08-14-2003 12:23 PM - edited 03-10-2019 07:26 AM
Hiya,
We are running Cisco Secure v2.6 & want to add all our routers in as "Network Access Servers" so that we can authenticate against NT accounts.
The problem we have got is not with the configuration but the addition of some 300 routers - quite a long process as im sure you can imagine!
Is there anyway to batch import all these routers - in a similar way to users? Have tried passing the various parameters in the URL but this does not seem to work (Think theres some clever java encrypting it or aomething).
Any suggestions would be gratefull recieved!
Paul Woolnough
paul.woolnough@isis.suffolkcc.gov.uk
Solved! Go to Solution.
08-15-2003 05:55 PM
In addition to the documented CSUtil capabilities at
(CiscoSecure ACS Command-Line Database Utility), CSutil can also be used to import NAS devices. It will import them from a text file that lists the NAS devices as well as their hostname (local significance only), ip address, key and protocol.
This is a sample file that represents the syntax/format used for this import:
ONLINE
ADD_NAS:router1:IP:10.31.1.51:KEY:cisco:VENDOR:CISCO_T+
ADD_NAS:router2:IP:10.31.1.52:KEY:cisco:VENDOR:CISCO_R
Here we see two NAS devices listed - router1 and router2, both using the key of "cisco", and the ip addresses are pretty easy to identify there. And since router1 lists the paramater "CISCO_T+", it will be imported as using tacacs+; we see a similar format for the router2 NAS, which will be imported as using radius.
With the keyword "ONLINE" at the beginning of the file, the NAS devices will be imported while ACS is still up and running. This will be a slow process, but it allows the import to take place without downing the ACS server. If you would like to pause the ACS services temporarily while you perform this import, you can substitute "OFFLINE" for "ONLINE." The import would then complete much faster.
So the first task would be to construct a text file using the above format, and for our example we will say that file has been named fred.txt. Once this file been created, you will want to copy that text file to the following directory:
C:\Program Files\CiscoSecure ACS v2.6\Utils
Then at a command prompt, navigate to that same directory and execute this command:
CSUtil -i fred.txt
08-15-2003 05:55 PM
In addition to the documented CSUtil capabilities at
(CiscoSecure ACS Command-Line Database Utility), CSutil can also be used to import NAS devices. It will import them from a text file that lists the NAS devices as well as their hostname (local significance only), ip address, key and protocol.
This is a sample file that represents the syntax/format used for this import:
ONLINE
ADD_NAS:router1:IP:10.31.1.51:KEY:cisco:VENDOR:CISCO_T+
ADD_NAS:router2:IP:10.31.1.52:KEY:cisco:VENDOR:CISCO_R
Here we see two NAS devices listed - router1 and router2, both using the key of "cisco", and the ip addresses are pretty easy to identify there. And since router1 lists the paramater "CISCO_T+", it will be imported as using tacacs+; we see a similar format for the router2 NAS, which will be imported as using radius.
With the keyword "ONLINE" at the beginning of the file, the NAS devices will be imported while ACS is still up and running. This will be a slow process, but it allows the import to take place without downing the ACS server. If you would like to pause the ACS services temporarily while you perform this import, you can substitute "OFFLINE" for "ONLINE." The import would then complete much faster.
So the first task would be to construct a text file using the above format, and for our example we will say that file has been named fred.txt. Once this file been created, you will want to copy that text file to the following directory:
C:\Program Files\CiscoSecure ACS v2.6\Utils
Then at a command prompt, navigate to that same directory and execute this command:
CSUtil -i fred.txt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide