Obtain information from Cisco via powershell and SSH

Just to see how many concurrent VPN sessions are open an a Cisco router the following OIDs should help:

cikeGlobalActiveTunnels - .1.3.6.1.4.1.9.9.171.1.2.1.1.0
cipSecGlobalActiveTunnels - .1.3.6.1.4.1.9.9.171.1.3.1.1.0

If it still doesn’t work, try to walk the following object:

.1.3.6.1.4.1.9.9.171

Ttaken from https://supportforums.cisco.com/thread/180508

But sometimes these are not enough. Maybe you want to see a specific user or the total numbers of tunnels down.

Therefor I wrote a powershell script that uses Cygwin ssh and SSH key authentication to obtain certain information and return a single digit value:

#
# Powershell script to deternmint the number of concurrent VPN Sessions enumareted by a specific matching pattern
#
# define command
$exec_command = '& C:\cygwin\bin\ssh -i /cygdrive/d/_WAN-Router/.ssh/id_rsa admin@192.168.5.2 "show crypto session brief" 2>&1'

#defind search string
$searchstring = "UA"

# Access Cisco router via SSH and Key auth, execute the show command and get the Output into a variable
$processes  = Invoke-Expression $exec_command;

# Search the Output variable for a Textstring and group them
$proc = $processes | where { $_ -match $searchstring } |group;

$vpnsession = $proc.Count;

if ($vpnsession -ge  "1" ) { $vpnsession = $proc.Count }
else { $vpnsession = "0" };

#Count the Numbers of repeating entries and write them into the variable
#$Context.SetValue($vpnsession);

# debug 
echo $vpnsession;;

To get the value you need just alter the command and the match string.

Leave a Reply

Your email address will not be published. Required fields are marked *