Security

Hi Guys,

I'm using the CPPM as a TCACS Server, authenticanting some different switches models .

I'm having a problem specifically with an HP (H3C) switch. When I try to access this switch with username and password that is registered in CPPM internal base, I receive the information from CPPM that the autehntication was accepted, but the switch reject the access.

I have no problem with the others switches ( Ciscco and Dell).

Is there something that I need to configure in the CPPM specically for HP (H3C) switches?

Thanks i advance.

Leandro Surcin

HP ProCurve config:

aaa authentication login privilege-mode
aaa authentication ssh login tacacs local
aaa authentication ssh enable tacacs local
tacacs-server host 10.100.60.80 key Pr0Curve

ClearPass:

Enforcement profile:

Enforcement policy:

Hi.

Its an HP 5120 switch model from H3C and I already configured the enforcement profile privilege level 15.

Do you have some other advice?

Tks.

Have you set super password?

[CS01]super password level 3 cipher ?
  STRING<1-53>  Ciphertext password string
[CS01]super password level 3 cipher yoursecretkey

 then after you authenticate at level 0, type "super" to get to level 3

<CS01>super
Please input the password to change the privilege level. Press CTRL_C to abort.
 Password:
User privilege level is 3, and only those commands can be used
whose level is equal or less than this.
Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE

Hi.

Its an HP 5120 switch model from H3C and I already configured the enforcement profile privilege level 15.

Do you have some other advice?

Tks.

Did you ever get to the bottom of this?