Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Ok. I'll go out on a limb here, what is the risk of a compromised tacacs server key? It doesn't seem like all that much. You can use it to try and authenticate a user against the server directly?Is there a reason that the key is encrypted using Cisco...
I guess this is a two part question.The first issue seems that some device jobs fail even though the IOS and commands are successfully applied. Often this is at sites where we have a significant amount of latency / saturated network links. Is there a...
I'm looking at trying to write a compliance check with a couple dependencies. I seem to be going around in circles with this.I want to write it so there is a prerequisite at the global level which then determines if it should walk the interfaces. The...
Does anyone know what RME uses to verify that the new image is now running after a reboot?Most of my jobs fail because after the reboot it determines that the new image isn't running. Oddly, the jobs are actually quite successful and since the old im...
I've verfied that my tftp server is listening: # netstat -a | grep tftp *.tftp Idle I've done a snoop and I can see the tftp write requests coming in. I did find this through dmesg: Jul 10 03:29:33 fXXXXXX in.tftpd[6851]: [ID 475541 daemon.warning] c...
Interesting... I was thinking of a way to write a compliance template that would touch all devices instead of creating 4 or 5 different templates. But since some devices have different syntax based on the device or code version; I theoretically could...
Thanks for the reply.After reading through the RFC I guess since the key is also used for a pad function on the communication, knowing what it is could simplify cryptanalysis of the packet to allow someone to determine usernames and passwords as it c...
Hmmm... I tried the patch and didn't have any luck. I still see it recurse the interfaces that do not have 'mode trunk' configured.btw... a couple things I had to fix in the syntaxinterface [#.*Ethernet.*#]or it wouldn't try any interfaces. And...+ s...
