]\n")
+config_ipv6 = input("Wilt u IPv6 configureren? [Ja/Nee] ")
+
+if config_ipv6 != "Ja":
+    pass
+else:
+    ipv6_interface = input("Op welke interface wilt u IPv6 configureren? [gig 1 / gig 2 / gig 3 / lo1] Interface: ")
+    interface_ipv6 = input("Welk IPv6 adres moet " + ipv6_interface + " krijgen? Voorbeeld: 2001:1:2:3::1 ")
+    interface_ipv6_subnetmask = input("Welk subnetmasker moet " + ipv6_interface + " krijgen? Voorbeeld: /64 ")
+
+    ssh.send("config terminal\n")
+    ssh.send("interface " + ipv6_interface + "\n")
+    ssh.send("ipv6 address " + interface_ipv6 + interface_ipv6_subnetmask + "\n")
+    ssh.send("no shut\n")
+    ssh.send("end\n")
+    time.sleep(2)
+
+
+time.sleep(1)
+output = ssh.recv(65535)
+print("\n[CONFIGURATIE VOLTOOID]")
+
+conf_check = input("Wil je de huidige configuratie bekijken? [Ja/Nee] ")
+
+if conf_check != "Ja":
+    pass
+
+else:
+    print(output.decode("utf-8"))
+
+# Configuratie mogelijkheid opslaan
+
+save_conf = input("Wil je de configuratie opslaan? [Ja/Nee] ")
+
+if save_conf != "Ja":
+    print("Wizard wordt gesloten...")
+    time.sleep(2)
+    ssh_client.close
+
+else:
+    ssh.send("write\n")
+    time.sleep(5)
+    print("De configuratie is opgeslagen")
+    print("Programma wordt gesloten...")
+    time.sleep(2)
+    ssh_client.close

eindopdracht/virtuele omgeving/netconf/Usertoevoegen_netconf.txt

@@ -0,0 +1,111 @@
+#Onderstaande commando uitvoeren op alle routers onder config-t
+Netconf-yang
+
+#Onderstaande installeren op CentOS8
+yum install python3-pip
+python3 -m pip install ncclient
+
+touch netconfr3.py
+nano netconfr3.py
+
+#Onderstaande is het script om een user toevoegen op ISP!
+from ncclient import manager
+import xml.dom.minidom
+
+m = manager.connect(
+    host="ISP",
+    port=830,
+    username="cisco",
+    password="cisco",
+    hostkey_verify=False
+    )
+
+netconf_user = """
+<config>
+  <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
+     <username>
+            <name>HU</name>
+            <privilege>15</privilege>
+            <password>
+                    <encryption>0</encryption>
+            <password>cisco1234</password>
+            </password>
+    </username>
+  </native>
+</config>
+netconf_reply = m.edit_config(target="running", config=netconf_user)
+
+print(xml.dom.minidom.parseString(netconf_reply.xml).toprettyxml())
+
+touch netconfedgerouter.py
+nano netconfedgerouter.py
+
+#Onderstaande is het script om een user toevoegen op Edgerouter!
+m = manager.connect(
+    host="EdgeRouter",
+    port=830,
+    username="cisco",
+    password="cisco",
+    hostkey_verify=False
+    )
+
+netconf_user = """
+<config>
+  <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
+     <username>
+            <name>HU</name>
+            <privilege>15</privilege>
+            <password>
+                    <encryption>0</encryption>
+            <password>cisco1234</password>
+            </password>
+    </username>
+  </native>
+</config>
+netconf_reply = m.edit_config(target="running", config=netconf_user)
+
+print(xml.dom.minidom.parseString(netconf_reply.xml).toprettyxml())
+
+touch netconfisp.py
+nano netconfisp.py
+
+#Onderstaande is het script om een user toevoegen op R3!
+
+#User toevoegen ISP
+from ncclient import manager
+import xml.dom.minidom
+
+m = manager.connect(
+    host="R3",
+    port=830,
+    username="cisco",
+    password="cisco",
+    hostkey_verify=False
+    )
+
+netconf_user = """
+<config>
+  <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
+     <username>
+            <name>HU</name>
+            <privilege>15</privilege>
+            <password>
+                    <encryption>0</encryption>
+            <password>cisco1234</password>
+            </password>
+    </username>
+  </native>
+</config>
+netconf_reply = m.edit_config(target="running", config=netconf_user)
+
+print(xml.dom.minidom.parseString(netconf_reply.xml).toprettyxml())
+
+
+
+
+
+
+
+
+
+

