Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

LMS2.5.1 VLAN Config fetch is not supported using RCP

Hello,

All switch in Ciscoworks use TACACS+ authentication with username and passcode (RSA SecurID).

I have configure the switch to used RCP but vlan database failed to fetch.

Below the configuration used:

aaa new-model

aaa authentication login default group tacacs+ local

aaa authentication login console local

enable password xxxxxxxxxxxxxxxxxxxxxx

!

username Manager privilege 15 password xxxxxxxxxxxxxxxxxxxxxx

username cwuser password xxxxxxxxxxxxxxxxxxxxxxxx

clock timezone UTC+1 1

clock summer-time UTC+1 recurring last Sun Mar 2:00 last Sun Oct 3:00

ip subnet-zero

ip rcmd rcp-enable

ip rcmd remote-host cwuser 40.206.50.115 cwuser enable

ip rcmd remote-username cwuser

When I Synchronize the configuration I cannot get the VLAN database ? Why ?

Is RCP not good configure ?

How can I used Ciscoworks successfull with TACACAS+ and PASSCODE to used RME correctly ? (Netconfig; config-editor; etc...)

Can you help me please about TACACS+ ?

How can I configure Telnet for Ciscoworks wihtout use TACACS+ ?

Any answer about this ?

Thanks

Herv?

6 REPLIES
Silver

Re: LMS2.5.1 VLAN Config fetch is not supported using RCP

I recall something that said that ciscoworks dynamicly creates a rcp username an password.

Is it mentioned anywhere that you should configure this rcp stuff?

Cheers

Michel

Cisco Employee

Re: LMS2.5.1 VLAN Config fetch is not supported using RCP

Your RCP configuration looks fine.

What version of RME are you running? What type of device is this?

RME will not work if you are using SecurID or a random token. It needs to be a standard password entered into the credentials.

You can configure telnet on the device to work with RME, but if you have AAA then it will look at AAA for authentication.

New Member

Re: LMS2.5.1 VLAN Config fetch is not supported using RCP

RME Version is 4.0.4.

Device Type is: WS-C2950-24

Cisco Employee

Re: LMS2.5.1 VLAN Config fetch is not supported using RCP

Do you see a vlan.dat on the switch itself if you view the output of show flash: ?

New Member

Re: LMS2.5.1 VLAN Config fetch is not supported using RCP

When I check the flash with: show flash, i see vlan.dat file

Cisco Employee

Re: LMS2.5.1 VLAN Config fetch is not supported using RCP

vlan.dat is handled differently from the standard configuration. For vlan.dat fetching to work, RME must be able to login interactively to the switch (i.e. either using telnet or SSH). From there, RME will issue a copy flash:vlan.dat tftp: from the switch's command line.

As for PASSCODE support in TACACS+, if you mean the PASSCODE: prompt, this is a supported prompt in RME 4.0.4. However, if you need custom prompt support, you can edit NMSROOT/objects/cmf/data/TacacsPrompts.ini, and add your customer username and password prompts there.

If, however, you're referring to SecureID support, this can only work using the job-based password feature of RME. You will not be able to schedule automated recurring jobs that make use of this feature.

As for configuring a device not to use TACACS+, just remove "aaa new-model" and configure a password under "line vty 0 15" (or "line vty 0 4") as well as an enable and/or enable secret password (enable secret password is more secure). This information is described in more detail in the various configuration guides for IOS.

332
Views
9
Helpful
6
Replies