[c-nsp] How to easily and securely pull configuration from aPIX/ASA
Andy Davidson
andy at nosignal.org
Fri Dec 7 05:31:39 EST 2007
On 5 Dec 2007, at 17:33, Marc Haber wrote:
> On Wed, Dec 05, 2007 at 12:06:54PM -0500, Eric Van Tol wrote:
>> I could be wrong, but I believe that the PIX/ASA configuration can
>> be seen via the internal web server. It's encrypted via SSL, so a
>> wget should work, if it's compiled with SSL support.
> authenticating with username/password for a user with which
> privilege level?
Hey Marc
This point hasn't come up later in the thread and might be useful.
You can change the privs required to run any particular command like
this :
privilege exec level 1 show running-config
This means you only need level 1 to run sh run. I don't know the
default priv level for sh run is, but I can't get sh run in my usual
not-enable level.
Hope that's useful,
Andy
More information about the cisco-nsp
mailing list