Automating Cisco Router Configuration Backup to TFTP Server with Python

Introduction:

In the realm of network management, ensuring the security and accessibility of configurations is paramount. This Python script, powered by the Paramiko library, provides a seamless solution to automate the backup of a Cisco router’s running configuration to a TFTP server. Let’s delve into the script’s functionality and understand how it simplifies a critical aspect of network administration.

Script Overview:

# Import the Paramiko library for SSH communication
import paramiko
import time

def cisco_copy_running_config(hostname, username, password, enable_password):
    # Hardcoded TFTP server and filename
    tftp_server = "172.16.0.101"
    tftp_filename = "demo_backup_config.txt"

    # Create an SSH client
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

    try:
        # Connect to the router using provided credentials
        ssh.connect(hostname, username=username, password=password, allow_agent=False, look_for_keys=False)

        # Create a shell channel for interaction
        channel = ssh.invoke_shell()

        # Wait for the prompt after connecting
        time.sleep(1)
        output = channel.recv(65535).decode('utf-8')
        print(output)

        # Check if login was successful by looking for '#' or '>'
        if '#' in output or '>' in output:
            # Send the 'enable' command to enter privileged mode
            channel.send("enable\n")
            time.sleep(1)

            # Send the enable password
            channel.send(enable_password + "\n")
            time.sleep(1)

            # Check if the prompt indicates successful enable mode
            enable_output = channel.recv(65535).decode('utf-8')
            print(enable_output)

            # Check if '#' is present in enable mode prompt
            if '#' in enable_output:
                print("Login successful! Entered privilege mode.")

                # Copy running config to TFTP server
                channel.send(f"copy running-config tftp://{tftp_server}/{tftp_filename}\n")
                time.sleep(1)  # Adjust the sleep time as needed

                channel.send(f"\n")
                time.sleep(1)  # Adjust the sleep time as needed                

                channel.send(f"\n")
                time.sleep(1)  # Adjust the sleep time as needed                

                # Check if the copy was successful
                copy_output = channel.recv(65535).decode('utf-8')
                print(copy_output)

            else:
                print("Enable mode failed!")
                print("Login failed!")

        else:
            print("Login failed!")

        # Close the SSH connection
        ssh.close()

    except Exception as e:
        # Handle exceptions and print an error message
        print(f"Error: {e}")
        print("Copy failed!")

# Entry point of the script
if __name__ == "__main__":
    # Replace these values with your router's information
    router_hostname = "172.16.0.200"
    router_username = "cisco"
    router_password = "cisco@123"
    router_enable_password = "cisco@123"

    # Call the function to copy running config to TFTP server
    cisco_copy_running_config(router_hostname, router_username, router_password, router_enable_password)

Script Explanation:

1. SSH Connection and Login: The script establishes an SSH connection to the Cisco router, logs in, and enters privileged mode.
2. Copy to TFTP Server: It copies the running configuration to a TFTP server, enhancing configuration backup and security.
3. Enhanced Flexibility: While certain parameters are hardcoded for demonstration, the script offers flexibility for customization based on specific network configurations.

Conclusion: This Python script showcases the power of automation in network management. By effortlessly copying a Cisco router’s running configuration to a TFTP server, it adds a layer of resilience to your network infrastructure. Explore, modify, and integrate this script to suit your network’s unique requirements and elevate your network administration capabilities.

Here is the YouTube Video:

Avinash Karnani

I am working in an IT company and having 10+ years of experience into Cisco IP Telephony and Contact Center. I have worked on products like CUCM, CUC, UCCX, CME/CUE, IM&P, Voice Gateways, VG224, Gatekeepers, Attendant Console, Expressway, Mediasense, Asterisk, Microsoft Teams, Zoom etc. I am not an expert but i keep exploring whenever and wherever i can and share whatever i know. You can visit my LinkedIn profile by clicking on the icon below.

“Everyone you will ever meet knows something you don’t.” ― Bill Nye