02-11-2011 02:14 PM - edited 03-06-2019 03:30 PM
Hi,
Just spoke to the TAC and didn't get the information needed. When configuring ip dhcp snooping database I am adding this to my configuration:
ip dhcp snooping database scp://dhcpsec@192.168.1.50/home/dhcpsec/switch1.dhcp.database.txt
I assumed that to do this I would either specify the password on the command line, similar to the way its done when using ftp/http, or that I would need to create a public/private key.
I have enabled scp and can manually copy a file from the switch to the linux server. So I believe I have all the aaa commands correct.
Cisco WS-C3560G-24PS
System image file is "flash:/c3560-ipservicesk9-mz.122-55.SE.bin"
Does anyone know how to do this properly?
Thanks,
James
02-15-2011 11:44 AM
Hello James,
You would do it like this:
ip dhcp snooping database scp://dhcpsec:password@192.168.1.50/home/dhcpsec/switch1.dhcp.database.txt
-Matt
02-15-2011 01:12 PM
Hi,
Support told me I had to create a user:
username dhcpsec privilege 2 password 0 password
That the user created above would have to have the same password as the one on the Linux machine. They also told me there is a bug that keeps SCP from working now, and that bug has been reported fixed but isn't available for download.
Any thoughts?
James
02-11-2013 05:04 AM
Hi James,
Have You got NTP configured? There is ntp dependency in order to copying dhcp snooping database work corectly.
Here (http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_55_se/configuration/guide/swdhcp82.html#wp1078853) You can find following statement:
If NTP is configured, the switch writes binding changes to the binding file only when the switch system clock is synchronized with NTP
which means:
ntp disabled = dhcp snooping database backup works
ntp enabled, clock synchronized = dhcp snooping database backup works
ntp enabled, clock NOT synchronized = dhcp snooping database backup DOES NOT work
So You need to configure one of the following (either disable or enable and sync) in order to copy database via snooping agent.
Have a nice day
p.s. I know that I do not have a good timing, but maby anyone else would find this comment useful
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide