Documentation forKiwi CatTools

Add devices to Kiwi CatTools

After installing CatTools and completing the CatTools setup wizard, you have two ways to add a device to CatTools:

  • Add a device using the setup wizard
  • Add a device from the Device Pane

Add a device using the setup wizard

Use the Device setup wizard on the Options menu to add device to CatTools. The wizard guides you through the addition of new devices to the KCT database.

Add a device from the Device pane

From the device pane in CatTools, ensure you are on the Devices tab and click Add. The Device Information wizard has five, or six depending on selected options, tabs that need to be completed to add your new device. Fields marked with an asterisk (*) next to the field name must be completed to add the device.

Throughout the process, you can ping your device and test defined telnet / SSH session settings:

  • Ping device - Sends ICMP Ping packets to the highlighted device.
  • Telnet/SSH - Uses the defined Telnet or SSH client program to start a manual session with the highlighted device. The Telnet and SSH client programs can be defined in the CatTools Setup dialogue.

Device info tab

Configure the identification information for a device, such as the vendor, device type, model, and port. Once you have identified the device, ping the device to confirm a successful connection.

Vendor Use the drop down list to filter the Device Type list box by vendor or choose all vendors to show all Device Types.
Device Type Use the drop down list to select the CatTools device type from the provided list.
Group Enter or select the name of a group you want this device to belong to. This is a free form field where you can simply create a new group by typing new text. Use group names to group your devices into logical or physical categories.
Name Give the device a unique name.
Host Address Enter the IP address of the new device (in standard aaa.bbb.ccc.ddd format, or use a hostname).
File Name This is the base file name CatTools uses for the device's data and reports. This field reflects the device name, but transforms any characters that are not usable in a file name.
Model Use the drop down list to select the device Model. This is a free form field so you can enter any text you like. This field is only for documentation and has no effect on the operation of CatTools - the Device Type determines how CatTools handles a session with a device.
Connect via

Use the drop down list to select a device to connect via. The default is Direct connection. You only need to specify another device when direct access to the desired device is not possible. CatTools allows you to hop from one device to another using Telnet or SSH to reach your final destination. For example, if your device is behind an access list, but a Linux box has access to that device, you can connect via the Linux box first, then launch a telnet or SSH session to the destination device from there.

Note: When using a Cisco router as a jump point, it is recommended that you disable "logging synchronous" in the Line VTY section of the config. This can cause problems when trying to telnet out from the router.

By default, most Cisco routers would have been configured with 5 lines: line vty 0 4. CatTools is multi-threaded and can support, depending on your edition, up to 30 client threads (connections). If you have created an activity for more than five devices, which all connect via the router, you may end up with timeout errors or connection failures as a result of all the available router lines being used.

To prevent these errors occurring you can:

  1. Increase the number of VTY lines available on your main connect via router.
  2. Set the client threads to use 5 threads.
  3. Use a Linux box as a connect via device instead of a router.
Method

Use the drop down list to select connection method. The default is telnet.

Note: that when using SSH there may well be a specific variant of it that is required to connect with the specific device. For instance, Netscreen devices supporting SSH2 require the variant SSH2-nopty to connect successfully with CatTools.

Port Enter the port number the selected connection method is to use. The telnet default is 23 and typically this does not need to be changed. SSH connections should use port 22.

Passwords tab

Provide the information to login to or enable a device, and other passwords necessary to monitor the device through CatTools.

VTY Password The Virtual Terminal or initial login password.
Enable Password The enable mode or privileged password.
Privilege Level

Set the enable mode privilege level, if required. Typically, this is not required and should be left blank. On a Cisco router, there are 16 privilege levels (0 to 15). Standard enable mode puts you in level 15.

The privilege level is appended to the enable command when the command is sent to the device, so if data is present, but not required, it may cause an error when the device tries to authenticate enable mode.

Console Password The console password, if using a direct COM port connection.
Username The device user name. This can be a user name type such as AAA, TACACS, RADIUS or Local username.
Password The device password. This can be a password type such as AAA, TACACS, RADIUS or Local password.
SSH Username The SSH Username, if required for an SSH device configuration.
SSH Password Enter the SSH Password, if required for an SSH device configuration.
SNMP Read Enter the SNMP Read community name for your device. The SNMP Read community default name is public. It is recommended you change your SNMP Read community name to something else. This field is required for running the SNMP.System.Summary activity otherwise the error SNMP timeout or unknown error occurs.
SNMP Write Enter the SNMP Write community name for your device. The SNMP Write community deafult name is private. It is recommended you change your SNMP.
Initial login requires password

Check this box if the initial login to this device requires a password (typically the VTY or initial console password).

Initial login requires username/password

Check this box if the initial login to this device requires both a username and password.

Enable mode requires username/password Check this box if the login to enable mode on this device requires both a username and password. The value from the Username field is used along with the Enable password previously configured. If you select this check box, the Username field and Enable password field must be completed.

Prompts tab

Configure the command line prompts used by a device, if they differ from the default. Entries are only required in this tab if a device has non-standard prompts configured.

VTY Prompt

The non-standard VTY login prompt for this device. The VTY prompt refers to the text that the device prompts you with when asking for the initial login password. For example: Password:

Enable Prompt

The non-standard Enable prompt for this device. The enable prompt refers to the text that the device prompts you with when asking for the Enable password. For example: Password: orSuper user login:

Console Prompt

The non-standard Console prompt for this device. The console prompt refers to the text that the device prompts you with when asking for the initial console login password. For example: Password:

Username Prompt

The non-standard Username prompt for this device. The username prompt refers to the text that the device prompts you with when asking for the initial login user name. This is normally used along with a password for AAA/TACACS/RADIUS or Local authentication. For example: Username: or Please enter login name:

Password Prompt

Enter the non-standard Password prompt for this device. The Password prompt refers to the text that the device prompts you with when asking for the initial login password, normally used along with a username for AAA/TACACS/RADIUS or Local authentication. For example: Password: or Please enter login password:

Contact info tab

Describes contact information of personnel responsible for a specific device.

Address 1 / Address 2 / Address 3 Physical location of the device. This can be seen on the Devices list if the "Location" column has been enabled.
Contact Name The name of the person responsible for this device.
Contact Phone How to contact the person responsible for this device.
Contact E-mail How to contact the person responsible for this device.
Contact Other Any additional contact info.
Alert e-mail Who to notify by e-mail of any alarms or alerts for this device.

Extra info tab

Additional device specific information and fields. These fields are all free form and you can enter any text you wish.

Serial number The serial number of this device.
Asset Tag Asset tag information.
Identification Identification info for this device.
Other info Any other serial number information.
Activity Specific1 / Specific2 Information specific to a particular activity.

On Palo.Alto.FireWall devices, you can use the Activity Specific2 field to receive data for the Backup.Runnig.Config command in an XML format. Set the Activity2 field as xml as shown:

Variations GUI tab

This tab is only visible on supported devices. In the Variations tab, you can specify user-defined device variations. For more information, see Device Variations.