What did you EXPECT

What did you EXPECT

cmdThis time I’m starting the new semester off right with a blog post! A while ago we installed five Cisco Aironet access points at a customer. Later the customer requested a way to change the guest network password based on what visitors they were having. Rather then making them go to five different IP addresses and changing the password five different times I wrote an Expect script to it automatically.

The first hurdle with using Expect was that everyone at the company uses Windows and Expect is a Linux based. Cygwin solves this problem.

Next was the script. We needed an easy method to input the new key and run through the script.

#!/usr/bin/expect

#This program will change the Guest network key
#To run this program type ./expect.sh GUESTKEY
#Replace GUESTKEY with the value you want for the new network key
#The guest key can NOT include spaces and must be at least 8 characters long

set Guestkey [lindex $argv 0]
set timeout 20

# AP1
spawn ssh i3bus@10.0.0.31
expect “Password:”
send “Enable Password\r”
expect “AP1#”
send “config t\r”
expect “AP1(config)#”
send “dot11 ssid GUEST TTP\r”
expect “AP1(config-ssid)#”
send “wpa-psk ascii $Guestkey\r”
expect “AP1(config-ssid)#”
send “exit\r”
expect “AP1(config)#”
send “exit\r”
expect “AP1#”
send “copy run start\r”
expect “Destination filename *startup-config*”
send “\r”
expect “AP1#”
send “exit\r”

The above script worked well and was replicated with slight modifications for the other four access points. One slight problem with this version is the fact that the Enable Password is hard coded into plain text. In our situation this was fine but in a higher security environment you would want to add a second variable where the enable password would be entered.

The code would look more like this:

#!/usr/bin/expect

#This program will change the Guest network key
#To run this program type ./expect.sh ENABLE GUESTKEY
#Replace ENABLE with the enable password
#Replace GUESTKEY with the value you want for the new network key
#The guest key can NOT include spaces and must be at least 8 characters long

set Enable [lindex $argv 0]
set Guestkey [lindex $argv 1]
set timeout 20

# AP1
spawn ssh i3bus@10.0.0.31
expect “Password:”
send “$Enable\r”
expect “AP1#”
send “config t\r”
expect “AP1(config)#”
send “dot11 ssid GUEST TTP\r”
expect “AP1(config-ssid)#”
send “wpa-psk ascii $Guestkey\r”

Any questions or comments? I would love to hear them!

Leave a Reply

Your email address will not be published. Required fields are marked *