Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
462
Views
0
Helpful
3
Replies

Ciscoworks login through TACACS+

ghaworth
Level 1
Level 1

‎10-25-2001 02:55 AM - edited ‎02-21-2020 11:27 AM

Hi,

We have users authenticating on our Routers via TACACS+ using a SecurID token on an ACE Server. The password obviously changing every 30 seconds.

However we have Ciscoworks2000 configured to retrieve a startup-config every evening from all Routers. Ciscoworks2000 uses Telnet not SNMP to retrieve this configuration and hence is being greeted with the TACACS+ authentication prompt.

It continually fails since the password is always changing.

Does anyone have any ideas how to circumvent this either by reconfiguring the ACE Server, Ciscoworks or the Routers?

Regards,

Grant Haworth

Labels:
0 Helpful
3 Replies 3

wdrootz
Level 4
Level 4

‎11-01-2001 06:50 AM

Can’t you configure it so the CiscoWorks server bypass’s authentication? You might want to run this one by Cisco for a more secure alternative.

0 Helpful

rrussell
Level 1
Level 1

‎11-02-2001 10:14 AM

Remove the telnet and enable password fields in CW2000. We just have the SNMP community strings in our instance of CW2000 (CD One 4th edition, RME 3.3) and we are successfully retrieving the startup and running configs. You may lose some other functionality, but it all depends on what you're using it for.

0 Helpful

grim
Level 1
Level 1

‎01-23-2002 09:22 AM

Hi,

Either use SNMP only, or setup RCP. CiscoWorks2000 will pull configs using either of these methods in addition to telnet. SSH should be used to connect to routers - telnet is not secure...

0 Helpful
Customers Also Viewed These Support Documents