Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Tandem Systems, Ltd.
WinAgents HyperConf User’s Guide
Tandem Systems, Ltd. 02.04.2010
1 WinAgents HyperConf User’s Guide
Table of Contents Overview ....................................................................................................................................................... 4
System Requirements ................................................................................................................................... 4
Quick Start ..................................................................................................................................................... 4
1-2-3-Start! ................................................................................................................................................ 4
1. Set default parameters to access devices ......................................................................................... 4
2. Add devices to HyperConf catalog .................................................................................................... 5
3. Set up backup of device configurations ............................................................................................ 5
Start! .......................................................................................................................................................... 5
HyperConf Components ................................................................................................................................ 5
HyperConf Manager ...................................................................................................................................... 5
Network Discovery Wizard ............................................................................................................................ 7
Devices Catalog ............................................................................................................................................. 8
Working with Groups .............................................................................................................................. 10
Adding, Editing and Removing Devices ................................................................................................... 10
General ................................................................................................................................................ 11
Logon ................................................................................................................................................... 12
Advanced ............................................................................................................................................. 15
Telnet .................................................................................................................................................. 16
SSH ....................................................................................................................................................... 16
SNMP ................................................................................................................................................... 18
HTTP .................................................................................................................................................... 19
Terminal Emulation ............................................................................................................................. 20
Terminal Keyboard/Mouse ................................................................................................................. 21
X/Y/Z Modem ...................................................................................................................................... 23
Connection Profiles ................................................................................................................................. 24
General ................................................................................................................................................ 25
Telnet .................................................................................................................................................. 25
SSH ....................................................................................................................................................... 26
SNMP ................................................................................................................................................... 26
HTTP .................................................................................................................................................... 27
Operations with Multiple Items .............................................................................................................. 27
Group Overview ...................................................................................................................................... 28
Working with Favorites ........................................................................................................................... 28
Actions Panel ........................................................................................................................................... 29
2 WinAgents HyperConf User’s Guide
Backing-up Device Configuration Files .................................................................................................... 29
Backing-up Configuration Files by Schedule ........................................................................................... 29
Manual Configurations Backup ................................................................................................................... 30
Detecting Configuration Changes via SYSLOG ............................................................................................. 31
Working with Devices .................................................................................................................................. 33
Device Overview ...................................................................................................................................... 33
Terminal Shell .......................................................................................................................................... 34
Principles and Advantages of HyperConf Terminal Shell ........................................................................ 34
Connecting to Device with CLI................................................................................................................. 35
Terminal Window .................................................................................................................................... 36
Configuring Devices in Terminal Shell ..................................................................................................... 37
Retrieving Running and Startup Configurations .................................................................................. 37
Online Configuration Editor ................................................................................................................ 37
Adding Commands .............................................................................................................................. 38
Editing Commands .............................................................................................................................. 40
Negating and Resetting Commands to Default ................................................................................... 41
Negating Commands ........................................................................................................................... 41
Resetting Commands to Default ......................................................................................................... 41
Saving the Configuration to NVRAM ................................................................................................... 42
Editing Access Control Lists ................................................................................................................. 42
Editing Multiline Strings in Commands ............................................................................................... 42
Verbose Mode ..................................................................................................................................... 43
Edit Device Configuration Off-Line .......................................................................................................... 43
Downloading Configuration Files from Device .................................................................................... 44
Editing Device Configurations ............................................................................................................. 45
Bookmarks ........................................................................................................................................... 46
Uploading Configuration Files to Devices ........................................................................................... 47
Configuration History .............................................................................................................................. 47
Connecting to Device with Web Browser ............................................................................................... 49
Saving Device Configuration to NVRAM.................................................................................................. 49
Comparing Devices Configurations ......................................................................................................... 50
Executing Scripts on Device..................................................................................................................... 51
What Is a Script? .................................................................................................................................. 51
Automating Devices ............................................................................................................................ 51
Creating and Running Command Scripts ............................................................................................. 51
3 WinAgents HyperConf User’s Guide
Creating and Running Script in Microsoft JScript ................................................................................ 53
Working through NAT ................................................................................................................................. 53
WinAgents HyperConf is Inside the Protected Network ......................................................................... 54
WinAgents HyperConf is Outside the Protected Network ...................................................................... 56
Operation Log .............................................................................................................................................. 56
Application Log ............................................................................................................................................ 57
SYSLOG ........................................................................................................................................................ 57
Program Options ......................................................................................................................................... 57
WinAgents HyperConf Server Options .................................................................................................... 58
General .................................................................................................................................................... 58
Database Connection .............................................................................................................................. 58
Change Detection .................................................................................................................................... 58
Built-in TFTP Server ................................................................................................................................. 59
Built-in SYSLOG Server ............................................................................................................................ 59
SSH Server for SCP ................................................................................................................................... 59
FTP Server ................................................................................................................................................ 60
WinAgents HyperConf Manager Options ................................................................................................ 61
General ................................................................................................................................................ 61
Terminal .............................................................................................................................................. 61
Fonts & Colors ..................................................................................................................................... 62
Additional Functions ................................................................................................................................... 62
Decrypting Type 7 Passwords on Devices Manufactured by Cisco Systems ........................................... 62
Terminal Connection ............................................................................................................................... 62
Regular Expression Syntax .......................................................................................................................... 63
Installing License Keys ............................................................................................................................. 64
4 WinAgents HyperConf User’s Guide
Overview According to Gartner, about 80% of all network failures are caused by the internal factors such as
incorrect configurations, weak policies or human errors. It is extremely difficult to protect the network
from the administrators’ mistakes because they have many privileges in network management. In this
situation system failure is only a matter of time. One of the possibilities to minimize the consequences
of failures is to constantly monitor configuration files of network devices, track changes in
configurations, and have up-to-date configuration backups.
WinAgents HyperConf is a universal solution to manage the configuration files of network devices from
different hardware vendors. WinAgents HyperConf performs 24/7 network monitoring, detects changes
in it configuration, and maintains configuration backups in up-to-date state. Using the program you can
examine the history of changes and, if necessary, return immediately to the stable version of the device
configuration. Thus, WinAgents HyperConf greatly improves network availability and minimizes losses
caused by various internal and external factors.
WinAgents HyperConf contains a set of tools to configure your devices. The program keeps the Catalog
of Devices that stores information about the addresses, access methods and authentication parameters
for every device. With the built-in tools you can connect to devices via TELNET, SSH and HTTP/HTTPS
protocols, retrieve device configuration files to edit and upload modified configurations back. Using
built-in scripting features you can change configurations of many devices almost instantaneously.
WinAgents HyperConf centralizes configuration management for your network.
System Requirements The following minimum system configuration is recommended for WinAgents HyperConf:
CPU: Intel P4 (or greater)
Memory: 512MB RAM or more
Disk space: not less than 30 MB to install the program, recommended 100 MB
Platform: Windows 2000/XP/2003/Vista/2008/7
Quick Start It is very easy to start using WinAgents HyperConf. You need to make only three steps to get the
program to work.
1-2-3-Start!
1. Set default parameters to access devices
When WinAgents HyperConf starts for the first time, it displays the Initial Configuration Wizard. This
wizard allows you to specify credentials that will be further used by default to access the devices. Enter
the user name and passwords you use to access the most of your devices. Later you can change them by
editing connection profiles in the Connection Profiles window. Refer to Connection Profiles to get
additional information.
5 WinAgents HyperConf User’s Guide
2. Add devices to HyperConf catalog
To enable the program to work with devices it is necessary to add them into the devices catalog. The
easiest way to do this is to use the Discovery Wizard. This wizard performs network scan by means of
the SNMP protocol. Discovered devices may be added to the devices catalog. You can also add the
devices manually. In the Device menu, click Register New Device to add a new device into the catalog.
Refer to Discovery Wizard and Adding, Editing and Removing Devices to get additional information.
3. Set up backup of device configurations
On the Device menu, click Configure Backups to set up options for device configurations backup. You
can specify devices, for which backup procedure will run automatically, set the schedule and configure
additional backup parameters. Refer to Backing-up Device Configuration Files to get additional
information.
Start! With a single click you can connect to devices, examine the history of device configuration changes,
compare and modify configuration files, and do many other things!
HyperConf Components WinAgents HyperConf contains the following components:
WinAgents HyperConf Server – Windows® service running in background which implements
HyperConf core functions, runs automatic backup operations, etc.
WinAgents HyperConf Manager – Windows® application that provides GUI for WinAgents
HyperConf features: allows operations with devices, examining SYSLOG messages and work with
backup copies of device configurations.
WinAgents TFTP Server – Windows® service running in background which is used to transfer the
configuration files between WinAgents HyperConf Server and network devices. TFTP server is
essential for backing-up configurations and editing configurations off-line.
WinAgents SYSLOG Service – Windows® service running in background which receives and
processes SYSLOG messages that are generated and sent by devices.
HyperConf Manager WinAgents HyperConf Manager provides an integrated environment to manage configurations of
network devices. It is the only component of WinAgents HyperConf with which the user works directly,
and it has a set of tools and graphical user interface elements to access all the functions implemented in
WinAgents HyperConf.
It is important to make yourself familiar with the main WinAgents HyperConf Manager window to work
with the application effectively. The main application window is in the figure 1. It describes some
important features available in WinAgents HyperConf.
6 WinAgents HyperConf User’s Guide
Figure 1. WinAgents HyperConf Manager
1. Catalog of Devices – WinAgents HyperConf uses the Catalog of Devices to store access
parameters for network nodes it works with. You can use this to manipulate device registrations
in HyperConf and manage registered devices’ configurations either by downloading them
directly from the device or by retrieving them from the HyperConf database.
2. Catalog of Devices Toolbar – Use this to add, edit or remove device registrations manually or to
fill the Catalog of Devices automatically with the help of the Network Discovery Wizard.
3. Actions for device – Use this to perform operations or run built-in and custom scripts for the
device currently selected in the Catalog of Devices.
4. Favorites – Use this to place your favorites, which are links to the most commonly used devices,
device configurations, or device features for quick access.
5. Favorites Toolbar – It contains commands to manage favorites. Use it to add a link to the
device, device configuration or device feature that is already present in the Catalog of Devices.
6. New Configuration – Click this to open a new configuration editing window. It allows entering
configuration commands sequentially line-by-line, and then the resulting configuration file may
be saved to a file or uploaded to one or more devices registered in the Catalog of Devices.
7. Open Configuration – Click this to open an existing configuration file. The configuration file can
be reviewed, edited and uploaded to one or more devices registered in the Catalog of Devices.
8. New script – Click this to open a new script editing window. WinAgents HyperConf can execute
a set of commands or small programs written in JScript programming language across network
devices and gather results.
9. Open script – Click this to open an existing file containing either command script or script
written in JScript programming language. The script can be executed across network devices
with the results gathered and stored.
7 WinAgents HyperConf User’s Guide
10. Compare Configurations – Click this to open a new configurations diff window. It allows opening
two configuration files side-by-side and comparing them by determining which lines were
added, removed or changed. You can open configuration files for comparison from disk, retrieve
them from the HyperConf database or download them from a device.
11. Open CLI – Click this to open a new terminal emulation window which can be used to connect to
remote hosts via TELNET or SSH protocols or to hosts connected directly to your computer via
COM ports.
12. Schedule Backups – Click this to open the Backup Configuration window. It allows specifying the
schedule for automatic backups, select devices from the Catalog of Devices for which automatic
backup is enabled, configure e-mail notifications, and set up additional backup options.
13. Logs – Click this to open Operation Log, Application Log or SYSLOG windows. WinAgents
HyperConf stores execution history for all operations with configurations, such as configuration
downloads, configuration uploads, configuration backups, etc. in the Operation Log. It reports
various system-level messages and events to the Application Log, which may be useful for
troubleshooting. WinAgents HyperConf contains built-in SYSLOG server and received SYSLOG
messages from network devices, stores them and displays in the SYSLOG window.
