Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
697
Views
0
Helpful
2
Replies

Cisco Prime 2.0 - CLI credential

Go to solution
cedar_lee
Level 1
Level 1

‎02-25-2014 11:04 AM

Hi PI Experts,

Is CLI credential mandatory on Cisco Prime?

What would happen if no dedicated CLI credential were configured on Prime to access Cisco network devices?

Right now we use TACACS+ to login to Cisco switches and routers and use Radius to login to PI.

However, our security policy prevents us from either creating a AD account on AD servers or creating a local TACACS+ user account on ACS server for PI appliance.

So, when we do device discovery, if we want to use SSH/Telnet, we need to put in our own AD user credentials, then remove them after the discovery is done.

Thanks

Cedar

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
AFROJ AHMAD
Cisco Employee
Cisco Employee

‎02-25-2014 05:03 PM

Hi Ceder,

What would happen if no dedicated CLI credential were configured on Prime to access Cisco network devices?

why Telenet credentilas are required :

Telnet Credential

you can specify the Telnet credentials during discovery so that Prime  Infrastructure can collect the device configurations and fully manage  the devices. If you do not specify Telnet credentials in the discovery  settings, Prime Infrastructure discovers the devices but is unable to  manage the device until you specify the Telnet credentials.

In  case you are using SSH  on your devices:

SSH Credential

For full device support via SSH, you must use SSHv2 with a 1024 bit key. You can configure SSH before running discovery.

Telnet\SSH , credentilas would be required later on as well to Fetch the config , to push any template on the device etc..

Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****

View solution in original post

0 Helpful
2 Replies 2

Go to solution
AFROJ AHMAD
Cisco Employee
Cisco Employee

‎02-25-2014 05:03 PM

Hi Ceder,

What would happen if no dedicated CLI credential were configured on Prime to access Cisco network devices?

why Telenet credentilas are required :

Telnet Credential

you can specify the Telnet credentials during discovery so that Prime  Infrastructure can collect the device configurations and fully manage  the devices. If you do not specify Telnet credentials in the discovery  settings, Prime Infrastructure discovers the devices but is unable to  manage the device until you specify the Telnet credentials.

In  case you are using SSH  on your devices:

SSH Credential

For full device support via SSH, you must use SSHv2 with a 1024 bit key. You can configure SSH before running discovery.

Telnet\SSH , credentilas would be required later on as well to Fetch the config , to push any template on the device etc..

Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
0 Helpful

Go to solution
cedar_lee
Level 1
Level 1
In response to AFROJ AHMAD

‎02-26-2014 03:11 PM

Thanks Afroz for the confirmation.

Cedar

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents