CiscoWorks RME 4.2 Compliance Check Fails on SNMP Strings

Unanswered Question
Aug 7th, 2009


RME 4.2 Compliance Check does not work when you try checking SNMP strings, passwords, or TACACS key because they're encrypted in the config archive. Is there a way to configure RME to have Compliance Check look at the actual value?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Joe Clarke Fri, 08/07/2009 - 09:22

This is not true. SNMP communities are kept unencrypted in the archive, and you can run compliance checks on them. As for TACACS keys and passwords, they are encrypted, but you could run checks on the encrypted strings. If the cipher text is the same on the device as in your template, then the device is compliant.

Joe Clarke Fri, 08/07/2009 - 11:21

This template is invalid because you're mixing IOS and CatOS commands. Create one template with the following:

+ snmp-server community COMMUNITY RO

+ snmp-server community COMMUNITY RW

Use that template to test your IOS devices. Then, create another template with:

+ set snmp community read-only COMMUNITY

+ set snmp community read-write COMMUNITY

Use that to test your CatOS devices.


This Discussion