So, I have come across another one of those people who exert themselves in this way:
"I will not use a GUI. GUI is for n00b's. Anyone who uses a GUI should just die."

Once I finished chuckling, I explained that why not just use both and have the best of both worlds. Some things are easier with CLI and other things are easier with a GUI. Especially on ASDM which is has a very feature-rich gui. Not only that but on switches and routers a GUI can prove very useful in troubleshooting.

I'd like to know other peoples views on this? My view is that I won't limit myself to just one tool even if it means using the CLI all day long. I know there are some people on here that use mainly CLI andwhen I've seen your tips on this forum I've sometimes looked at it and thought to myself "oh, it's that tick box in ASDM".

_________________
"Right actions in the future are the best apologies for bad actions in the past."

I use the CLI on everything with the exception of the ASA. I utilized ASDM to become more familiar with it and am slowly working on learning the equivalent commands on the CLI.

The more you see the CLI the better off you are with it in my opinion.

Sent from my ADR6400L using Tapatalk

CLI.

I used to look after a couple of PIX/ASA that had something like 80K of ACL rules when you fully expanded the object-groups... For that the ASDM was definitely the way to go, but for everything else CLI is far superior in term of both speed and effectiveness.

I don't see how the GUI can be better int troubleshooting since it really is just re-displaying CLI commands anyway.

_________________
blog.brokennetwork.ca

I forgot to mention that the other handy thing with the GUI is that you can always view the CLI commands the GUI is about to send to the unit before it does so.

In terms of troubleshooting, you can leave a GUI window open and quickly view stats rather than enter commands and sift through results. ASDM has a great "monitoring" tab where you can view different bits. I will admit, ASDM is far more advanced compared to the other Cisco GUIs I've used. I especially like the ASDM syslog GUI. You can view a cyclic buffer and filter it if you wish. Found this very handy when spotting connections or denied connections.

_________________
"Right actions in the future are the best apologies for bad actions in the past."

All I can think about is the firewall rules you'd need to permit GUI traffic.

_________________
- Pete

??
You mean:

?

_________________
"Right actions in the future are the best apologies for bad actions in the past."

I use the GUI to ease myself into a new system, then I slowly move into the CLI. A GUI will usually present all the features/functionality up front, while the CLI may require a quest through the different config modes and lots of "?." Depending on my personal interest, reason for being in the system, and frequency of needing to manage the system, I may not have time to fiddle with the CLI.

For routers and switches, I'm adamant about only using the CLI. For APs and the ASA, I use both for learning and quick configuration.

Heh... if only they were that easy.

_________________
- Pete

They are, usually! GUI usually means HTTPS protocol. Cisco routers use http and telnet OR https and SSH for secure connections. Other vendors probably use other ports. I usually secure my kit on tcp/4443 for HTTPS so that SSL VPN works to the same box on the same external IP. I digress..

_________________
"Right actions in the future are the best apologies for bad actions in the past."

I use the CLI for everything except my Juniper firewalls. ScreenOS' GUI is just too good.

_________________
www.mellowd.co.uk/ccie/

I use the CLI almost exclusively. Some tasks are easier in ASDM though, like VPNs (profiles, especially).

_________________
http://blog.alwaysthenetwork.com

CLI for almost everything both for networking and Linux. I do agree with everyone above the GUI has its places.

_________________
http://blog.movingonesandzeros.net/

Tools are tools. You can restrict yourself to one set or another for nerd religion reasons, but you'll probably be a worse technician for it.

No one likes a snob.

I've dug in pretty deep into ASAs this past year, but I've never gotten around to logging into ASDM.

I can see how a pretty GUI can come in handy, especially with reporting and graphs. But one thing that favors CLI is that ASDM won't work without the CLI. I imagine sometimes the GUI will crash.

Just starting to dig in with ASAs and Im really enjoying the real time logging feature. I also like all the pretty graphs it has going on! But I guess i can get those from my NMS

_________________
http://blog.movingonesandzeros.net/

This is actually a pretty interesting topic and one that comes up from time to time as vendors release new GUI products or maybe you've just started using one.

It would be pretty fair to say there are three main camps with regards to GUIs within the networking field. Now whether you fit into one, two or possibly three of these categories likely depends on you're working style, what you work with day to day, and how big your employer is.

• Religious
• Useful
• Indifferent

_The religious person feels strong about one or the other. That you're an idiot for using anything but the CLI. Because back in their day you had to remote in at 5 baud and you'd lose sync when sputnik passed in front of the moon so my maintenance window was only 10 minutes. On the other side of the coin you have the pro GUI guy/gal professing how things are so much easier with the GUI. Why don't you just try it once? It's so good and you'll love it and it will change your life. This GUI is so good it clicks your wife's buttons. Really it's only a 12 Gig download and once you align the software versions just right everything is as Odin said it would be.

Now perhaps this is a gross exaggeration but people can being pretty overzealous. But maybe every cloud really does have a silver lining? Those that love their work, love the field they're in, want others to get involved, and have that image of networking Valhalla. These are the people that are sharing knowledge and inspiring others to learn on a daily basis. Just hopefully they're not that hard ass shooting you down at every turn.

_You say to yourself, "Wait a second Pete, I love my job and this isn't me. I'm not religious about one or the other." Well sure not everyone is the same cookie cutter Network admin/engineer. At times you've got time to try new things and this GUI came a long and was fit for purpose. In fact at times the GUI does exactly what you need it to do and is a blessing from the heavens. In some cases you're lucky enough to have developers create a management tool for your BGP config and you don't actually have to log in. Because the thing is, things are so BIG that if you did you'd likely kill someone's Internet.

So instead you've got a GUI for your BGP configurations and that just works and helps you get on with the 20 tickets sitting in your queue while juggling the other project work. Not all GUI products were made the same and not all GUI products are made by vendors. Some are made in house, fit for purpose and this is I reckon where people get unstuck. They assume those that came before or know more think XYZ so they must also think XYZ. This is far from the truth and I'd recommend being open to trying new things. If you don't like it and it doesn't work for you then great but at least you've tried it and have an informed decision.

_Who cares about either says the person that just wants results, not problems hasn't read this far so I can freely bag them out. Not really, because the person that gets in at 9 does their job and goes home at 5 to their life away from work isn't interested in For or Against wars. They haven't signed up to a forum and only visit one when someone has a similar issue like denvercoder9.

They're using an assortment of products and haven't told anyone. These are the best tools for them and they get the job done and sometimes they don't because they're not talking to anyone so they never learn. Which is why keeping to yourself is a double edge sword. You know your limits you know how you like to work and the job just gets done but maybe if by speaking to the religious nut or the useful guy you'd learn a thing or two.


Which one of the above am I? At different times I'm the one touting how much I love the CLI which is usually preceded by me learning a new command I find really useful. Other times I'm using a GUI to add prefixes or make some firewall changes and I'm just glad these tools to get the job done. Mostly on Friday afternoon when I really wish shit would just stop breaking before I'm about to go home. This is would I don't give a rats ass about the tools.

Is it beer o'clock yet?

_________________
- Pete

I use whatever it takes to get the job done.

_________________
"See packet, be packet, you are packet. Ignore all else!" -The Networker
packetsdropped.wordpress.com

They do sometimes just not load up!

Pete? o_0

_________________
"Right actions in the future are the best apologies for bad actions in the past."

The best thing I have ever seen is someone configuring a CE500 switch, with a web browser using the /exec URL so you get some CLI, within a web GUI.

_________________
"Right actions in the future are the best apologies for bad actions in the past."

That's almost a necessity with those switches. The web GUI those had was truly awful.