Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Using CiscoWorks and RADIUS

We were dictated to use SSH for vty access to our routers and switches. This is a problem for the CiscoWorks (RME 3.5). I can change my vty access-list from plain IP to extended IP so I can permit telnet from the CiscoWorks box and SSH from all other sources. I have exported my CiscoWorks inventory to a CSV file. Because of the AAA required for SSH, the vty lines must use AAA for access now. Would I put my new telnet password in the Telnet Password field or should I populate the RADIUS username and password in the local user and local password fields?

Cisco Employee

Re: Using CiscoWorks and RADIUS

It all depends on what prompts RME will see when it logs into a device. If it sees a Username: prompt, then you will need to populate either the local username field or the TACACS username field. If RME just sees a Password: prompt, then just put in the correct value in the Telnet password field.

Note: believe it or not, it's better to populate the TACACS username and password fields instead of the local username and password fields as some device types ignore the values in the local fields. Don't worry about using RADIUS instead of TACACS. As I said, RME really only cares about the prompts.

CreatePlease to create content