10-25-2001 02:55 AM - edited 02-21-2020 11:27 AM
Hi,
We have users authenticating on our Routers via TACACS+ using a SecurID token on an ACE Server. The password obviously changing every 30 seconds.
However we have Ciscoworks2000 configured to retrieve a startup-config every evening from all Routers. Ciscoworks2000 uses Telnet not SNMP to retrieve this configuration and hence is being greeted with the TACACS+ authentication prompt.
It continually fails since the password is always changing.
Does anyone have any ideas how to circumvent this either by reconfiguring the ACE Server, Ciscoworks or the Routers?
Regards,
Grant Haworth
11-01-2001 06:50 AM
Cant you configure it so the CiscoWorks server bypasss authentication? You might want to run this one by Cisco for a more secure alternative.
11-02-2001 10:14 AM
Remove the telnet and enable password fields in CW2000. We just have the SNMP community strings in our instance of CW2000 (CD One 4th edition, RME 3.3) and we are successfully retrieving the startup and running configs. You may lose some other functionality, but it all depends on what you're using it for.
01-23-2002 09:22 AM
Hi,
Either use SNMP only, or setup RCP. CiscoWorks2000 will pull configs using either of these methods in addition to telnet. SSH should be used to connect to routers - telnet is not secure...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide