I have to run a lot of ACL/access-group and network-object commands, and I have found a 1024 character limit for each command – even if it spans multiple lines. In code, I use 1,000 chars as the limit, and send as many lines to CLI as will fit, via SSH, at a time. This takes a LONG time.
I'm thinking like a shell script in *nix, or a batch file in Windows.
I have seen many articles talking about import/export configurations, but I am talking about running commands on a running system, not taking it down for reboot/restart. I am not changing the core image, just some access parameters that can be changed on the fly on the ASA without the need for reboot or shut/no shut.
Desired: A way to run the contents of a tftp'd/ftp'd/scp'd file sent to the ASA as if I entered it on the CLI. I would prepare the commands, write the file, send the file, then run the contents of the file line-by-line, as if I were logged into the ASA.
Best Answer
On ASA (and IOS), this can be done by copying the commands to running-config:
This has the effect of merging the commands in a file on your TFTP server with the running configuration, just as if you typed or pasted them in by hand. The file should contain the verbatim commands you want to run. Of course, you can copy from any source supported by the ASA, such as FTP or HTTP(S). I don't know if the built-in SCP server supports this, though.
The only catch is that it only works in config mode. For instance, you can't use it to run a bunch of "show" commands. You'd probably need to use Expect for that (or possibly EEM, a Jason noted).