In the first post of this series, we learned how to automatically deploy switch firmware through PowerShell. Don’t get me wrong, this is awesome! But if you don’t have your switch configuration saved already, you would have to be bloody insane to push a new firmware to the device. No offense to those insane readers who did this. 🙂
So what is an admin to do? Why, use PowerShell to connect to each switch and save the configuration files directly!
How to Backup Switch Configurations with PowerShell
$Server = "192.168.0.10" $Username = "administrator" $Password = "password" $Date = (Get-Date -UFormat "%Y-%m-%d") Set-Location C:\putty\ $SwitchList = Import-Csv .\switchlist.csv | sort NodeName foreach ($Switch in $SwitchList){ $FilePath = "Configs\" + $Switch.NodeName + "\" $FileName = $Switch.IPAddress + "_" + $Date +".txt" if ((Test-Path \\$Server\c$\TFTP-Root\$Filepath) -eq $false){New-Item -ItemType Directory -Name $Switch.NodeName -Path \\$Server\c$\TFTP-Root\Configs\} .\kitty.exe $Switch.IPAddress -ssh -v -l $Username -pw $Password -cmd "\s05 \n Copy Startup-Config tftp $Server $Filepath$FileName \n y \n logout \n y \n y \n y" sleep -Seconds 2 }
I won’t bore you with the setup steps required for this script – read the previous article in this series to generate your switchlist file and to configure your TFTP server. If you’ve already done those steps, this script should run without any issues. Just change the configuration block at the top and edit the switch command line to match your environment. Ensure that your TFTP server has a subfolder named Configs in it.
.\kitty.exe $Switch.IP_Address -ssh -v -l $Username -pw $Password -cmd "\s05 \n Copy Startup-Config tftp $Server $Filepath$FileName \n y \n logout \n y \n y \n y"
This script is already configured to backup the configuration for an HP ProCurve Switch. If you have other makes in your environment, leave a comment below with your script alterations.
Startup Configurations will be saved according to the $FilePath and $FileName variables. By default, the script will create a folder under the Configs subfolder for each switch on your TFTP server. The folder will be named after the Switch Host/Node name. This information is pulled from your Switchlist.csv. Each saved configuration is named after the switch’s IP address with a date attached to the end of the file (ex: 10.95.0.1_2016-02-29.txt).
What are you waiting for? Start backing up all of your switch configurations. Schedule this script for automated backups! As with any backup, verify the data. In our next post of this series, we will use PowerShell to change our switch configurations.
Sorry, but it wont works for me, I dont know what I have mistaken, it seems all fine, but wont gets backup. does anybody check me?
I am trying for Avaya 3000,4000 & 5000 series switches via putty
I have used the setup for config backup of HP1920 switches. Unfortunately they do not follow the normal HP standard, so I had to modify the command line quite a bit – have a look below.
Also note the special password needed to enable all commands (including the copy function which is named backup in this switch DUH!)
I have deleted the line that creates the folder for the devices files because it seems that this CLI does not support backing up to a subfolder – only the TFTP root 🙁
.\kitty.exe $Switch.IPAddress -ssh -v -l $Username -pw $Password -cmd “\s05\n_cmdline-mode on\ny\nJinhua1920unauthorized\nbackup Startup-Configuration to $Server $FileName\nquit\n”
In the switch you will also have to enable SSH for the user you log in with(probably “admin”), as well as enable SSH in devices/service menu.
BTW: In part one it is explained how to do the initial setup. but in that guide other column names are used (e.g. IPAddress instead of IP_Address, which is used in the code in part 2). That confuses quite a bit until you find the error.
Apart from that it is great to have this finally set up!
Thanks for the tips for that 1920!!
And I fixed that column name – thanks for pointing that out.
Excellent work. Trying to back up an ASA 5505.
-cmd “\nenable \PASSWORD \ncopy running-config tftp: \nrunning-config \n$Server \n$Filepath$FileName”
If I leave out the copy running config code it logs in and goes to priv exec just fine. but if I run the above it interprets it as multiple characters and I can’t get to priv exec. Is there a way to emulate pressing the enter key?
For me, a sleep command followed by /n achieved this. Can you try that? Sleep is \s05 (for five seconds).
Hey Joseph. Here is what I’m trying. I have all the variables defined I just left them out of this post:
.\kitty.exe $Asa.IP_Address -ssh -v -l $Username -pw $Password -cmd “\s05 \nenable \n$Password \s05 \ncopy running-config tftp: \nrunning-config \n$Server \n$Filepath$FileName”
When I use that, this is what I get:
ASA5505>
ASA5505> enable
Password: **********
Password: **************************
Password: ***************
Access denied.
ASA5505> 10.23.10.28
^
ERROR: % Invalid input detected at ‘^’ marker.
ASA5505> cfgs\ASA01\2017-01-04.txt
^
ERROR: % Invalid input detected at ‘^’ marker.
ASA5505>
It’s trying to input some the copy running config commands into the enable password prompt. If I drop all the running config commands I can login and get priv exec without issue.
I’m a little stumped. I have some switches that are Dell PowerConnect 6248. What is the syntax using kitty to send a “y” confirmation to the console?
I can get everything in the PS to work besides this step.
.\kitty.exe $Switch.IP_Address -ssh -v -l $Username -pw $Password -cmd “enable \n copy run tftp://$ServerIP/$tftpFilePath$FileName”
Thanks in advance
When is the y needed? At the beginning of the session or end?
after the copy run command the session prompts for a y/n confirmation for the file transfer. If enter is sent it cancels the command
Here is the output when using .\kitty.exe $Switch.IP_Address -ssh -v -l $Username -pw $Password -cmd “enable \n copy run tftp://$ServerIP/$tftpFilePath$FileName”
Using username “username”.
XXX_XXX_Switch_04>
XXX_XXX_Switch_04>enable
XXX_XXX_Switch_04#copy running-config tftp://127.0.0.1/Configs/XXX_XXX_XXX_04/127.0.0.1_2016-04-21.txt
Mode……………………………………. TFTP
Set TFTP Server IP……………………….. 127.0.0.1
TFTP Path……………………………….. Configs/XXX_XXX_Switch_04/
TFTP Filename……………………………. 127.0.0.1_2016-04-21.txt
Data Type……………………………….. Config Script
Source Filename………………………….. temp-config.scr
Management access will be blocked for the duration of the transfer
Are you sure you want to start? (y/n)
Excellent post! I was able to use this to backup Avaya ERS switches that require ctrl-Y to start. Hopefully this helps someone out there:)
.\kitty.exe $Switch.IP_Address -ssh -v -l $Username -pw $Password -cmd “\x19 \n Copy Running-Config tftp address $Server filename $Filepath$FileName \n exit”
Thank you for helping our Avaya folks out!
Nice thank’s
Perfect
Nice Thank’s
I’ve just a problem.
When y try the command line, kitty’s programme open but not connect.
if i change $switch.IP_Address by just an IP, it’s ok
could you help me ?
PS : Excuse my English ….
Double check your CSV file and make sure that your IP address column has a header named IP_Address