cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3008
Views
0
Helpful
11
Replies

Configuration of a CLI Template

Scott Pickles
Level 4
Level 4

Guys / Gals -

Never used the CLI template from WCS, and wanted to enable band select globally.  Saw on another post that Lee Johnson commented on that it's best to enable band select globally using the CLI.  By not doing so, any changes to an SSID to use band select are irrelevant without the global change.  So when you open a new template, it's just a blank doc and so I entered my username on the first line, password on second, and command on the third.  The template doesn't apply properly and it times out.  Is there a way to specify the access method (i.e. telnet/SSH) or does it go over SNMP?  I'm assuming SNMP, and since all of my other templates apply properly that makes me think that while the template goes over SNMP, that the actual commands are via telnet or SSH.  In either case, I still get the timeout error.  Is there any docs that show examples of how to build the template?  I can't find any in the config guide or command reference guide.

Cheers,
Scott

2 Accepted Solutions

Accepted Solutions

wackerk24
Level 4
Level 4

Hi Scott,

By default this template uses SSH. Please see the following for an example of how to configure this:

http://www.cisco.com/en/US/docs/wireless/wcs/7.0/configuration/guide/7_0temp.html#wp1261256

HTH

Kyle

View solution in original post

Scott,

When you define a username/password in the above described location that is the username/password that WCS will use when applying a template that requires a username/password (i.e. the CLI template). The username/password that you define must be allowed to SSH to a WLC so you can either define a local username/password on the WLC or if you are using TACACS+/Radius make sure its a valid domain user that has rights to SSH/Telnet to a WLC. For example if you were to open a SSH session from your pc to the WLC what username/password would you use? You can use that combonation or create another username/password on the WLC under local users.

View solution in original post

11 Replies 11

wackerk24
Level 4
Level 4

Hi Scott,

By default this template uses SSH. Please see the following for an example of how to configure this:

http://www.cisco.com/en/US/docs/wireless/wcs/7.0/configuration/guide/7_0temp.html#wp1261256

HTH

Kyle

Kyle -

I'm an idiot.  Helps if you search the correct document.  Thanks.

Kyle -

I get the invalid username error.  I see that the docs state that I need to check the number of CLI connections to the controller.  Do previous attempts that fail tie up a CLI session and they need to be cleared?  If so, how do I clear them?  Also, from that error, I would suspec that a username/password is expected in the CLI template, but no example shows that.  As I stated previously, do I simply place my username on line 1 and password on line 2 followed by commands on the remaining lines?

Thanks,
Scott

Ok, figured out how to show the active sessions ('show loginsession') and to clear sessions ('config loginsessions close {session id | all}') but I don't see that there are any sessions to clear other than my own active session.  This would tell me that my username/password is still the issue, but again, I don't see from the docs how I'm supposed to give that information to the controller.  Does it automatically use the username/password that I used for WCS, meaning that the same login information needs to be present on the controllers?  I'll try that for now.

No dice on adding the WCS username/pass to the controllers.  If a session to apply a CLI template is 'initiated', does it still tie up a CLI session until it's either successful or times out?  Are those 'hidden' sessions that I wouldn't see on the controller and I should just issue a 'config loginsession close all' regardless?

Another question:

Is it expecting the same username/password as the SNMP RW community?

Hey Scott,

When you added the WLC to WCS did you define the username/password to use for telnet/ssh? See the below:

This is the user/pass the CLI template is trying to login with. Does this help?

Kyle -

Ah, yes, that does help.  Was wondering what username/password combination it wanted.  So do I log into WCS with credentials that match that, or do I place the username/password in the CLI script?

Regards,
Scott

You will need to navigate to configure>Controllers, choose your WLC and you will get the screen shot above. Then input a valid username/password for the telnet/ssh parameter. Say okay to this and then try your CLI template.

Kyle -

Again, the part I'm missing is what that username/password needs to be!  How is WCS authenticating against that login when I apply a CLI script?  Is WCS sending the username/password of the person currently logged in?  Clearly it can't be as stupid as just make sure there's a username and password set.  Also, is there a way to change that telnet/SSH password on all the controllers?  I don't see a template that allows me to do so.

Regards,
Scott

Scott,

When you define a username/password in the above described location that is the username/password that WCS will use when applying a template that requires a username/password (i.e. the CLI template). The username/password that you define must be allowed to SSH to a WLC so you can either define a local username/password on the WLC or if you are using TACACS+/Radius make sure its a valid domain user that has rights to SSH/Telnet to a WLC. For example if you were to open a SSH session from your pc to the WLC what username/password would you use? You can use that combonation or create another username/password on the WLC under local users.

Review Cisco Networking for a $25 gift card