Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

CiscoWorks RME 4.2 Compliance Check Fails on SNMP Strings

All,

RME 4.2 Compliance Check does not work when you try checking SNMP strings, passwords, or TACACS key because they're encrypted in the config archive. Is there a way to configure RME to have Compliance Check look at the actual value?

Stephanie

3 REPLIES
Cisco Employee

Re: CiscoWorks RME 4.2 Compliance Check Fails on SNMP Strings

This is not true. SNMP communities are kept unencrypted in the archive, and you can run compliance checks on them. As for TACACS keys and passwords, they are encrypted, but you could run checks on the encrypted strings. If the cipher text is the same on the device as in your template, then the device is compliant.

Community Member

Re: CiscoWorks RME 4.2 Compliance Check Fails on SNMP Strings

All of my Compliance Checks are failing.

Attached is an example of one of my Baseline Templates and status from Baseline Jobs

Cisco Employee

Re: CiscoWorks RME 4.2 Compliance Check Fails on SNMP Strings

This template is invalid because you're mixing IOS and CatOS commands. Create one template with the following:

+ snmp-server community COMMUNITY RO

+ snmp-server community COMMUNITY RW

Use that template to test your IOS devices. Then, create another template with:

+ set snmp community read-only COMMUNITY

+ set snmp community read-write COMMUNITY

Use that to test your CatOS devices.

402
Views
0
Helpful
3
Replies
CreatePlease to create content