Showing posts from April, 2013

EEM and AAA working together

If you have AAA services configured on your Cisco device and want to do some, for example, EEM remote telnet on that device you will have problem with executing commands because of AAA services. Because of that Cisco introduced useful command annex to classic EEM - authorization bypass. Be sure that your IOS version support that... Here is one example of configuring EEM with AAA on device for remote telnet and do some clear ARP for you: event manager applet chilly authorization bypass  event none  action 2.0 cli command "telnet x.x.x.x" pattern "Username:"  action 3.0 cli command "admin" pattern "Password:"  action 4.0 cli command "password" pattern "#"  action 5.0 cli command "clear arp" pattern "#"  action 6.0 cli command "exit"  action 7.0 cli command "end" That was another post about EEM...keep playing with this powerful tool...

Floating static routes without IP SLA - with EEM

IOS 15 great SW but without Data or UC license on it - no IP SLA. Without that you have no easy way of configuring floating static routes with tracking and doing IP reachability tests of your default GW. This solution is doing pretty much the same but without IP SLA at all - we are going to utilize only the EEM with track feature like before. So basically, EEM script would be something like this: event manager applet chilly  event timer watchdog time 10  action 1.0 cli command "enable"  action 1.1 cli command "ping [DF-GTW-HERE] repeat 3 timeout 2"  action 1.3 regexp "!" "$_cli_result" result  action 1.4 if $result eq "!"  action 1.5  track set 100 state up  action 1.6 else  action 1.7  track set 100 state down  action 1.8 end Before putting this EEM script live configure adequate track object, like this: track 100 stub-object  default-state down Off course if you need you can fine tune this EEM script...for example set timer to 5 sec o