eindopdracht/virtuele omgeving/netconf/user_toevoegen.py

@@ -0,0 +1,41 @@
+# Originele uitvoering: Robbin, netheid: Taha
+from ncclient import manager  # python3 -m pip install ncclient
+import xml.dom.minidom
+
+routers = {'ISP':'10.5.5.2', 'EdgeRouter':'10.5.5.3', 'R3':'10.5.5.4'}
+
+username = input("New username: ")
+password = input("Password: ")
+level = input("Privilege level: ")
+
+
+
+for router in routers:
+    print(f"{'*'*6} working on: {router} {'*'*6}")
+    m = manager.connect(
+        host=routers[router],
+        port=830,
+        username="cisco",
+        password="cisco",
+        hostkey_verify=False
+        )
+
+    netconf_user = f"""
+    <config>
+      <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
+         <username>
+                <name>{username}</name>
+                <privilege>{level}</privilege>
+                <password>
+                        <encryption>0</encryption>
+                <password>{password}</password>
+                </password>
+        </username>
+      </native>
+    </config>
+    """
+    try:
+        netconf_reply = m.edit_config(target="running", config=netconf_user)
+        print(xml.dom.minidom.parseString(netconf_reply.xml).toprettyxml())
+    except:
+        print(f'Error working for {router}')

eindopdracht/virtuele omgeving/show scripts/README.md

@@ -0,0 +1,3 @@
+# voer de onderstaande commando uit
+
+ansible-playbook show_XXX.yml -u cisco -k

eindopdracht/virtuele omgeving/show scripts/show_arp.yml

@@ -0,0 +1,17 @@
+#Diederik Roovers
+
+---
+- name: Show ARP
+  hosts: routers
+  gather_facts: no
+
+  tasks:
+  - name: Show ARP
+    ios_command:
+      commands: show arp
+    register: output
+
+  - debug: var=output.stdout_lines
+
+
+#ansible-playbook show_arp.yml -u cisco -k

eindopdracht/virtuele omgeving/show scripts/show_bgp.yml

@@ -0,0 +1,17 @@
+#Diederik Roovers
+
+---
+- name: Show BGP
+  hosts: routers
+  gather_facts: no
+
+  tasks:
+  - name: Show BGP
+    ios_command:
+      commands: show ip bgp
+    register: output
+
+  - debug: var=output.stdout_lines
+
+
+#ansible-playbook show_bgp.yml -u cisco -k

eindopdracht/virtuele omgeving/show scripts/show_cef.yml

@@ -0,0 +1,17 @@
+#Diederik Roovers
+
+---
+- name: Show IP CEF
+  hosts: routers
+  gather_facts: no
+
+  tasks:
+  - name: Show IP CEF
+    ios_command:
+      commands: show ip cef
+    register: output
+
+  - debug: var=output.stdout_lines
+
+
+#ansible-playbook show_cef.yml -u cisco -k

eindopdracht/virtuele omgeving/show scripts/show_dhcp.yml

@@ -0,0 +1,16 @@
+#Diederik Roovers
+
+---
+- name: Show DHCP
+  hosts: routers
+  gather_facts: no
+
+  tasks:
+  - name: Show DHCP
+    ios_command:
+      commands: show ip dhcp pool
+    register: output
+
+  - debug: var=output.stdout_lines
+
+#ansible-playbook show_dhcp.yml -u cisco -k

eindopdracht/virtuele omgeving/show scripts/show_nat.yml

@@ -0,0 +1,16 @@
+#Diederik Roovers
+
+---
+- name: Show NAT
+  hosts: routers
+  gather_facts: no
+
+  tasks:
+  - name: Show NAT
+    ios_command:
+      commands: show ip nat translation
+    register: output
+
+  - debug: var=output.stdout_lines
+
+#ansible-playbook show_nat.yml -u cisco -k

eindopdracht/virtuele omgeving/show scripts/show_route.yml

@@ -0,0 +1,16 @@
+#Diederik Roovers
+
+---
+- name: Show IP Route
+  hosts: routers
+  gather_facts: no
+
+  tasks:
+  - name: Show IP Route
+    ios_command:
+      commands: show ip route
+    register: output
+
+  - debug: var=output.stdout_lines
+
+#ansible-playbook show_route.yml -u cisco -k

eindopdracht/virtuele omgeving/show scripts/show_run.yml

@@ -0,0 +1,16 @@
+#Diederik Roovers
+
+---
+- name: Show run
+  hosts: routers
+  gather_facts: no
+
+  tasks:
+  - name: Show run
+    ios_command:
+      commands: show run
+    register: output
+
+  - debug: var=output.stdout_lines
+
+#ansible-playbook show_run.yml -u cisco -k