14. Profiles – Click this to open the Connection Profiles Manager. WinAgents HyperConf uses
connection profiles to unify access to the network devices if they use the same set of
credentials. The Connection Profiles Manager allows creating, editing and deleting connection
profiles. They later can be assigned to devices in the Device Properties window.
15. Work Area with windows – WinAgents HyperConf supports working with multiple open
windows of various types displaying configuration files, terminals, logs, etc. All such windows
are placed to the work area and for each of them tab with its name is placed to the panel above
the work area. Use tabs for quick switching between windows.
16. Operation results – Most of the windows in WinAgents HyperConf perform operations with
configuration files transferring them to and from devices, or execute a series of commands on
devices capturing output. The whole operation progress is stored and displayed in the current
operation log, which is present in the bottom of the window which initiated the operation.
17. Operations status – Use this to check the current status of running and failed operations with
configuration files of network devices. Click links to open the Operation Log window and
examine operation results.
Network Discovery Wizard You should register your network devices in the Catalog of Devices in HyperConf before the program can
work with them and manage their configuration files. WinAgents HyperConf includes a special tool to
make this task easier – the Network Discovery Wizard. Its purpose is to find and automatically register
all network devices that can be controlled via the SNMP protocol and meet the criteria you specify. You
can open the Network Discovery Wizard either by clicking Discover Network on the Devices toolbar, or
by clicking Discover Network Devices on the Devices menu.
The Network Discovery Wizard guides you through the step-by-step process of specifying devices access
parameters, scanning your network and adding discovered devices to the Catalog of Devices. The first
step is to select which types of network nodes should be found:
All network nodes – the Network Discovery Wizard will search for all network devices.
8 WinAgents HyperConf User’s Guide
Routers and switches – the Network Discovery Wizard will search for routers and switches only.
The second step is to specify the range of networks being searched for network nodes. You can choose
one of three options:
Discover only current network – scan the current local area network only.
Discover IP networks – scan the network within the specified range of IP addresses. If you
choose this option, you should provide the Network Discovery Wizard with IP addresses and
masks of the network being searched. You can specify several ranges of IP addresses by adding
them to the networks list by clicking Add. Click Delete to remove the selected network from the
list.
Selected distance – scan networks within the specified number of hops from the current local
area network. The number of hops is the number of routers the packet from the computer
where the program is installed goes through before it reaches the device being scanned. The
number of hops is used to define the maximum size of the network being searched.
The third step is to specify SNMP parameters that will be used for connecting to network devices. While
scanning the network, the wizard tries to establish connections to devices it finds using the settings
specified at this step. In case the connection is successfully established, the device will be added to the
result list. Connection settings include the following parameters:
SNMP Port – the port number to use for establishing a connection, the default is 161.
Timeout – the maximum amount time to wait for the response from the network node during
connection attempt, specified in seconds, the default value is 2.
Community strings – the list of community strings used for authentication while connecting via
SNMP versions 1 and 2. If multiple community strings are used on your network, you can enter
them all line-by-line, placing each community string on its own line.
At the next step, the Network Discovery Wizard scans the specified networks for devices. You can cancel
the search by clicking Cancel.
When the scan is finished, the Network Discovery Wizard offers you to select the devices that should be
added to the Catalog of Devices by picking them from the list of discovered devices. Click Finish to close
the Network Discovery Wizard and place the selected devices to the Catalog of Devices. It is
recommended to review properties of the newly added devices, because some additional settings
should be specified to manage their configurations and perform automatic backups.
Devices Catalog Devices served by WinAgents HyperConf are contained in the Devices Catalog. You can see the contents
of the catalog in the related area of the main window.
9 WinAgents HyperConf User’s Guide
Figure 2. The Catalog of Devices
The Catalog of Devices is represented as a tree-like hierarchical structure (Figure 2). Registered devices
can be organized in groups. Each device node in the tree can be expanded by clicking the “+” button.
Under the device node HyperConf shows nodes for available configurations and tools for this device.
You can open the configuration or tool window by double-clicking the particular node. The set of nodes
for each device is determined by the following parameters:
Device address and its name. HyperConf uses the specified address to perform all operations
with the device, such as transferring configuration files, open terminal sessions, performing
configuration backups, etc. The name is displayed in the tree representing the Catalog of
Devices.
Vendor and device type. To perform various operations with the device, HyperConf must know
its manufacturer and model. Depending on this information the program uses different set of
scripts to get device configuration and automate other tasks.
Protocols, authentication and automatic logon. These settings are used by the program to
establish connections to devices and gain access to its command line and configuration files.
You can configure these parameters in the Device Properties window. Changes in these parameters
results in changes in the set of nodes for configurations and tools that HyperConf shows under the node
for the particular device.
10 WinAgents HyperConf User’s Guide
Working with Groups Groups in the Catalog of Devices are used to organize devices in logical categories. It may be convenient
to create groups for subnets, structural units of your company, buildings, sites, etc.
To add a new group, click Add Device Group on the Device menu. In the Group Properties window the
following parameters can be configured:
Name – the name for the group. HyperConf uses it to display the group in the Catalog of
Devices.
Type – one of Generic, Network, Site, Building, Floor, Room, Rack. HyperConf uses the type of
the group to display its icon in the Catalog of Devices.
Comment – optional comment text.
Parent – HyperConf allows including groups one into another. In the Group Properties window
you can select the position of the group in group hierarchy.
It is also possible to select the parent group (Figure 3).
Figure 3. Editing Group Properties
To edit the group parameters select it in the catalog and click Properties on the Device menu. To delete
the selected group, click Remove Selected Item on the Device menu.
Adding, Editing and Removing Devices To add a device to the Catalog of Devices, click Register New Device on the Device menu or click the
corresponding button in the toolbar. WinAgents HyperConf opens the Device Properties window, which
is used to specify various parameters that WinAgents HyperConf needs to communicate with the device,
transfer configuration files, show command-line interface, etc.
The Device Properties window contains several groups of parameters organized in sheets:
11 WinAgents HyperConf User’s Guide
General
Figure 4. Device Properties Window – General
Vendor and Model
WinAgents HyperConf must determine a set of operations supported by the device. Many functions are
device-specific and require knowledge about commands, protocols, and ways of handling device
configuration files. For example, HyperConf should know how to gain access to the device command-line
interface, which command use to copy a file from or to the device, or which MIBs are supported.
WinAgents HyperConf defines such kind of information about a device as a device template. Device
template must be specified for every device registered in the HyperConf Device Catalog. You specify the
template for the device by selecting its Vendor and Model.
Address
The IP-address or DNS-name of the device management interface.
Title
A friendly name which is displayed in the HyperConf Device Catalog.
This device is outside the NAT
Click to select this option if the device is located outside the protected network where WinAgents
HyperConf is. The program will use the address of the NAT outside interface as a TFTP server address
when needed. Please, refer to Working through NAT for additional information.
12 WinAgents HyperConf User’s Guide
Access to command-line interface
Click to select this option to allow command-line access to the device in HyperConf. Choose a terminal
protocol to use to establish connection to the device.
Automatically logon to device
WinAgents HyperConf can automatically implement a logon procedure to a CLI session by sending
username and password to the device when they are requested. Click to select this option to run
automatic logon while opening a new CLI session.
Automatically enter privileged mode
While implementing an automatic logon procedure, WinAgents HyperConf can automatically issue the
command which switches the session to a privileged mode. Click to select this option to allow switching
to the privileged mode. WinAgents HyperConf will automatically send the password for the privileged
mode when requested.
Automatically show current configuration
For your convenience, when you open the Command-Line Interface window for the device, WinAgents
HyperConf can automatically retrieve its current configuration and show it in the editor. Click to select
this option to allow automatic configuration retrieval.
Download/upload configuration
Click to select this option to allow access to configuration files on the device in HyperConf. Choose a
protocol to use to establish connection to the device. This option must be selected for all devices for
which backup is activated.
Web access to device
Click to select this option to allow Web-based access to the device in HyperConf. Choose a protocol to
use to establish connection to the device.
Logon
13 WinAgents HyperConf User’s Guide
Figure 5. Device Properties Window – Logon
Use connection profile
WinAgents HyperConf requires credentials information, such as username, password, encryption keys,
etc. to connect to devices and perform operations with their configuration files. HyperConf offers 2 ways
of specifying such credentials information:
1. Use of connection profiles. A connection profile is a set of credentials (usernames, passwords,
keys, etc.), that may be shared across multiple devices. See Connection Profiles to get additional
information.
2. Configure credentials individually for each device. All necessary credentials information must be
provided in the device properties separately for every device not using a configuration profile.
Click to select Use connection profile to assign a connection profile to the device registration and use its
credentials information, instead of specifying it manually.
Logon method
WinAgents HyperConf supports three different procedures of automatic logon:
Default logon script – Built-in procedure implementing standard logon, when remote host asks
for username and password. When connection to the remote host is established, HyperConf
waits for username or password prompt from the device and replies with username or
password configured for the connection based on the prompt received. This is the least flexible
procedure which is suitable for simple logon scenarios that are used on the most network
devices.
14 WinAgents HyperConf User’s Guide
Command sequence – This procedure allows you to specify a sequence of prompts received
from the remote host and replies that should be sent. After connection to the remote host is
established HyperConf waits for the prompt, then compares received prompt against the
configured sequence, identifies which reply it should send back to the remote host and sends it.
Logon procedure completes when HyperConf receives the prompt which is the last in the
sequence. You can also specify whether initial Carriage Return should be sent before any
prompt is received.
Custom script in JScript – After connection is established HyperConf executes the specified
script written in JScript scripting language. This script performs logon as needed. This is the most
flexible way to specify and configure logon procedure.
Different logon methods require a different set of parameters. When you select a logon method,
HyperConf displays which parameters must be configured.
Username
The username to use for logon.
Password
The password to use for logon.
Privileged password
The password to use for switching to a privileged mode.
Send Initial Carriage Return
Click to select this option to force WinAgents HyperConf to send carriage return before running the
logon sequence, this may be useful for certain types of remote hosts or for connection via Console
(COM port) interface.
Logon Sequence
The set of prompts that can be received from the remote host during logon, with reply strings that will
be sent to the remote host when the corresponding prompt is received. You can add, edit and delete
prompt-reply pairs and move them up and down in the list. Please note, that order of prompt-reply pairs
matters, WinAgents HyperConf implements logon by waiting for prompts and sending replies from the
first to the last as specified in the list.
Logon Script
The full path to the file with script in the JScript programming language, implementing a custom login
procedure.
Run Script After Logon
Click to select this option to force WinAgents HyperConf to run the specified script in JScript
programming language after the automatic logon procedure is completed.
15 WinAgents HyperConf User’s Guide
Advanced
Figure 6. Device Properties Window – Advanced
Enable Level
The access level of the privileged mode access.
Username Prompt
The prompt that the device sends when it requests a username, this value is a regular expression and
can contain special regular expression operators;
Password Prompt
The prompt that the device sends when it requests a password, this value is a regular expression and
can contain special regular expression operators.
Command Prompt
The prompt that the device sends when it is in the non-privileged command mode, this value is a regular
expression and can contain special regular expression operators.
Enable Prompt
The prompt that the device sends when it is in the privileged command mode, this value is a regular
expression and can contain special regular expression operators.
Device Group
16 WinAgents HyperConf User’s Guide
Location of the device in the HyperConf Catalog of Device.
Telnet
Figure 7. Device Properties Window – Telnet Protocol
Port
The port number for the TELENET protocol to use, 23 by default.
Don't negotiate Telnet options
If this option is selected, WinAgents HyperConf won’t attempt to send or respond to TELNET options
requests. This may be useful when establishing connection to a remote host that requires raw text-
based connection, e.g. POP3 or SMTP server.
