LMS 3.2 - RME configuration archive

Answered Question
Aug 31st, 2009
User Badges:

we have created a lmsadmin username in the ACS with privige access (authorization configuration) only. This username is used to take config archives from all the network devices.

But archive is getting failed in our firewall. When we give full access in ACS for lmsadmin (conf terminal access), it works for firewall.

As per our policy, we are not supposed to provide conf access to this user name.

Please suggest.


Regards,

Guru

Correct Answer by Joe Clarke about 7 years 8 months ago

In order for RME to archive the config from FWSM devices, it must be able to run the following commands:


show running

show config

show curpriv

conf t

terminal width 0 (within config mode)

terminal no monitor


Therefore, you will need to grant the RME user access to enter config mode.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Joe Clarke Mon, 08/31/2009 - 21:51
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

In order for RME to archive the config from FWSM devices, it must be able to run the following commands:


show running

show config

show curpriv

conf t

terminal width 0 (within config mode)

terminal no monitor


Therefore, you will need to grant the RME user access to enter config mode.

gururajan Mon, 08/31/2009 - 21:55
User Badges:

Thanks for your response.


So this is applicable for any firewall device (PIX and ASA)?


Regards,

Guru

Joe Clarke Mon, 08/31/2009 - 22:17
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Yes.

Actions

This Discussion