07-19-2015 08:59 AM - edited 03-10-2019 10:55 PM
Hi Guys,
is there any documentation or white papers or any support for the SFTP configuration on the Cisco ACS.
Because i am not able to integrate the SFTP configuration provided but the Cisco ACS documentation.
Is there anyone who had been successful in integrating the SFTP server with Cisco ACS.
Thanks & Regards,
Nitesh
07-19-2015 05:54 PM
Hi,
Are you trying to use SFTP for backups/software repository? What SFTP server are you using?
Thanks
John
07-19-2015 11:39 PM
I am trying to do backup for the schedule and reports generation.
We are using SFTP server-Solar winds.
07-21-2015 04:25 AM
Hi,
What errors do you get when using SFTP. I have used the free SFTP\SCP server from Solarwinds and had no problems.
You just need to create your user on the SFTP server and specify the SFTP directory. On ACS you will need to create the repository pointing to the SFTP server. It is easier to configure the repository from the command line. e.g.
repository ACS-REPO
url sftp://X.X.X.X/acs
user acs-user password plain xxxxxx
host-key sync
Thanks
John
07-22-2015 12:13 PM
Hi,
its a different version of sftp server. Also, in 5.7 host key sync is not there. its been replaced with a crpto host_key command.
earlier models were supporting DSA but in 5.7 its only supporting RSA key. Hence when requesting the the host key it was failing.
So did some lab work and found this issue about DSA and RSA keys.
07-29-2015 09:11 PM
Hi,
i was able to solve my issue. in 5.7 it only supports RSA keys and not DSA keys so when issuing the command cryto host key it was not able to get the keys. After adding the RSA keys this started to work.
Thanks
10-06-2015 04:00 PM
Great that you figured it out... But for others having a similar issue, I would encourage you to post what specific steps you had to do in order to get it to work. (Probably in conjunction with Solarwinds SFTP/SCP since that is a popular free tool and you were using it.)
For instance, it's easy enough to create a repository and from the CLI display it in the config to verify but you also have to run the "crypto host_key add host xxx" command, and you have the account set on the SFTP server as well.
Knowing what additional steps you did to get it to work may help others out.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide