This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Show running configuration from shell?

I'm looking to see the full running configuration when logged in using SSH - something like an equivelant to Cisco's 'show running-config' or Juniper's 'show config'.

Can this be done with the UTM?


This thread was automatically locked due to age.
Parents
  • Hi, Gordon, and welcome to the User BB!

    WebAdmin manipulates a database of objects.  When one of these objects is changed, WebAdmin calls confd to rewrite all of the lines of iptables, etc. where the object is involved.

    Once you're more familiar with the UTM, you will realize that there's no practical use for the level of detail you've requested.  Also, while your Cisco knowledge will be an asset down the road, it is, at present, a hindrance to learning how to do things quickly and elegantly with WebAdmin.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi, Gordon, and welcome to the User BB!

    WebAdmin manipulates a database of objects.  When one of these objects is changed, WebAdmin calls confd to rewrite all of the lines of iptables, etc. where the object is involved.

    Once you're more familiar with the UTM, you will realize that there's no practical use for the level of detail you've requested.  Also, while your Cisco knowledge will be an asset down the road, it is, at present, a hindrance to learning how to do things quickly and elegantly with WebAdmin.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hi, Gordon, and welcome to the User BB!

    WebAdmin manipulates a database of objects.  When one of these objects is changed, WebAdmin calls confd to rewrite all of the lines of iptables, etc. where the object is involved.

    Once you're more familiar with the UTM, you will realize that there's no practical use for the level of detail you've requested.  Also, while your Cisco knowledge will be an asset down the road, it is, at present, a hindrance to learning how to do things quickly and elegantly with WebAdmin.

    Cheers - Bob


    The point of what I'm trying to do here is automate a system using scripted SSH sessions that will alert me when the UTM config has changed. It's a system I'm already using with out Cisco and Juniper devices, so I'd like to use it with the UTM too. I'd say that's a practical use for the detail I'm looking for [:D]
  • What you don't seem to understand is what I have been trying to impress upon Sophos NSG product managers for years.  To show compliance (especially in today's financial vertical) when facing IT audits and examinations today, a security manager must provide a complete configuration file and change log.  It is imperative.  It would be great if a security manager only had responsibility for a few UTM(s), but if you're managing hundreds, you need a way to provide full textual configuration files and a change log for the life of the appliance in an automated fashion.  It's a differentiator and if Sophos can't provide the mechanism they will always lose market share to the vendors that can.

    Respectfully, Bill K.