cisco.asa
cisco.asa copied to clipboard
Prompt issue with
SUMMARY
I try to call remote ssh command but the command change a prompt from "#" to " /dirname #" so ansible send an error command timeout triggered, can someone help me please? it's a firepower, and I need to use scope command to change the object. if I try show config or version it's working well, but if I try scope then I get timeout and the only what I found that the prompt is different "/security # " does not match a regex https://regex101.com/r/cQ9MpW/1
ISSUE TYPE
- Bug Report
COMPONENT NAME
ANSIBLE VERSION
ansible [core 2.11.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/ansible/venv/lib/python3.9/site-packages/ansible ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections executable location = /opt/ansible/venv/bin/ansible python version = 3.9.5 (default, May 19 2021, 11:32:47) [GCC 9.3.0] jinja version = 3.0.2 libyaml = True
COLLECTION VERSION
/root/.ansible/collections/ansible_collections
Collection Version
cisco.asa 2.0.2
/opt/ansible/venv/lib/python3.9/site-packages/ansible_collections
Collection Version
cisco.asa 2.1.0
CONFIGURATION
DEPRECATION_WARNINGS(/etc/ansible/ansible.cfg) = False DISPLAY_SKIPPED_HOSTS(/etc/ansible/ansible.cfg) = False HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False PERSISTENT_COMMAND_TIMEOUT(/etc/ansible/ansible.cfg) = 45 RETRY_FILES_ENABLED(/etc/ansible/ansible.cfg) = False
OS / ENVIRONMENT
Firepower 41xx show version Version: 2.8(1.143) Startup-Vers: 2.8(1.143
STEPS TO REPRODUCE
# scope ?
adapter Mezzanine Adapter
cabling Cabling
chassis Chassis
cloud-connector Cloud Connector
eth-server Ethernet Server Domain
eth-uplink Ethernet Uplink
fabric-interconnect Fabric Interconnect
firmware Firmware
host-eth-if Host Ethernet Interface
license License
monitoring Monitor the system
org Organizations
packet-capture Packet Capture Domain
security security mode
server Server
service-profile Service Profile
ssa Security Services
system Systems
vhba vHBA
vnic vNIC
# scope security
/security #
With Ansible the same:
1 command
- scope ?
code
- name: "commands firepower"
when: inventory_hostname == fwname
asa_command:
commands:
- scope ?
- exit
ok: [FIREPOWER] => {
"msg": {
"changed": false,
"failed": false,
"stdout": [
"scope \n adapter Mezzanine Adapter \n cabling Cabling \n chassis Chassis \n cloud-connector Cloud Connector \n eth-server Ethernet Server Domain \n eth-uplink Ethernet Uplink \n fabric-interconnect Fabric Interconnect \n firmware Firmware \n host-eth-if Host Ethernet Interface \n license License \n monitoring Monitor the system \n org Organizations \n packet-capture Packet Capture Domain \n security security mode \n server Server \n service-profile Service Profile \n ssa Security Services \n system Systems \n vhba vHBA \n vnic vNIC \n\n\n\n ^\n% Incomplete Command at '^' marker",
"None"
],
"stdout_lines": [
[
"scope ",
" adapter Mezzanine Adapter ",
" cabling Cabling ",
" chassis Chassis ",
" cloud-connector Cloud Connector ",
" eth-server Ethernet Server Domain ",
" eth-uplink Ethernet Uplink ",
" fabric-interconnect Fabric Interconnect ",
" firmware Firmware ",
" host-eth-if Host Ethernet Interface ",
" license License ",
" monitoring Monitor the system ",
" org Organizations ",
" packet-capture Packet Capture Domain ",
" security security mode ",
" server Server ",
" service-profile Service Profile ",
" ssa Security Services ",
" system Systems ",
" vhba vHBA ",
" vnic vNIC ",
"",
"",
"",
" ^",
"% Incomplete Command at '^' marker"
],
[
"None"
]
]
}
}
2 command
- scope security
code
- name: "commands firepower"
when: inventory_hostname == fwname
asa_command:
commands:
- scope security
- exit
The full traceback is:
File "/tmp/ansible_asa_command_payload_on6ya26c/ansible_asa_command_payload.zip/ansible_collections/cisco/asa/plugins/module_utils/network/asa/asa.py", line 147, in run_commands
return connection.run_commands(commands=commands, check_rc=check_rc)
File "/tmp/ansible_asa_command_payload_on6ya26c/ansible_asa_command_payload.zip/ansible/module_utils/connection.py", line 200, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [FIREPOWER]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"authorize": null,
"commands": [
"scope security"
],
"context": null,
"interval": 1,
"match": "all",
"passwords": null,
"provider": null,
"retries": 10,
"wait_for": null
}
},
"msg": "command timeout triggered, timeout value is 45 secs.\nSee the timeout setting options in the Network Debug and Troubleshooting Guide."
}
EXPECTED RESULTS
ACTUAL RESULTS