Network Management

last person joined: 8 hours ago 

Keep an informative eye on your network with IMC and AirWave network management solutions.
Expand all | Collapse all

Help - Connect cisco l3 switch to airwave

  • 1.  Help - Connect cisco l3 switch to airwave

    Posted Nov 26, 2014 12:23 PM

    I would like to add my cisco 3750 L3 switches to airwave for management.  Because I am just learning about the capabilities of airwave I would like to make sure that airwave ONLY has read only access to those switches.

     

    I know that in airwave you just set the device managment to Monitor Only.  I would like to take the extra step of making sure that the telnet/ssh cisco username is read only as well.  That way no one can accidentally set airwave to manage and destory our configs.  This way we would need to change the cisco username information as well as the airwave managment setting before airwave can write to the switches.

     

    I just can't seem to find the right information on how to make it possible.  I know cisco uses a numbering system to define security access (1 - 15).  However, I don't know:

    a) What command airwave uses when monitoing the system

    b) How to make sure that a read only user could still view the running config in cisco

     

    Any help would be appreciated :)

     



  • 2.  RE: Help - Connect cisco l3 switch to airwave

    Posted Nov 26, 2014 01:29 PM

    Only put in a valid snmp read string, and you should be fine.

     



  • 3.  RE: Help - Connect cisco l3 switch to airwave

    Posted Nov 26, 2014 01:52 PM

    I did that however, it can't pull the config to evaluate it.  In looking at the logs it is wanting a telnet/ssh credential.



  • 4.  RE: Help - Connect cisco l3 switch to airwave

    Posted Nov 26, 2014 01:55 PM

    You should setup your users in Airwave so that specific users only have the read-only monitoring and auditing role.



  • 5.  RE: Help - Connect cisco l3 switch to airwave

    Posted Nov 26, 2014 02:04 PM

    Yes, you need to put in valid telnet/SSH credentials.  Your other users would simply not be able to change the config...or put the device in manage mode.