×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cisco Prime 2.0 - CLI credential

Answered Question
Feb 25th, 2014
User Badges:

Hi PI Experts,


Is CLI credential mandatory on Cisco Prime?

What would happen if no dedicated CLI credential were configured on Prime to access Cisco network devices?

Right now we use TACACS+ to login to Cisco switches and routers and use Radius to login to PI.

However, our security policy prevents us from either creating a AD account on AD servers or creating a local TACACS+ user account on ACS server for PI appliance.

So, when we do device discovery, if we want to use SSH/Telnet, we need to put in our own AD user credentials, then remove them after the discovery is done.


Thanks

Cedar

Correct Answer by AFROJ AHMAD about 3 years 5 months ago

Hi Ceder,


What would happen if no dedicated CLI credential were configured on Prime to access Cisco network devices?


why Telenet credentilas are required :


Telnet Credential

you can specify the Telnet credentials during discovery so that Prime  Infrastructure can collect the device configurations and fully manage  the devices. If you do not specify Telnet credentials in the discovery  settings, Prime Infrastructure discovers the devices but is unable to  manage the device until you specify the Telnet credentials.


In  case you are using SSH  on your devices:

SSH Credential

For full device support via SSH, you must use SSHv2 with a 1024 bit key. You can configure SSH before running discovery.


Telnet\SSH , credentilas would be required later on as well to Fetch the config , to push any template on the device etc..



Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
AFROJ AHMAD Tue, 02/25/2014 - 17:03
User Badges:
  • Cisco Employee,

Hi Ceder,


What would happen if no dedicated CLI credential were configured on Prime to access Cisco network devices?


why Telenet credentilas are required :


Telnet Credential

you can specify the Telnet credentials during discovery so that Prime  Infrastructure can collect the device configurations and fully manage  the devices. If you do not specify Telnet credentials in the discovery  settings, Prime Infrastructure discovers the devices but is unable to  manage the device until you specify the Telnet credentials.


In  case you are using SSH  on your devices:

SSH Credential

For full device support via SSH, you must use SSHv2 with a 1024 bit key. You can configure SSH before running discovery.


Telnet\SSH , credentilas would be required later on as well to Fetch the config , to push any template on the device etc..



Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****

Actions

This Discussion