Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

PCM+ problem with config templates and TACACS

PDnet
Advisor

PCM+ problem with config templates and TACACS

I'm trying to use PCM3.1 to deploy config templates to a number of switches. The switch used for the config template source includes the following line:

tacacs-server host x.y.z.152 key default


However, when PCM imports the config to be the template, the 'key default' switch is left off. When this config is then pushed to a new switch, it does not include the TACACS key, and that functionality is broken.

I have confirmed that this happens with both PCM 2.3 and 3.1. Is this a known issue? Is there a work-around or other solution for it?


thanks

stu...
1 REPLY
Javed Padinhakara
Respected Contributor

Re: PCM+ problem with config templates and TACACS

Guess Jeff has already suggested the cause already in your previous post:
http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1416816

Here is the relevant section :

===
You can store and view the following security settings in the running-config file associated with the current software image by entering the include-credentials command (formerly this information was stored only in internal flash memory):
â  
Local manager and operator passwords and (optional) user names that control access to a management session on the switch through the CLI, menu interface, or web browser interface
â  
SNMP security credentials used by network management stations to access a switch, including authentication and privacy passwords
â  
Port-access passwords and usernames used as 802.1X authentication credentials for access to the switch
â  
TACACS+ encryption keys used to encrypt packets and secure authentication sessions with TACACS+ servers
â  
RADIUS shared secret (encryption) keys used to encrypt packets and secure authentication sessions with RADIUS servers
â  
Secure Shell (SSH) public keys used to authenticate SSH clients that try to connect to the switch.


source : http://cdn.procurve.com/training/Manuals/3500-5400-6200-6600-8200-ASG-Mar10-2-Passwords.pdf



Javed