SSH
17 WinAgents HyperConf User’s Guide
Figure 8.Device Properties Window – SSH Protocol
Port
The port number for the SSH protocol to use, 22 by default.
Version
The version of the SSH protocol, you can choose from SSH version 1 (SSHv1), SSH version 2 (SSHv2) and
auto detection. In the last case, WinAgents HyperConf tries to decide correct protocol version based on
the identification string sent by the device.
Authentication methods
This option specifies which authentication methods should be used. WinAgents HyperConf supports SSH
authentication based on Password, DSA/RSA keys, and Keyboard Interactive authentication. If the
DSA/RSA Key option is checked, you should provide a private key file in OpenSSH, IETF, or PuTTY format
and Passphrase for the key, if any. The program will try to use the supplied key for authentication. You
can also generate public/private keys pair by pressing the Generate key button.
Encryption algorithms
This option specifies which encryption algorithms should be used. WinAgents HyperConf supports AES,
Blowfish, 3DES, and DES algorithms. You can specify which algorithms should be used for the session
and configure their priorities by moving up and down in the list by pressing the Up and Down buttons.
Compression
18 WinAgents HyperConf User’s Guide
Specifies whether data compression should be used. If the Enable Compression option is selected,
WinAgents HyperConf will try to compress all data transmitted over the network. It is also possible to
specify the level of compression, the higher the level, the higher is the compression. Higher levels of
compression require more processing power and may cause significant performance penalty on the
device.
SNMP
Figure 9. Device Properties Window – SNMP Protocol
Port
The port number for the SNMP protocol to use, 161 by default.
Version
The version of the SNMP protocol, you can choose from SNMP version 1, SNMP version 2c and SNMP
version 3.
Read Community
The community string to authenticate read operations.
Write Community
The community string to authenticate write operations.
Security Name
19 WinAgents HyperConf User’s Guide
The username for SNMPv3 authentication.
Security Level
Specify the level of authentication and encryption that should be used for connections.
Authentication
Select the algorithm for authentication. MD5 or SHA1 may be used.
Auth Password
The password to use for authentication.
Priv Password
The password to use for encryption.
Engine ID
The SNMP Engine ID of the deivce.
HTTP
Figure 10.Device Properties Window – HTTP Protocol
HTTP Port
The port number for the HTTP protocol to use, 80 by default.
HTTPS Port
20 WinAgents HyperConf User’s Guide
The port number for the HTTPS protocol to use, 443 by default.
Username
The username to use for a connection.
Password
The password to use for a connection.
Terminal Emulation
Figure 11. Device Properties Window – Terminal Emulation
Terminal Type
The type of terminal to emulate, the following terminal types are supported: ANSI, XTerm, VT100.
Allow ANSI Colors
Click to select this option to turn on color support for terminal emulation.
Use System Colors
Click to select this option to use system colors configured in Windows for the terminal window instead
of built-in colors.
Highlight Console Syntax
Window Size
21 WinAgents HyperConf User’s Guide
Columns, Rows, and Scrollback size of the terminal window.
Resize Behavior
Specifies which action is performed when the terminal window is resized. WinAgents HyperConf can
Change number of rows and columns automatically depending on the terminal window size, making
more rows and columns for larger window and less rows and columns for smaller window; Scale the
font changing the font size and preserving number of rows and columns; or Retain number of rows and
columns automatically displaying vertical and horizontal scroll bars when window is resized.
Encoding
Specify the code page to use in the terminal window.
Passthru Printing
Specify the printer to redirect print output. WinAgents HyperConf supports Passthru printing
technology, allowing redirecting print output to a locally connected printer. All printing processing
should occur on the remote host, and prepared page may be sent to the local printer using ANSI
passthru print codes.
Terminal Keyboard/Mouse
Figure 12.Device Properties Window – Terminal Keyboard/Mouse
Functional Keys & Keypad
Specify what escape sequences will be sent to the device when a functional key is pressed. The following
functional keys emulation schemes are supported: ESC+~, Linux, XTerm, VT400, VT100+, SCO.
22 WinAgents HyperConf User’s Guide
Backspace Sends DEL
If this option is selected, the code for DEL key will be sent to the device when Backspace key is pressed.
Home & End Keys RXVT Mode
If this option is selected, the rxvt-compatible codes will be sent to the device when Home or End is
pressed, instead standard codes.
Add CR to Incoming LF
If this option is selected, carriage return code will be added to incoming line feed characters
Local Echo
Local echo mode that is used in terminal emulation, can be Auto, Force On, or Force Off. Usually, the
device sends back characters when a key is pressed and the corresponding character code is sent to it. In
this case local echo should be turned off; otherwise, if the remote host doesn’t send back characters to
the terminal and nothing is displayed when you type on the keyboard, this option should be turned on.
WinAgents HyperConf can also automatically detect the status of local echo and decide whether turn it
on or off.
Local Line Editing
Line editing mode that is used in terminal emulation, can be Auto, Force On, or Force Off. This
determines how line editing is working when you pressing keys on the keyboard. When local line editing
is off, each press of a key sends the corresponding character code to the remote host. When local line
editing is on, character codes are note sent immediately to the remote host, but they are placed in a
local editing buffer instead, and all line editing is handled locally. Then when Enter key is pressed the
whole buffer is sent to the remote host. Usually, this setting should be configured alongside with Local
Echo.
Key Mappings
The user-defined table of key-mappings. You may Add, Edit, and Remove mappings in the list. Each time
when a key is pressed, WinAgents HyperConf checks if a mapping for this key is configured, and if it finds
the mapping it sends the corresponding mapped characters to the remote host instead of the original
code of the key.
Mouse Emulation
Specify actions assigned to Right and Middle mouse buttons.
Shift Overrides Mouse Behavior
If this option is selected, when Shift key is pressed, default actions will be performed when either Right
or Middle button is pressed.
23 WinAgents HyperConf User’s Guide
X/Y/Z Modem
Figure 13. Device Properties Window – Terminal X/Y/Z Modem
Upload Folder
Specify the full path to a folder, where HyperConf should search for files that are transferred to the
remote host.
Download Folder
Specify the full path to a folder, where HyperConf should store files that are received from the remote
host.
XModem Upload
The command that is sent by WinAgents HyperConf to initiate a file transfer from the local host to the
device via X-Modem protocol.
XModem Download
The command that is sent by WinAgents HyperConf to initiate a file transfer from the remote host to the
local host via X-Modem protocol.
YModem Upload
The command that is sent by WinAgents HyperConf to initiate a file transfer from the local host to the
device via Y-Modem protocol.
YModem Download
24 WinAgents HyperConf User’s Guide
The command that is sent by WinAgents HyperConf to initiate a file transfer from the remote host to the
local host via Y-Modem protocol.
ZModem Upload
The command that is sent by WinAgents HyperConf to initiate a file transfer from the local host to the
device via Z-Modem protocol.
ZModem Download
The command that is sent by WinAgents HyperConf to initiate a file transfer from the remote host to the
local host via Z-Modem protocol.
Upload and download commands can contain “%s” pattern, when a file transfer is initiated this pattern
is replaced by the actual list of file names.
Connection Profiles Connection profile is a set of authentication and authorization parameters being used to connect to a
device. Connection profile includes users' names and passwords to access via TELNET, SSH and
HTTP/HTTPS protocols, and also authentication and encrypting parameters for SNMP.
To configure connection profiles click Connection Profiles on the Device menu.
Figure 14. Managing Connection Profiles
The Connection Profiles Manager window displays a list of profiles.
You can create one or several profiles to connect to network devices. Use of profile makes it easier to
register a device in the Catalog of Devices and set it up. You can select one of the profiles as a default
profile. The default profile will be automatically assigned to newly registered devices. To set a profile as
default, select it in the list and click Make Default.
25 WinAgents HyperConf User’s Guide
To create a profile click New. You can also copy the existing profile by clicking Copy. To edit the existing
profile select it in the list and click Edit. To configure a connection profile the Connection Profile
Settings window is used (Figure 15). It contains the following groups of parameters:
Figure 15. Connection Profile Settings
General
Name
The name of the profile.
Username
The username to use for logon.
Password
The password to use for logon.
Privileged password
The password to use for switching to a privileged mode.
Telnet
Port
The port number for the TELENET protocol to use, 23 by default.
Don't negotiate Telnet options
If this option is selected, WinAgents HyperConf won’t attempt to send or respond to TELNET options
requests. This may be useful when establishing connection to a remote host that requires raw text-
based connection, e.g. POP3 or SMTP server.
26 WinAgents HyperConf User’s Guide
SSH
Port
The port number for the SSH protocol to use, 22 by default.
Version
The version of the SSH protocol, you can choose from SSH version 1 (SSHv1), SSH version 2 (SSHv2) and
auto detection. In the last case, WinAgents HyperConf tries to decide correct protocol version based on
the identification string sent by the device.
Authentication methods
This option specifies which authentication methods should be used. WinAgents HyperConf supports SSH
authentication based on Password, DSA/RSA keys, and Keyboard Interactive authentication. If the
DSA/RSA Key option is checked, you should provide a private key file in OpenSSH, IETF, or PuTTY format
and Passphrase for the key, if any. The program will try to use the supplied key for authentication. You
can also generate public/private keys pair by pressing the Generate key button.
Encryption algorithms
This option specifies which encryption algorithms should be used. WinAgents HyperConf supports AES,
Blowfish, 3DES, and DES algorithms. You can specify which algorithms should be used for the session
and configure their priorities by moving up and down in the list by clicking Up and Down.
Compression
Specifies whether data compression should be used. If the Enable Compression option is selected,
WinAgents HyperConf will try to compress all data transmitted over the network. It is also possible to
specify the level of compression, the higher the level, the higher is the compression. Higher levels of
compression require more processing power and may cause significant performance penalty on the
device.
SNMP
Port
The port number for the SNMP protocol to use, 161 by default.
Version
The version of the SNMP protocol, you can choose from SNMP version 1, SNMP version 2c and SNMP
version 3.
Read Community
The community string to authenticate read operations.
Write Community
The community string to authenticate write operations.
Security Name
27 WinAgents HyperConf User’s Guide
The username for SNMPv3 authentication.
Security Level
Specify the level of authentication and encryption that should be used for connections.
Authentication
Select the algorithm for authentication. MD5 or SHA1 may be used.
Auth Password
The password to use for authentication.
Priv Password
The password to use for encryption.
Engine ID
The SNMP Engine ID of the device.
HTTP
HTTP Port
The port number for the HTTP protocol to use, 80 by default.
HTTPS Port
The port number for the HTTPS protocol to use, 443 by default.
Username
The username to use for a connection.
Password
The password to use for a connection.
Operations with Multiple Items While working with the devices and groups in the Catalog of Devices, it may be required to perform the
same operation for more than one item. For instance, you may need to change the connection profile
for several devices, change their vendor and model, etc. WinAgents HyperConf simplifies such a task by
allowing selection of multiple items in the Catalog of Devices. To select multiple devices and groups do
one of the following:
To select consecutive devices or groups, click the first item, press and hold down SHIFT, and
then click the last item.
To select nonconsecutive devices or groups, press and hold down CTRL, and then click each
item.
Then click a command to perform with the selected items.
28 WinAgents HyperConf User’s Guide
For example, to change connection profile for multiple devices follow these steps:
1. Select the necessary devices in the Catalog of Devices using one of the techniques described
above.
2. On the Device menu, click Properties. The program will open Device Properties window.
3. In the Device Properties window select the required connection profile and click OK. The
program will change connection profile for each of the selected devices.
