Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Archive mgmt thru firewall

We would like to archive configs and manage inventory with LMS 3.0.1 RME 4.1.1 for devices on protected networks behind firewall. Telnet may be a no-no, is there a way to use SNMP only or other protocols perhaps uni-directional to accomplish this?

2 REPLIES
New Member

Re: Archive mgmt thru firewall

We are using SSH for archiving the configs. We've got it working on one of our FWSM's (cisco cat 6513 FWSM). continuing the configs presently, but am running into auth problems (again). so, to answer your basic question, yes, you can use SSH to perform archive config. but I wouldnt recommend telnet (best practices says no).

Cisco Employee

Re: Archive mgmt thru firewall

No protocol is truly uni-directional. RME uses only SNMP to manage inventory. So if you're allowing SNMP request and reply packets, that should not be a problem. As for configs, it depends on the device. Many support SNMP-triggered TFTP config collection. This means that SNMP is used to set some objects on the device, then the device copies the config back to the RME server using TFTP.

However, if security is a concern, it would be better to use SSH or SCP for your config transport protocol.

109
Views
0
Helpful
2
Replies
CreatePlease to create content