我正在尝试使用 Python 脚本中的 ncclient 模块获取运行配置。我做了一些基础研究,但只发现了另一个发生这种情况的例子,答案似乎不适用于我的情况。有问题的路由器正在使用识别 isakmp 和 non500-isakmp 的 ACL;这真的不支持吗?或者我可以做些什么来解决这个问题?我的脚本和错误如下所示:
脚本:
class Connection:
def __init__(self, host, ios):
self.host = host
self.username = "OMITTED"
self.ios = ios
self.password = passwd
self.port = 830
self.device_params = { "name" : self.ios}
def getconf(self):
m = manager.connect(host = self.host, port = self.port, username = self.username, password = self.password, device_params = self.device_params)
result = m.get_config('running')
print(result)
with open(r"ios_xe.yaml") as f:
devices = yaml.load(f, Loader=yaml.FullLoader)
for router in devices:
host = devices[router][0]['host']
ios = devices[router][1]['ios']
connhost = Connection(host, ios)
connhost.getconf()
错误:
raise RPCError(to_ele(self._reply._raw), errs=errors)
ncclient.operations.rpc.RPCError: error: /oc-acl:acl/acl-sets/acl-set{TO-ZONE-SELF oc-acl:ACL_IPV4}/acl-entries/acl-entry{10}/ipv4/config/protocol: Unsupported IP Protocol Type
error: /oc-acl:acl/acl-sets/acl-set{TO-ZONE-SELF oc-acl:ACL_IPV4}/acl-entries/acl-entry{20}/ipv4/config/protocol: Unsupported IP Protocol Type
路由器 TO-ZONE-SELF 配置:
10 permit esp any host OMITTED
20 permit ahp any host OMITTED
30 permit udp any host OMITTED eq isakmp
40 permit udp any host OMITTED eq non500-isakmp
50 permit tcp any host OMITTED eq 22
60 permit tcp any host OMITTED eq 443
70 permit icmp any host OMITTED
80 permit ip any host OMITTED