Group Overview Every group in the Catalog of Devices contains the Overview node. Double-click it to open the Group
Overview window. This window contains information about status of backup operations for all devices
within the group. The following information is available for each device:
Device – the device name and its IP-address;
Type – the device vendor and model. It is possible to filter the list of devices in the Group
Overview window. To apply a filter, click the down arrow in the Type column caption. When the
filter is applied and active, the filter management pane is shown in the bottom of the device list;
Last backup – date and time of the last successful backup of the device configuration file;
Last attempt – date and time when the most recent backup operation was performed for the
device;
Last attempt status – short message describing status of the most recent backup operation for
the device;
Last configuration change – date and time of the most recent device configuration file backed
up and stored in the HyperConf database.
Double click on a device in the list opens the Device Overview window for it.
Working with Favorites It is quite common in a large networks for administrators to work actively only with a few number of
devices. In this case, all of the network devices should be registered in the HyperConf Catalog of
Devices, so HyperConf will be able to perform backups for them. However, the large number of
registered devices makes it hard to locate a necessary one, and regular searches make work less
effective. Use of Favorites bookmarks saves time and allows accessing the devices, their features and
configuration files in a more effective way.
To show the Favorites panel, click Favorites on the View menu. The Favorites panel is above the tree of
the Catalog of Devices, and it contains bookmarks to access necessary tools for devices with a single
click. To add a bookmark, select a node in the devices tree and click Add in the Favorites panel.
HyperConf will display the Add Favorite window, where you can set name, comment and placement for
the bookmark. Clicking OK saves the bookmark in the Favorites. You can also drag and drop any node
from the devices tree using mouse.
Click Organize to edit and remove bookmarks. This command shows the Organize Favorites window,
where you can create folders, place there bookmarks, rename bookmarks and folders and delete them.
29 WinAgents HyperConf User’s Guide
To jump to the necessary device, left-click the corresponding bookmark.
Actions Panel Actions Panel shows a list of commands for the currently selected device in the Catalog of Devices, and
allows you to select and run the particular command simply by clicking it. This speeds-up
implementation of common tasks and makes work with HyperConf more effective. The Actions Panel is
located under the Catalog of Devices. The contents of the Actions Panel is dynamically changed based
on vendor and model of the device selected in the Catalog of Device, to show the commands which
applicable for it. If multiple items are selected in the Catalog of Devices, then the Actions panel displays
only a subset of commands, which are common for all selected items.
Backing-up Device Configuration Files One of the most important functions of WinAgents HyperConf is implementation of automatic backups
of network devices configuration files. The program runs the backup procedure according to a schedule
or when the built-in SYSLOG server receives a message indicating the configuration change. Besides, you
can run the backup process manually.
HyperConf maintains the history of configuration changes for each device registered in the Catalog of
Devices. When performing the backup for a configuration file for a device, HyperConf checks its
database for previously backed-up configurations, analyzes changes in the configuration file, and if
detects any, stores the downloaded configuration file in the database and assigns the version number to
it.
When WinAgents HyperConf compares configuration files, it can ignore some configuration commands,
comments and other information. This may be useful when the configuration file contains automatically
generated data, such as timestamps, descriptions, etc., which is updated every time the configuration
file is downloaded, but this data isn’t affect the device configuration itself. You can configure templates
for lines that must be ignored for every device vendor and model supported by HyperConf, using the
HyperConf Options window. To configure exclusion templates, on the Tools menu, click Program
Options. In the HyperConf Options window click Changes Detection, and then click Configure
Exclusions. Exclusion templates are regular expressions. Refer to Regular Expression Syntax to get
additional information.
To browse the configuration files for a device, locate the device in the Catalog of Devices, expand its
node, and double-click Configuration History. HyperConf will open the Configuration History window
that contains a list of current and saved device configurations. Double-click the configuration in the list
to open it in the editor.
Backing-up Configuration Files by Schedule To configure automatic backups according to a schedule, on the Device menu, click Configure Backups.
The program will open the Backup Configuration window (Figure 16).
30 WinAgents HyperConf User’s Guide
Figure 16. Backup Configuration
You can select devices for which automatic backup is enabled, configure schedule and other backup
options using this window.
The following settings are available:
Store … backup files per device – the number of configuration backups stored by the program
for every device. If the number of files exceeds the specified number, HyperConf deletes the
oldest configuration backup from the database;
Copy configuration to NVRAM after backup – select this options to store the device
configuration to the device non-volatile memory every time the backup is performed and
HyperConf finds changes in the configuration since the last backup;
Detect configuration changes using SYSLOG – WinAgents HyperConf includes the built-in
SYSLOG server and listens for incoming SYSLOG messages. When this option is selected,
HyperConf analyzes the incoming messages and detects if they indicate changes in device
configurations. If a message about configuration change is received, the program automatically
backs it up. Refer to the Detecting Configuration Changes via SYSLOG for more information;
Send backup notification by e-mail – if this option is selected, HyperConf will send notifications
via e-mail with the results of backup operations. Click Configure to specify e-mail options.
Manual Configurations Backup You can run the backup process manually by selecting devices in the Catalog of Devices and clicking
Backup Device Configuration on the Device menu. HyperConf will open a new Backups window,
31 WinAgents HyperConf User’s Guide
containing progress and log of the backup process. After the process completes, you can examine newly
created configuration backups for each device by expanding the node for the device on the Catalog of
Devices and double-clicking the Configuration History node.
Detecting Configuration Changes via SYSLOG WinAgents HyperConf can monitor devices for changes in their configurations using built-in SYSLOG
server. Most devices when their configuration changes send a message to the SYSLOG server.
WinAgents HyperConf can identify such messages and immediately start the backup operation for a
device.
To use this features you need to setup the following:
1. Configure the device to send SYSLOG messages to the computer with WinAgents HyperConf.
For Cisco IOS Device:
Use the command logging ip_address, where ip_address is the IP-address of the
computer with WinAgents HyperConf
For Cisco PIXOS Device:
Use the command logging host interface ip_address, where interface is
the nearest device network interface to the computer with WinAgents HyperConf, and
ip_address – the IP-address of this computer.
For Cisco Catalyst Device:
Use the following commands to configure SYSLOG messages sending:
set logging server enable
set logging server ip_address
where ip_address is the address of the computer with WinAgents HyperConf.
2. In the Configure Backup window select Detect configuration changes using SYSLOG. To open
the Configure Backup window, click Configure Backups on the Device menu.
3. (Optional). Configure message templates that WinAgents HyperConf uses to detect changes in
device configuration files. HyperConf already has pre-configured message templates for the
most number of supported devices. However, different versions of device firmware can send
different SYSLOG messages, and they may be not recognized by the program. In this case you
should add appropriate templates. You can do this in the HyperConf Options window, in the
Changes Detection section (Figure 17).
32 WinAgents HyperConf User’s Guide
Figure 17. Changes Detection
On the Tools menu, click Program Options. In the HyperConf Options window click Changes Detection,
and then click Configure Message Patterns. HyperConf will open the Configure SYSLOG Patterns
window (Figure 18).
Figure 18. SYSLOG Patterns.
The program stores a list of SYSLOG messages templates for every device vendor and model. The
templates are specified as regular expressions. Refer to Regular Expression Syntax to get additional
information on the syntax used for regular expressions.
33 WinAgents HyperConf User’s Guide
Working with Devices WinAgents HyperConf provides a set of tools to work with network devices and their configuration files.
These tools are displayed under the device node in the Catalog of Devices when you expand it.
Device Overview The Device Overview window contains the most important information about the status of device
configuration files and device operation. The information is represented in three sections: Device,
Backups, and SNMP variables.
Figure 19. The Device Overview Window
In the Device section the device name and address are displayed. Click Properties to open the Device
Properties window and setup or update parameters of the device registration in HyperConf.
The Backups section contains the following information on backup state:
The Last backup field shows the date and time of the last backup stored in the HyperConf
database. Click the link to open the backup in the editor.
The Last attempt field shows information about the date, time and result of the last backup
operation performed for the device. Click the link to open the Operation Log window and
examine the operation details.
The Last change field shows the date and time of the last changes detected by HyperConf. This
field is updated every time the program finds differences between the current device
configuration and its last backup. To open the list of the existing configuration backups click
Configuration History. Click Backup Now to start the backup operation.
The SNMP Variables section shows values of standard SNMP2-MIB (RFC3418) variables retrieved from
the device. This feature requires the SNMP server configured, up and running on the devices. It is also
necessary to provide SNMP settings for the device registration in the Device Properties window.
This section displays the general device information, such as name, location and description, configured
on the device, as well as device interface table and CPU and memory load counters. Use dropdown box
34 WinAgents HyperConf User’s Guide
above the table to switch the table format. Not all devices support SNMP counters for CPU and memory
load, and HyperConf doesn’t show counters for such devices.
If Auto refresh is selected, then HyperConf periodically polls the device, retrieving SNMP variable values
and refreshed the contents of the interface table and load counters. If automatic refresh is disabled you
can refresh data by clicking Refresh.
Terminal Shell WinAgents HyperConf includes full-featured, convenient, and easy-to-use terminal emulation client.
With WinAgents HyperConf you receive a flexible tool for accessing remote hosts and network devices
via the TELNET and SSH protocols.
Main features of WinAgents HyperConf terminal shell include:
Quick access to a remote host by automating logon procedures.
Support of SSH, TELNET and Serial communication protocols.
Emulation of different terminal types: ANSI, VT52, VT100, VT220, Linux, XTerm.
RouterTweak™ technology – visual editing for configuration files of network devices
manufactured by Cisco Systems.
Principles and Advantages of HyperConf Terminal Shell WinAgents HyperConf terminal shell is based on the RouterTweak™ technology. WinAgents
RouterTweak™ is a technology that makes your work with Cisco routers and switches more visual and
effective. Knowing the principles of the command line interface of Cisco devices, you can use WinAgents
HyperConf to automate the most common tasks. This approach saves your time by allowing you to hand
over routine operations to the program. Several benefits you get if you use WinAgents HyperConf are
listed below:
Reducing the time needed to connect to a device. Having specified the username and password
for connecting to a device only once, you will not have to spend time on entering them again
when you connect to your router next time. WinAgents HyperConf will enter the account data
automatically and switch to the privileged mode if necessary.
Viewing the configuration of a device in a convenient form. Just click once to get the
configuration of your device in a visual form. Syntax highlighting and the structure of the device
configuration will allow you to find various configuration sections and commands in the text of
the configuration file more easily. For instance, all you need to do in order to locate section with
settings of a certain interface is click this interface in the configuration tree.
Increasing the speed of work with access control lists (ACL). WinAgents HyperConf allows you
to edit access control lists directly, without downloading the configuration file to the TFTP
server. You can add, edit and remove commands in the beginning, in the middle and in the end
of ACLs, and the program will build the resulting ACL correctly using the order of rules as they
were entered, and send the ACL to the device automatically.
Usability in editing the configuration of devices. WinAgents HyperConf simplifies configuration
editing by providing a context help system. When you add a new command to the configuration
file, WinAgents HyperConf requests its possible parameters from the device and displays them
as hints and lists. So, while editing commands, you see the list of its parameters and can
35 WinAgents HyperConf User’s Guide
complete command more easily by selecting one of the offered options without typing the
entire string.
Usability in performing common tasks. Several mouse clicks are enough to print out the device
configuration, save it to a file or copy it to the non-volatile memory of the device.
WinAgents HyperConf offers you two ways to work with devices using terminal shell. You can work with
command line interface directly, without visual editor. In this case you will have a standard set of
command line tools enhanced by syntax highlighting. Syntax highlighting makes it easier to find what
you need in the results of issued commands.
A more effective way is to use the full set of RouterTweak™ Extensions in the built-in online
configuration editor. In this case the program requests the configuration file from the device and allows
you to modify it. All operations in the command line interface the program will perform automatically
based on the modifications you made in the editor. But you can constantly control what the program
does on the device, because the entire process of command exchange between the program and the
device is displayed in the terminal window. WinAgents HyperConf allows simultaneous use of the online
configuration editor and the terminal shell, you can switch from one to another and back any time and
combine both ways of work.
Connecting to Device with CLI Before terminal shell can be used for a device in HyperConf, it should be enabled it the device
registration settings (Figure 20).
Select the device in the Catalog of Devices, and on the Device menu click Properties.
Click to select the Access to command line interface option in the Device Properties window.
Select the protocol to use in the corresponding dropdown list.
Click to select the Automatically logon to device option if you want HyperConf to logon to the
device automatically after connection is successfully established. Please note, to make
automatic logon possible you need to specify username and password that HyperConf will send
to the device during logon. You can configure username and password as well as additional
logon options on the Logon tab in the Device Configuration window. Click Logon in the tree on
the left to switch to this tab.
Click to select the Automatically enter the privileged mode option to switch to the privileged
mode in command line interface after successful logon. This option is available only if the
Automatically logon to device option is selected. This option may not be available for some
types of devices.
Click to select the Automatically show current configuration option to retrieve the running
configuration from the device and display it in the built-in online configuration editor.
HyperConf will retrieve the configuration after logon and switch to the privileged mode are
completed. This option is available only if the Automatically logon to device and Automatically
enter the privileged mode options are selected. This option is available only for devices running
Cisco IOS, Cisco PIXOS or Cisco CATOS.
36 WinAgents HyperConf User’s Guide
Figure 20. Configuring of terminal access to device
To open the terminal shell window, double-click the Command Line Interface node under the device
node in the Catalog of Devices.
Terminal Window The terminal shell window in HyperConf is divided into two work areas: terminal emulator in the lower
part of the window and online configuration editor in the upper part of the window (Figure 21). Online
configuration editor displays the configuration as a sequence of commands, how it was retrieved from
the device, and as a tree-like structure representing its key points such as interfaces, access lists, etc.
Click a node in the tree to jump to the corresponding commands in the configuration.
You can customize the terminal window by dragging splitters to arrange sizes of the terminal emulator
and online configuration editor. You can also hide the online configuration editor completely maximizing
the terminal shell and use it like regular terminal emulation software.
Please note, that online configuration editor is only available for devices running Cisco IOS, Cisco PIXOS
and Cisco CATOS. For other types of devices the terminal window contains only terminal shell.
37 WinAgents HyperConf User’s Guide
Figure 21. The Terminal window
Configuring Devices in Terminal Shell This topic describes typical tasks that network administrators perform while working with configurations
and how to accomplish them using online configuration editor with RouterTweak™ Extensions in
WinAgents HyperConf.
Retrieving Running and Startup Configurations
To retrieve the running or startup configuration from the device, click Show running configuration or
Show startup configuration respectively. These commands are available only when the terminal session
is established and terminal shell is connected to the device. Please note that you should specify the
username, password and password for switching to the privileged mode in the device registration
properties.
When you click Show running configuration or Show startup configuration, HyperConf retrieves the
configuration from the device by issuing an appropriate command and captures the configuration file
that the device displays in the terminal session, and opens online configuration editor containing the
received file. It is impossible to edit the startup configuration directly, and it is displayed in the editor in
the read-only mode. If you need to modify the startup configuration, you should edit the running
configuration first and then save it to non-volatile memory of the device. Refer to Saving Device
Configuration to NVRAM for details.
Online Configuration Editor
The terminal shell in WinAgents HyperConf includes the online configuration editor, which allows direct
editing of the configuration files of devices running Cisco IOS, Cisco PIXOS and Cisco CATOS (Figure 22).
38 WinAgents HyperConf User’s Guide
Figure 22. Editing the running configuration
The editing features provided by the online configuration editor include:
Direct configuration editing in real time.
Configuration commands are represented as editable lines, which make editing them more
natural and intuitive.
Automatic switching to the configuration mode and to the necessary configuration level when
needed.
Context list of available commands with their description.
Context help for commands and parameters in the line being edited.
Errors and typos detection and indication.
Extended support for editing access control lists.
Convenient way of entering and editing commands with multiline string parameters.
The online configuration editor also uses various presentation techniques to make the configuration text
more readable:
Highlighting key items (addresses, strings, numbers, etc.).
Presenting configuration modes as a tree of embedded commands.
Displaying the key points of the configuration (interfaces, lines, access control lists, etc.) in the
separate tree for quick and easy navigation.
Highlighting recently modified commands.
Adding Commands
While working with the configuration file it is common to add, edit, negate commands and reset them to
their default state. The online configuration editor completely supports these operations and provides
39 WinAgents HyperConf User’s Guide
tools to make them easier and intuitive to accomplish. This topic describes how to add a command using
features of the online configuration editor.
To add a new command:
Select the position in the configuration where the new command should be placed, by clicking
an existing line in the editor. The command will be added right below this line.
Click Add command on the CLI menu. The command will be added to the same configuration
mode as the selected line.
Enter the command and press Enter.
Configuration files of some device models has commands that switches the configuration mode and the
following lines are applied for the corresponding configuration mode (for instance, devices running Cisco
IOS software has separate configuration modes for interfaces, lines, etc. You can notice switching
between configuration modes by checking the command line prompt. The device displays different
prompts in the different modes). The online configuration editor in WinAgents HyperConf supports
multiple configuration modes and allows you to enter configuration commands in different modes.
To add a new command that requires switching to a configuration mode:
Select the command in the configuration that enters the necessary configuration mode by
clicking an existing line in the editor. HyperConf highlights commands that switch configuration
modes (in dark blue by default).
Click Add Command from Mode on the CLI menu. The configuration mode on the device will be
switched automatically.
Enter the command and press Enter.
Figure 23. Adding a command
To make change tracking easier, all commands entered during the current editing session are displayed
in italic and highlighted in green by default. All changed commands are highlighted until the
configuration is refreshed or the connection to the device is closed.
Please note that when you refresh the configuration by clicking Refresh or reconnect to the device, the
added command may change its position in the configuration file. It is normal because the device sorts
configuration commands in its own way.
It is important to distinguish commands Add Command and Add Command from Mode and use the
appropriate one. For instance, if the interface command is selected in the editor and Add Command
is clicked, then a command will be added in the global configuration mode, and if Add Command from
Mode is used, then HyperConf adds an interface configuration command.
40 WinAgents HyperConf User’s Guide
To obtain detailed information about entering and editing commands refer to the Editing Commands
section.
Editing Commands
To start editing a command, you should select the corresponding line in the configuration text by left-
clicking and on the CLI menu click Edit command. Another way to start editing is to double-click the line
of the configuration file in the editor window.
Figure 24. Editing a command.
HyperConf displays tooltips and lists of possible commands and parameters as you type in the editor to
help you in editing commands. These help items are shown automatically. If you need to open them
manually, use the Ctrl+Space key combination.
Tooltips are context-dependent and they provide you with the short description, type and possible
values of the command or parameter you edit.
The list of possible commands may be used to speed up entering the command. Instead of typing its full
text, you can type only a few starting characters and select the whole command or parameter value
from the list using either keyboard or mouse. The selected command will be automatically added to the
line.
Press Enter to end editing. If the command is correct, the corresponding changes will be applied to the
device configuration and the online configuration editor will display the command in italic and highlights
it (in green by default). If there is an error in the command, HyperConf places the caret to the position
where the problem is, and displays the error description.
You can cancel configuration line editing by pressing Esc.
Please note, if you delete entire command text in the editor line, and type a new command instead of it,
the newly entered command may change its place in the configuration file after you refresh the
configuration file by clicking Refresh or reconnect to the device. It is normal because the device sorts
configuration commands in its own way.
When you are editing a command, you may delete its entire text and press Enter. This will have the
same effect as if you reset the command to its default state. Refer to the Negating and Resetting
Commands to Default section for details.
41 WinAgents HyperConf User’s Guide
Negating and Resetting Commands to Default
With terminal shell, it is much easier to negate commands and reset them back to their default state.
These operations may be performed with several mouse clicks, so there is no need to type commands or
use the command line interface. HyperConf will switch to the configuration mode and send necessary
commands to the device automatically.
Negating Commands
To disable some function on the device or execute the command opposite to the existing one, you
should negate the command.
To negate a command, select the corresponding line in the configuration text and on the CLI menu click
Negate command.
When negating a command, HyperConf sends a series of commands to the device: commands to enter
the configuration mode, the selected command with the no prefix, and commands to exit the
configuration mode.
As for the other lines of the configuration file modified during the current editing session, the negated
command will be displayed in italic and highlighted (in green by default). The highlighting remains until
the configuration is refreshed or the connection to the device is closed.
Please note that after you refresh the configuration file by clicking Refresh or reconnect to the device,
the command may completely disappear from the configuration if its negation resets it to the default
state. Devices don’t include commands in the default state into configuration files.
If Negate command is used for a command already starting with the no prefix, then the prefix will be
removed and the command will be sent to the device without it.
Resetting Commands to Default
Almost any command has the default state, this means that the feature the command controls is
configured in a way the manufacturer of the device implies. Such commands are not included to the
running configuration of the device.
To reset a command to its default state, select the corresponding line in the configuration text and on
the CLI menu, click Set Command to Defaults.
When resetting a command to the default state, HyperConf sends a series of commands to the device:
commands to enter the configuration mode, the selected command with the default prefix, and
commands to exit the configuration mode.
The modified command will be displayed in italic and highlighted (in green by default). The highlighting
remains until the configuration is refreshed or the connection to the device is closed.
Please note that after you refresh the configuration file by clicking Refresh or reconnect to the device,
the command will be removed from the configuration, because devices don’t include commands in the
default state into configuration files.
If Set Command to Defaults is used for a command already starting with the default prefix, then the
prefix will be removed and the command will be sent to the device without it.
42 WinAgents HyperConf User’s Guide
Saving the Configuration to NVRAM
Changes applied to the running configuration will be lost after the device is restarted or the software on
the device is reloaded. To save the changes, you should copy the running configuration to the non-
volatile memory (NVRAM) to the so-called startup configuration. The startup configuration will be used
upon the next device boot.
To save the running configuration to NVRAM, click Save to NVRAM on the CLI menu.
Editing Access Control Lists
It is fairly difficult to edit access control lists (ACL) on devices manufactured by Cisco Systems.
Unfortunately, there is no simple way to add a new rule to the middle of an access control list. There are
also no simple ways to edit existing rules. In order to modify access control lists, network administrators
have to download the entire configuration file from the device to the TFTP server, edit it using a third-
party text editor and then upload it back to the device. It is not transparent and a very time-consuming
approach. It is also difficult to use this method if the device and the TFTP server are in the different
networks and separated by firewalls and NAT. More than that, transferring configuration files via the
TFTP protocol may produce network security threats because the configurations are transferred via the
TFTP protocol as a plain text without encryption.
WinAgents HyperConf allows you to edit ACLs directly without use of the TFTP server. The online
configuration editor supports adding, editing and removing lines in any part of an access control list. The
program uses the command line interface of Cisco devices to make the necessary changes in ACLs.
WinAgents HyperConf handles ACL editing in a special way, rebuilding it each time it is modified and
sending it to the device in the correct order. For example, if you insert a new rule into the middle of an
access control list, the program will perform the following sequence of actions:
1. Delete the access control list.
2. Recreate the ACL and add all existing rules to it one by one. The new rule will be added to the
list in the specified position.
All this is done automatically. You will only have to add a new rule to the position you need in the access
control list. You can see all commands the program sends to the device during this process turning on
the verbose mode.
Editing Multiline Strings in Commands
Some IOS commands use multiline strings as their parameters. For example, commands for setting
various types of banners. You can add and edit such commands as well. The first character entered after
the command is considered as a separator, which is not a part of the parameter and is used only to
indicate the end of input. Type the multiline parameter text after the separator. Each time you press
Enter, a new line is inserted (Figure 25).
43 WinAgents HyperConf User’s Guide
Figure 25. Editing multiline parameters
To end the parameter input, enter the separator character again and press Enter. The program will send
the command to the device, and if it is correct it will be saved into the configuration file.
Verbose Mode
When you edit the configuration file using the online configuration editor, WinAgents HyperConf works
with the command line interface of the device in background. It may be convenient to see the
commands HyperConf sends to the device and the output received from it. To show the process of
command exchange between the device and HyperConf, click Show Device Output on the CLI menu.
The commands and output will be displayed in the console window. To turn off the verbose mode, click
this command once again.
The verbose mode may be useful to see various warnings and other information the device displays
when the command is applied. On the other hand, you may need to turn it off, when you actively work
simultaneously with the online configuration editor and the console, and don’t want to pollute the
console with the output from background operations.
Edit Device Configuration Off-Line With WinAgents HyperConf you can edit device configuration file as a plain text. WinAgents HyperConf
contains a specialized text editor (called the off-line configuration editor) which allows receiving files
directly from devices, modifying them and uploading the updated files back to devices.
Before the off-line configuration editor can be used for a device in HyperConf, it should be enabled it the
device registration settings (Figure 26).
Select the device in the Catalog of Devices, and on the Device menu click Properties;
Click to select the Download/upload configuration via option in the Device Properties window.
Select the protocol to use in the corresponding dropdown list.
If a terminal protocol such as TELNET or SSH is selected for configuration retrieval, then you
need to configure the logon parameters to access the device command line interface. Click
Logon in the tree on the left to switch to the Logon tab. Enter username, password and
privileged password and select the logon method that HyperConf will use. You can also select a
connection profile and use its settings instead of the individual set of credentials. Refer to the
Logon section for additional details.
If SNMP is selected for configuration retrieval, then you need to configure SNMP-specific
options, such as protocol version, security, authentication and privacy settings. Click SNMP in
the tree on the left to switch to the SNMP tab. Select the protocol version, and specify the
appropriate security settings. Refer to the SNMP section for additional details.
44 WinAgents HyperConf User’s Guide
Figure 26. Setting the device properties to download configuration files
Downloading Configuration Files from Device
To download a configuration file from the device, expand the device node in the Catalog of Devices and
double-click one of the device configuration nodes. Depending on the vendor and model specified for
the device registration, HyperConf places different nodes representing configurations under the device
node in the Catalog of Devices. For instance, for devices running Cisco IOS you will see Running
Configuration and Startup Configuration and for devices running Cisco CatOS – Full Configuration and
Non-default Configuration.
When you double-click the configuration node, HyperConf connects to the device using the protocol
selected for downloading and uploading configurations, and issues a series of commands to copy the
configuration file from the device to the built-in TFTP server. The entire process is reflected in the
Operation Log which is displayed in the bottom of the editor window (Figure 27).
45 WinAgents HyperConf User’s Guide
Figure 27. Downloading configuration from the device
Editing Device Configurations
After the configuration file is downloaded, it is opened in the text editor. The off-line configuration
editor supports all standard editing functions such as clipboard cut/copy/paste operations, undo/redo,
find/replace, and setting and jumping to bookmarks, as well as extended functions simplifying editing
the configuration files such as syntax highlighting. You can access edit commands on the Edit menu.
Attention! Whenever editing a configuration file you have to keep in mind that when the configuration
file is uploaded to a Cisco device, it is merged with the current configuration. Thus, to delete a command
from the configuration file, you need to enter a no prefix before the command in the editor window.
Consider the following example. The device configuration contains the command
logging 192.168.0.5
To delete this command from the configuration file prefix it with no instead of erasing the command
text
no logging 192.168.0.5
After the modified configuration is uploaded to the device, the device will remove this command from
the current configuration file.
46 WinAgents HyperConf User’s Guide
To modify an access control list, insert a command to delete the existing list before the commands
representing access list rules. Otherwise, if you miss the delete command, the commands in the file you
edit will be appended to the end of the already existing ACL on the device instead of replacing it.
For example, the device configuration contains the following ACL:
access-list 101 permit tcp any any
access-list 101 deny ip any any
And you need to insert the command
access-list 101 permit icmp any any
in the middle of the list. To do this, modify the ACL commands in the following way:
no access-list 101
access-list 101 permit tcp any any
access-list 101 permit icmp any any
access-list 101 deny ip any any
Thus, when the configuration is uploaded, the device will delete the existing ACL and recreates it using
the new rules. The resulting ACL will be as follows:
access-list 101 permit tcp any any
access-list 101 permit icmp any any
access-list 101 deny ip any any
Using the off-line editor you can save configuration files to files and upload them to one or multiple
devices. Refer to the Uploading Configuration Files to Device for additional details.
Bookmarks
While editing a large configuration file it is common to scroll the configuration and move the caret from
one command to another and back very often. This operation makes the editing process less efficient
because of time lost for navigation. The off-line configuration editor introduces bookmarks to help you
with navigation while editing configuration files. You can mark lines of the configuration file and then
jump to them very quickly.
To set a bookmark:
Place the caret on the line to set bookmark to;
On the Edit menu, point to Toggle Bookmark, and then click one of Bookmark 0, …, Bookmark
9. You bookmark up to 10 different lines.
Please note if you click the bookmark command for the bookmark which is already set, and the line
where the caret is contains no bookmark, the bookmark will be moved.
To delete the bookmark:
Place the caret on the line where the bookmark is set. The bookmark is displayed as a gray
rectangle with the number in the gutter area of the editor which is on the left of it;
On the Edit menu, point to Toggle Bookmark, and then click Bookmark N, where N is the
number of the bookmark.
47 WinAgents HyperConf User’s Guide
To jump to the bookmark, on the Edit menu, point to Go to Bookmark, and then click Bookmark N,
where N is the number of the bookmark. The editor will be scrolled to show the line where the
bookmark is, and the caret will be placed to it.
Uploading Configuration Files to Devices
To upload the configuration file in the off-line configuration editor to the device, click Upload
Configuration to Device on the Configuration menu. After you click Upload Configuration to Device
HyperConf shows the Select Destinations window, where you can select one or multiple device to
upload the configuration file to, and specify the protocol and upload method to use for upload. Different
types of devices support different sets of protocols and upload methods (Figure 28).
Figure 28. Upload Configuration to Devices
Click Select Devices to select devices to which configuration should be uploaded.
While uploading the configuration file, HyperConf puts it to the built-in TFTP server, connects to the
device using the protocol selected in the Select Destinations window, and issues a series of commands
to copy the configuration file from the built-in TFTP server to the device. The copy process is reflected in
the Operation Log which is displayed in the bottom of the editor window.
Depending on the upload method select in the Select Destinations window for the device, the
configuration file can be copied or merged with the configuration of the target device. This may result
that the configuration file in the editor window and the configuration file on the device are different. To
synchronize them, HyperConf will offer to re-download the configuration file from the device after the
upload operation is successfully completed.
Configuration History Each device node in the Catalog of Devices includes the Configuration History node under it. When you
double-click this node, the Configuration History window is opened in the work area.
The Configuration History window contains a list of configuration backups for the device. For every
configuration version the following information is available:
Date – the date and time when the configuration file was downloaded and/or backed up and
stored in the HyperConf database.
48 WinAgents HyperConf User’s Guide
Version – the version number of the configuration backup. WinAgents HyperConf stores the
configuration to the database while performing the backup operations only if it is different from
the previous backup. HyperConf assigned version numbers to all configuration files it stores to
the database by incrementing by 1 the version of the previous backup.
Type – indicates whether the current line represents a configuration on the device or a backup,
of the configuration file, and if the current line represents the backup, informs how the backup
operation was triggered (manually, by schedule, by SYSLOG message, etc.).
Baseline – whether the version of the configuration is a baseline version. You can mark key
versions of configurations as a baseline to manage them and track changes in a more easy and
convenient way. If the configuration is marked as a baseline configuration, it is displayed with a
lock icon in the Type column.
Changed by – the name of the user who made the last changes in the configuration on the
device, if this information is available. Some devices include this information as a comment in
the configuration file. For other devices this information can be extracted by analyzing SYSLOG
messages they send to indicate the changes in configuration. If this information is not available,
this column is empty.
Changes – the summary of changes and differences between the previous version and the
current version of the configuration backup. This information is displayed as a hyperlink, you can
click it, and this will open the Compare Configurations window, where you can check the lines
added, removed and changed since the previous backup.
Comment – you can add some additional comment to describe this version of the configuration.
The Configuration History window provides a full set of commands to manage backup of the
configuration files. All this commands are on the History menu.
To open a backup in the off-line configuration editor and edit it, select the backup in the list and click
Open in New Window.
If you need to restore the configuration on the device from a certain backup version, click Upload. When
Upload is clicked, HyperConf shows the Select Destinations window, where you can select device to
upload the configuration to, specify protocols and upload methods to use. Refer to the Uploading
Configuration Files to Devices for additional details. You can cancel the upload process by clicking
Cancel Operation.
The key versions of configuration backups can be marked as baseline versions. If a backup is marked as
a baseline, it will not be removed from the database automatically when the limit of the number of
stored backups is reached. You can remove the baseline version of backup manually, by clicking Remove
Backup.
To add a comment to the backup, select it in the list and click Enter Comment. Enter the comment text
in the Backup Comment window you see and click OK to save it. The comment will be displayed in the
Comment column of the configurations list.
To initiate the backup operation for the device, click Back up Device Configuration.
49 WinAgents HyperConf User’s Guide
Connecting to Device with Web Browser WinAgents HyperConf includes a built-in Web browser, and it may be used to connect to devices if they
provide web-interface for management or monitoring. If web access is configured and enabled for the
device registration in HyperConf, it displays the Web Access node under the device not in the Catalog of
Devices.
To enable and configure web access for the device registration:
Select the device in the Catalog of Devices, and on the Device menu click Properties.
Click to select the Web access to device via option in the Device Properties window. Select the
protocol to use in the corresponding dropdown list.
Click HTTP in the tree on the left to switch to the HTTP tab. Specify the port numbers for
HTTP/HTTPS connection, and username and password to use. If a connection profile is attached
to the device, the corresponding settings from the connection profile are used. Refer to the
Connection Profile and Logon sections for additional information.
Figure 29. Setting the device properties to connect to the device with web browser
Saving Device Configuration to NVRAM It is important not to forget saving the current running configuration of the device to its non-volatile
memory (NVRAM), because of the risk to lose it after the device reboots. WinAgents HyperConf greatly
simplifies this task. To save the current configuration to NVRAM:
Select one or several device in the Catalog of Devices;
On the Device menu, click Copy Running Configuration to NVRAM.
50 WinAgents HyperConf User’s Guide
To perform this operation, HyperConf connects to the device using the protocol selected for
downloading and uploading configurations, and issues a series of commands to save the configuration
file. The entire process is reflected in the Operation Log window, which is opened in the program work
area. Refer to the Edit Device Configuration Off-Line section for additional details on how to select the
connection protocol and configure authentication parameters.
Comparing Devices Configurations WinAgents HyperConf stores multiple versions of device configuration files in its database. To track
changes in the configuration files, it is essential to compare them and examine which lines were added,
removed or changed. WinAgents HyperConf has the Compare Configurations window that allows you to
compare two configuration files and find differences between them. You can compare current
configurations of devices, backups stored in the HyperConf database, and files in any combination.
Figure 30. Comparing configuration files
To compare two configuration files:
On the File menu, click Compare Configurations. You will see the Compare Configurations
window opened in the work area. It contains two panels (the left panel and the right panel)
where the configuration files are displayed with the differences highlighted (Figure 30).
Click the drop-down arrow in the left Select Configuration box to display a list of devices, their
configuration files and backups. Double-click the configuration or backup in the list to select it
and open in the left panel. Double-click Open File in the list to load the configuration from file.
Click the drop-down arrow in the right Select Configuration box to display a list of devices, their
configuration files and backups. Double-click the configuration or backup in the list to select it
and open in the right panel. Double-click Open File in the list to load the configuration from file.
Click Ignore Case to perform case-insensitive text comparison.
Click Ignore spaces to ignore spaces while comparing the text.
Click Show only differences to see only the lines that are different in the configuration files.
The differences are highlighted: in red for lines that were deleted, in green for lines that were added, in
blue for lines that were modified.
51 WinAgents HyperConf User’s Guide
Executing Scripts on Device WinAgents HyperConf allows you to execute scripts across network devices. Using WinAgents scripting
feature you can automate various routine tasks and perform massive changes on multiple devices.
So, when you need to perform a series of repetitive tasks across multiple network devices, the scripting
feature of WinAgents HyperConf will be the ideal solution. Scripts are also useful for non-repetitive tasks
as well. If a task requires you to do many things in a sequence, you can turn that sequence of tasks into
just one task by scripting it.
What Is a Script?
A script is a sequence of instructions. Scripts are suited to creating short applications that provide quick
solutions to small problems. WinAgents HyperConf supports two kinds of scripts: command scripts and
scripts in Microsoft JScript.
Command script is a sequence of device commands executed directly in a CLI session.
WinAgents HyperConf sends commands line-by-line and waits for the device response after
each command. This kind of scripts is suitable when you need to execute a short sequence of
commands having simple logic.
Script in Microsoft JScript is a program written in the programming language. It consists of
statements that instruct WinAgents HyperConf what actions it should perform with a device and
in what order. This kind of scripts is useful when you need complex logic and want to process
information that device sends as a result of commands execution. WinAgents HyperConf
supports all the functions of Microsoft's JScript implementation. In addition, it defines functions
and objects that are used to establish communication and execute commands on devices in a
network.
Automating Devices
In many cases, scripts are used to automate manual tasks, much like a macro. Scripts are well suited for:
Manipulating device environment
Automating logon procedures
Changing device configuration
Sending key and command sequences to a CLI session
For example, if you have several similar tasks, you can write one generalized script that can handle all of
them.
Creating and Running Command Scripts
To create a command script click New Script on the File menu. A new script editor window appears.
Make sure, that Device commands syntax is used. WinAgents HyperConf command script editor
supports all standard editing functions such as clipboard cut/copy/paste operations, undo/redo,
find/replace, and setting and jumping to bookmarks, as well as extended functions such as syntax
highlighting. Refer to the Bookmarks section for additional details on using bookmarks.
To run the script click Run on the Script menu. When you click this command, HyperConf will display the
Select Destinations window where you can select one or several devices, on which the command script
52 WinAgents HyperConf User’s Guide
should be executed. For each device you can specify a terminal protocol to use for the terminal session,
specify whether HyperConf should enter privileged mode on the device before running commands, and
whether it should store device configuration file into non-volatile memory after script execution is
finished. To add or remove devices to the list click Select Devices. HyperConf will display the Select
Devices window with the Catalog of Device, where you can select devices.
Figure 31. Selecting devices to run a command script on
While the script is executed on the device HyperConf shows terminal session in the Operation Log which
is in the bottom of the editor window (Figure 32). You can view log as:
Complete – HyperConf shows entire terminal session as a plain text.
Hierarchy – HyperConf shows the terminal session as a hierarchy of commands sent to the
device and device responses returned back.
Commands – HyperConf shows commands that it sends to the device only.
Figure 32. Browsing script results
53 WinAgents HyperConf User’s Guide
Creating and Running Script in Microsoft JScript
To create a script in JScript, click New Script on the File menu. A new script editor window appears.
Make sure, that JScript syntax is used. WinAgents HyperConf JScript editor supports all standard editing
functions such as clipboard cut/copy/paste operations, undo/redo, find/replace, and setting and
jumping to bookmarks, as well as extended functions such as syntax highlighting. Refer to the
Bookmarks section for additional details on using bookmarks.
To run the script click Run on the Script menu. When you click this command, HyperConf will display the
Select Destinations window where you can select one or several devices, on which the command script
should be executed. For each device you can specify a terminal protocol to use for the terminal session,
specify whether HyperConf should enter privileged mode on the device before running commands, and
whether it should store device configuration file into non-volatile memory after script execution is
finished. To add or remove devices to the list click Select Devices. HyperConf will display the Select
Devices window with the Catalog of Device, where you can select devices.
Figure 33. Selecting devices to run a JScript script on
Please refer to WinAgents HyperConf Scripting User's Guide and WinAgents HyperConf Scripting User's
Reference for more details about writing scripts in JScript.
Working through NAT When WinAgents HyperConf is used in networks, separated by NAT or firewalls it is necessary to take
into account the influence on network traffic they make.
NAT (Network Address Translation) is a mechanism of changing the source and destination IP-
addresses when the traffic enters and leaves the network device.
Filtering firewall is a device that filters the passing traffic according to the network safety
policies. As a result of traffic filtering packets may be dropped and the network traffic doesn’t
reach its destination.
If the target devices HyperConf works with and the computer where HyperConf is installed are in the
different networks or subnets, and there is a device acting as NAT or firewall between them, it is
necessary to configure the firewall device in a proper way to make the communication between
54 WinAgents HyperConf User’s Guide
HyperConf and devices in other networks possible. Consider two following scenarios: when HyperConf
is inside the protected network and when HyperConf is outside the protected network.
WinAgents HyperConf is Inside the Protected Network In the first scenario the computer with WinAgents HyperConf is in the protected network behind the
firewall or NAT device.
Figure 34. WinAgents HyperConf inside the protected network – default configuration
When configuration file is transferred from the network device to the computer with WinAgents
HyperConf, the following sequence of actions takes place (Figure 34):
1. The terminal session is opened via the TELNET/SSH protocol from 192.168.1.5 to 10.1.0.5. For
the terminal session to be established successfully, the access control lists on the NAT device
must allow TELNET/SSH traffic from the inside network to the outside network. While routing a
TELNET/SSH packet, the NAT device changes the source address in the packet’s IP-header from
the original value 192.168.1.5 to the address of the interface connected to the public network –
10.1.0.1. Then, in the context of the terminal session HyperConf issues a series of commands to
logon and copy the configuration file to its built-in TFTP server. By default, HyperConf uses
computer’s local interface address 192.168.1.5 as the TFTP server address. It is not acceptable,
however, in this scenario, because the device 10.1.0.5 doesn’t know how to reach the address
192.168.1.5. WinAgents HyperConf can be configured to use another IP-address as the TFTP
server address in the configuration copy command and it is usual to use the outside address of
the NAT device 10.1.0.1 for this purpose.
2. Device tries to copy its configuration file to the specified TFTP server. Because it is correct to use
the outside interface address of the NAT device as the TFTP server address, the NAT device
should accept TFTP connections on UDP port 69 and forward them to the machine where
WinAgents HyperConf is. However, after the TFTP connection is established, the TFTP protocol
usually uses another randomly selected port to perform actual transfer. This requires that
additional ports should be opened on the NAT and such settings can compromise the network
55 WinAgents HyperConf User’s Guide
security. WinAgents HyperConf can be configured to minimize such risks and use single UDP
port 69 for all TFTP transfers.
3. When the configuration file is completely copied to the TFTP server, WinAgents HyperConf
closes the terminal session.
So, to configure HyperConf to work with devices outside the NAT:
Select the device which is outside the NAT in the Catalog of Devices, and on the Device menu
click Properties.
Click to select the This device is outside the NAT option in the Device Properties window
(Figure 35).
Click OK to save apply settings to the device registration.
Figure 35. Enable access to device through NAT
On the Tools menu click Program Options.
In the HyperConf Options window click Built-in TFTP Server in the tree on the left to switch to
the Built-in TFTP Server tab.
Click to select the Transfer data using UDP port 69 option.
Enter the IP-address for Outside interface address for inbound TFTP requests. Usually the IP-
address of the NAT outside interface is used (Figure 36).
Check access rules on the NAT device, to ensure that it allows TELNET and/or SSH connections to
the outside network.
56 WinAgents HyperConf User’s Guide
Configure port mapping on the NAT device, so it forwards incoming TFTP connections on UDP
port 69 to the machine where WinAgents HyperConf is installed.
Figure 36. Configuring TFTP to work through NAT
After these settings are applied, try to download the configuration file from the device in the public
network and check whether everything works correctly. Use Operation Log and logging capabilities of
the NAT device for debugging.
WinAgents HyperConf is Outside the Protected Network In the second scenario, the managed devices are located inside the protected network and the
computer with WinAgents HyperConf is outside it. In this case you need to configure the firewall or NAT
device to allow incoming TELNET/SSH and TFTP traffic to pass from the outside network the managed
devices. It is also recommended to select the Transfer data using UDP port 69 option, because not all
firewalls can correctly process TFTP traffic. Refer to the Built-in TFTP Server for additional details on this
option.
Operation Log The Operation Log is used to examine results and log of operations performed by WinAgents HyperConf
while working with the devices, such as backing-up device configurations, running scripts, download and
uploading the configuration files.
To open the Operation Log window, on the View menu, click Operation Log.
The Operation Log window is divided into two parts. In the upper part of the window the list of
operations is placed. In the lower part details for the selected operation are displayed.
57 WinAgents HyperConf User’s Guide
In the Operation Log you can see the following information:
Operation – the type of the operation, such as backup, configuration download, etc.
Device – the device for which the operation was performed.
Date/Time – the date and time of the operation.
Status – the message with the brief description of operation results. Usually it says whether the
operations completed successfully or not.
The operation log can be exported and saved as an XML file. To export the operation log to XML, click
Save. You can save to XML either the entire operation log, or just a single operation.
To clear the operation log and delete all records from it, click Clear Log on the Operation Log menu.
Application Log During its operation, WinAgents HyperConf reports a variety of information to the application log. This
information may be used for debugging purposes when the program seems to work incorrectly. You can
configure how detailed this information is by setting the minimal severity for messages that are
reported. Refer to the General Options section for additional details on how to configure the minimal
severity for application log messages.
To open the Application Log window, click Application Log on the View menu.
SYSLOG WinAgents HyperConf has the built-in SYSLOG server. This server is used for real-time monitoring of the
network state, changes in configurations of the network devices and other important network events.
Please note, that SYSLOG server is also used by WinAgents HyperConf to detect changes in the device
configurations and immediately trigger backup operations for such devices. So, when the SYSLOG server
is stopped or disabled, this feature is unavailable, and only backups by schedule are performed
automatically.
To open the SYSLOG window, on the View menu click SYSLOG.
The SYSLOG window displays all standard fields of a SYSLOG message, and in addition to them it displays
whether the particular message triggered the backup operation. If it did, the glyph in the Backup column
shows if the backup operation completed successfully.
Refer to the Built-in SYSLOG Server for additional information in how to configure the built-in SYSLOG
server.
Program Options The HyperConf Options window contains various sets of options controlling program behavior. TO open
the HyperConf Options window, click Program Options on the File menu. Using the Program Options
window you can configure both HyperConf Server and HyperConf Manager.
58 WinAgents HyperConf User’s Guide
WinAgents HyperConf Server Options WinAgents HyperConf Server is a Windows® service running in background which implements
HyperConf core functions, runs automatic backup operations, etc.
General
Figure 37. HyperConf Options.
Operation Timeout
The timeout value in seconds for operations with devices.
Minimal Application Log Severity
The minimal severity for messages being reported to the application log. Critical means the least
detailed logging, Debug - the most detailed logging.
History Depth
The number of days to keep the messages in the application log. All messages reported earlier are
automatically deleted.
Database Connection The Database Connection tab shows database connection properties which HyperConf uses. WinAgents
HyperConf stores all data in the database: the Catalog of Devices, configuration files, backups, etc. To
change the database you should use the Database Wizard which is accessible from the HyperConf
program group on the Windows® Start menu. Refer to the WinAgents HyperConf Deployment Guide for
more information on how to use the Database Wizard.
Change Detection Configure Message Patterns
59 WinAgents HyperConf User’s Guide
Click to configure SYSLOG message patterns used to detect configuration changes. See Detecting
Configuration Changes via SYSLOG for more information.
Configure Exclusions
Click to configure strings that must be ignored when HyperConf compares configurations and searches
for changes in configuration to make a decision about storing it in the database.
Built-in TFTP Server Transfer data using UDP port 69
Click to select this option if there is a firewall in your network between the machine where HyperConf is
installed and managed devices. Make sure, that the firewall passes TFTP traffic.
Outside TFTP address for inbound TFTP requests
Enter the IP-address that WinAgents HyperConf should use as the TFTP server address in configuration
copy commands while downloading or uploading device configurations to/from the TFTP server. Refer
to the Working through NAT section for additional details.
Retries
The number of tries the built-in TFTP server sends packets to devices.
Timeout
The amount of time the built-in TFTP server waits for an acknowledgement packet before it resends the
data.
Built-in SYSLOG Server Minimal Severity
The minimal severity for messages that are received by the built-in SYSLOG server. If the incoming
message severity is less than the Minimal Severity specified, then such a message will be dropped.
Listen Port
The UDP port number used by WinAgents SYSLOG Server to listen on for incoming messages.
History Depth
The number of days to keep the messages in the SYSLOG. All messages received earlier are
automatically deleted.
Do not receive SYSLOG messages from unknown devices
Click to select this option to ignore all messages received by HyperConf from a device which is not
registered in the Catalog of Devices.
SSH Server for SCP SSH Server
60 WinAgents HyperConf User’s Guide
The IP-address or DNS name of the SSH server that will be used to support transferring configuration
files via the SCP protocol.
Port
The port number for the SSH protocol to use to connect to the server, 22 by default.
SSH Version
The version of the SSH protocol, you can choose from SSH version 1 (SSHv1), SSH version 2 (SSHv2) and
auto detection. In the last case, WinAgents HyperConf tries to decide correct protocol version based on
the identification string sent by the server.
Logon settings
To establish connection to the server WinAgents HyperConf requires Username and Password, as well
as Enable Password, if switching to privileged mode is needed. You should also specify Prompt and
Enable Prompt, because HyperConf uses them while logging-on to the server.
Authentication methods
This option specifies which authentication methods may be used. WinAgents HyperConf supports SSH
authentication based on Password, DSA/RSA keys, and Keyboard Interactive authentication. If the
DSA/RSA Key option is checked, you should provide a private key file in the OpenSSH, IETF, or PuTTY
format and Passphrase for the key, if any. The program will try to use the supplied key for
authentication. You can also generate public/private keys pair by clicking Generate key.
Encryption algorithms
This option specifies which encryption algorithms should be used. WinAgents HyperConf supports AES,
Blowfish, 3DES, and DES algorithms. You can specify which algorithms may be used for the session and
configure their priorities by moving up and down in the list by clicking Up and Down.
Compression
Specifies whether data compression should be used. If the Enable Compression option is selected,
WinAgents HyperConf will try to compress all data transmitted over the network. It is also possible to
specify the level of compression, the higher the level, the higher is the compression. Higher levels of
compression require more processing power and may cause significant performance penalty on the
server.
FTP Server Server
The IP-address or DNS name of the FTP server that will be used to support configuration files transfers
via the FTP protocol.
Port
The port number on the FTP server, 23 by default.
Server Path
61 WinAgents HyperConf User’s Guide
The path to a directory on the server which is used to upload and download files.
Username
The username used for authentication on the FTP server.
Password
The password used for authentication on the FTP server.
Timeout
Specify the timeout for FTP operations.
Passive Mode
Click to select this option to use FTP Passive Mode.
WinAgents HyperConf Manager Options WinAgents HyperConf Manager id a Windows® application that provides GUI for WinAgents HyperConf
features: allows operations with devices, examining SYSLOG messages and work with backup copies of
device configurations.
General
Use device type
Specify the type of device which HyperConf should use by default while registering a new device in the
Catalog of Devices.
Use connection profile or Use custom settings
Specify the option which HyperConf should use by default while registering a new device in the Catalog
of Devices. If Use connection profile is selected, you should choose a connection profile that will be
assigned to the device.
Terminal
Font
Specify the font to use in the terminal shell window.
Font size
Configure the font size to use in the terminal shell window.
Cursor Type
Select one of the supported cursor types to use in the terminal shell window.
Blink Cursor
Click to select this option to force the caret to blink in the terminal shell window..
62 WinAgents HyperConf User’s Guide
Fonts & Colors
Using the Fonts & Colors tab you can configure fonts and colors that HyperConf uses in the
Configuration Editor and Script Editor windows. Different colors may be assigned to different syntax
elements to enable syntax highlighting.
Additional Functions
Decrypting Type 7 Passwords on Devices Manufactured by Cisco Systems If the configuration file of a Cisco device contains type 7 decrypted passwords, you can use decrypt
them by clicking Decrypt Type 7 Passwords on the Tools menu. This command is enabled when the off-
line configuration window is active and contains the configuration file. Refer to the Edit Device
Configuration Off-Line for more details.
Terminal Connection You can establish terminal connection to devices that are not registered in the Catalog of Devices by
clicking Open CLI on the File menu. You will see the Connect To window can specify the connection
properties (Figure 38).
Figure 38. Connection properties
The following connection settings are available:
Device – the IP-address or DNS name of the device to connect to.
Protocol – the name of the protocol to use for the connection. You can configure additional
protocol options by clicking Configure.
Terminal – the name of the terminal to emulate for the connection. You can configure
additional terminal emulation options by clicking Configure.
63 WinAgents HyperConf User’s Guide
Vendor – the vendor of the device. Select Others, if the vendor of the device is not present in
the list.
Device – the model of the device. Select Generic network device, if the mode is not present in
the list.
When you click Configure to access the extended connection properties, WinAgents HyperConf opens
the Device Properties window where you can configure protocol, authentication and terminal
emulation options for the connection.
Please note, it is necessary to specify device vendor and device type because HyperConf uses this
information to retrieve the configuration file from the device. Specify 'Others' as vendor and 'Generic
device' as device type if you cannot find your device in the list.
After you click OK, the terminal shell window will be opened. Refer to the Terminal Shell section for
more information.
Regular Expression Syntax WinAgents HyperConf uses the following syntax for regular expressions:
Metacharacter Meaning
. Matches any single character.
[ ] Indicates a character class. Matches any character inside the brackets (for example,
[abc] matches "a", "b", and "c").
^ If this metacharacter occurs at the start of a character class, it negates the character
class. A negated character class matches any character except those inside the
brackets (for example, [^abc] matches all characters except "a", "b", and "c").
If ^ is at the beginning of the regular expression, it matches the beginning of the input
(for example, ^[abc] will only match input that begins with "a", "b", or "c").
- In a character class, indicates a range of characters (for example, [0-9] matches any of
the digits "0" through "9").
? Indicates that the preceding expression is optional: it matches once or not at all (for
example, [0-9][0-9]? matches "2" and "12").
+ Indicates that the preceding expression matches one or more times (for example, [0-
9]+ matches "1", "13", "456", and so on).
* Indicates that the preceding expression matches zero or more times.
??, +?, *? Non-greedy versions of ?, +, and *. These match as little as possible, unlike the greedy
versions that match as much as possible (for example, given the input "<abc><def>",
<.*?> matches "<abc>" while <.*> matches "<abc><def>").
( ) Grouping operator. Example: (\d+,)*\d+ matches a list of numbers separated by
64 WinAgents HyperConf User’s Guide
commas (for example, "1" or "1,23,456").
{ } Indicates a match group. The actual text in the input that matches the expression
inside the braces will be recognized as name of the user who has changed the
configuration.
\ Escape character: interpret the next character literally (for example, [0-9]+ matches
one or more digits, but [0-9]\+ matches a digit followed by a plus character). Also used
for abbreviations (such as \a for any alphanumeric character; see the following table).
If \ is followed by a number n, it matches the nth match group (starting from 0).
Example: <{.*?}>.*?</\0> matches "Contents".
Note that, in C++ string literals, two backslashes must be used: "\\+", "\\a",
"<{.*?}>.*?</\\0>".
$ At the end of a regular expression, this character matches the end of the input (for
example,[0-9]$ matches a digit at the end of the input).
| Alternation operator: separates two expressions, exactly one of which matches (for
example, T|the matches "The" or "the").
! Negation operator: the expression following ! does not match the input (for example,
a!b matches "a" not followed by "b").
WinAgents HyperConf can handle abbreviations for character classes, such as \d instead of [0-9]. The
following abbreviations are available:
Abbreviation Matches
\a Any alphanumeric character: ([a-zA-Z0-9])
\b White space (blank): ([ \\t])
\c Any alphabetic character: ([a-zA-Z])
\d Any decimal digit: ([0-9])
\h Any hexadecimal digit: ([0-9a-fA-F])
\n Newline: (\r|(\r?\n))
\q A quoted string: (\"[^\"]*\")|(\'[^\']*\')
\w A simple word: ([a-zA-Z]+)
\z An integer: ([0-9]+)
Installing License Keys WinAgents HyperConf licensing is based on the number of devices it works with. The trial period begins
since the moment of program installation and lasts for 30 days. During the trial period the program does
65 WinAgents HyperConf User’s Guide
not restrict the number of devices. After the trial period is over, the program switches to the free mode,
and allows working with one device only. If you decided to use WinAgents HyperConf in your network,
you need to purchase a license pack. The number of licenses must be greater or equal to the number of
devices in your network. You can purchase licenses on-line on our site WinAgents Software Group or
from our partners. Multiple license keys can be added to a single HyperConf installation. The total
number of available network devices in this case equals to the total number of devices for all installed
license keys.
The following key types are used:
1. License keys. A license key gives an ability to work with a certain number of devices. The total
number of devices HyperConf works with is a sum of numbers of devices for all installed license
keys. Any time you can add a new license key, this way enlarging the total number of devices
that may be added to the Catalog of Devices. License keys also contain information about length
of the free software maintenance period. License keys can be installed on any version of the
product released during the free software maintenance period. With the later versions of the
program the license key with the software maintenance keys or with upgrade keys should be
used.
2. Software Maintenance keys. A software maintenance key extends the software maintenance
period, which means that you can install newer version of HyperConf released during the
maintenance period. Software maintenance keys should be purchased before the current
software maintenance expires or during one month after its expiration.
3. Upgrade keys. As software maintenance keys, upgrade keys extend the software maintenance
period. However, upgrade keys can be purchased any time you need to upgrade, not only while
the current software maintenance is active.
To add a license key:
On the Help menu click Device Licenses;
In the Device Licenses window click Add;
In the Add Device License window enter the license key and click OK;
Check the newly installed key in the list of installed keys in the Device Licenses window. Click OK
to close the window.
Figure 39. The Device Licenses window
To add a software maintenance or upgrade key:
66 WinAgents HyperConf User’s Guide
On the Help menu click Device Licenses;
In the Device Licenses window select the license key to prolong in the list of installed keys and
click Prolong;
In the Upgrade Device License window enter the license key and click OK.
Check the newly installed key in the list of installed keys in the Device Licenses window.
If the number of devices in the Catalog of Devices exceeds the number of devices allowed by license
keys the program warns that additional license keys are required and disables devices for which there
are no licenses. Such devices are displayed with a red cross their icons in the Catalog of Devices.