Is there any way to standardize the distribution of VTY lines on IOS? I understand that the maximum number is dependent on the platform/software version, and that I can also remove any number but the first four of them from the config. We have an audit requirement for 16 VTY lines on all boxes, but the first 16 lines show up in a variety of different ways, which makes automating this difficult.
On some boxes there's a block for 0 through 4, then another for 5 through 15, on some others there's one block for 0, then another for 1 through 4, then another for 5 through 15, etc, etc. In ansible this results in a non-idempotent task since ansible will try to issue the command "line vty 0 15", for example, which rarely actually shows up in the config. Does anybody have any good ideas for how to get around this other than determining exactly how they show up on a per-version basis? I've thought about pulling it from the existing config first and just mimicking that, but I'd still need some non-idempotent way of limiting the total number of lines to 16 for new boxes.
No comments:
Post a Comment