Firepass integration with AdventNet ManageEngine DeviceExpert

Question

Hi guys, 
&nbsp;  
&nbsp; I have AdventNet ManageEngine DeviceExpert installation and I want to integrate it with firepass. 
&nbsp; DeviceExpert is a software for change management of networking devices, it supports many vendors but not F5. 
&nbsp; I ask AdventNet support engineer for firepass and they replay with the following requirements: 
&nbsp;  
&nbsp; DeviceExpert can support any device model that supports configuration backup through TFTP/SCP when accessed via TELNET or SSH or SNMP. 
&nbsp;  
&nbsp; Also, they ask to provide the following information: 
&nbsp;  
&nbsp; 1. How many configuration files do these devices possess (for example startup and running) 
&nbsp; 2. Login sequence for CLI. Screenshots of the login sequence will be very helpful  
&nbsp; 3. Commands to retrieve &amp; push configuration from/to the devices. Open a command prompt, execute the command and send us the complete snapshot of the command and the output  
&nbsp; 4. Any other useful command to get hardware details from the device 
&nbsp; 5. What is the format of backedup configuration file: text format or binary format  
&nbsp; 6. Can this device be manged through SSH also? 
&nbsp;  
&nbsp; Thanks in advance. 
&nbsp; Andrea

mal_57091 · Answer

Hey Andrea, 
&nbsp;  
&nbsp; Unfortunately i don't think you can do this with FirePass. FirePass, like most SSL VPNs on the market today do not offer CLI access to the device. So you can't really Telnet/SSH in and run commands, pull config, etc. The config files you can backup from the FirePass are encrypted and only F5 can decrypt them. 
&nbsp;  
&nbsp; Sorry to be the bearer of bad news :-( Have you considered using SNMP-based management and setting traps? Also, FirePass is pretty cool in that you can lock down admin only to a certain physical interface and then even further to a specific set of source IP addresses. Perhaps you should lock down your boxes, set strong admin passwords, etc to prevent any chance of incorrect config changes. 
&nbsp;  
&nbsp; Cheers, 
&nbsp; Mal

steve_88008 · Answer

&nbsp; i use the nightly back up feature to an ftp server. You can also use scp. I believe the FP will connect to the scp/ftp server and upload the back up. Does not look like you can download the back up config. You could just use the scp service on device expert and back up to a dir on that box to at least centralize your back up conifgs. 
&nbsp;  
&nbsp; device expert is pretty slick. i use to back up my FW,layer 2, and 3 devices. 
&nbsp;  
&nbsp; hth

Forum Discussion

Firepass integration with AdventNet ManageEngine DeviceExpert

Recent Discussions

How to Renew F5 Device Certificate

How to export a list of paired external service providers from APM?

BIG-IP Edge Endpoint Inspection Failure pre-VPN

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Related Content

Making Mobile SDK Integration Ridiculously Easy with F5 XC Mobile SDK Integrator

Access Troubleshooting: BIG-IP APM OIDC integration

Integrating the F5 BIGIP with Azure Sentinel

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Integrating with your IPv6 Kubernetes Cluster

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS