Cisco IOS – network configuration management set-up

2 min

Cisco IOS – how to enable configuration management (backup/restore)

Follow the steps below to enable configuration management on Cisco IOS:

1) SSH server should be enabled

2) SNMP should be enabled

3) SCP should be enabled

4) You need to create a privilege level 15 user in order to make Domotz manage your device configuration files. To do this issue the following commands:

In order to create a user with privilege level 15 issue the following commands:

#conf t

(config)#username <username> privilege 15 password <password>


Note: There are two ways to complete this configuration depending on the type of authentication you are using:

Option 1 – If you do not have AAA authentication (“no aaa new-model” in your conf file), you need to issue the following commands:

(config)#line vty 0 15

(config)#login local

 
Option 2 – In case that you are using AAA authentication (aaa new-model in your config file), in order for the privilege 15 user to log in enable mode, you need to issue the following commands:

(config)#aaa authentication login default local

(config)#aaa authentication enable default enable

(config)#aaa authorization console

(config)#aaa authorization exec default local if-authenticated


5) If you get the “Read-only mode” error while unlocking your device, this is due to the archive functionality to be enabled and set to a local filesystem (for example ‘flash:’ or ‘bootflash:’).

This is used to perform auto-rollback on error. For more information please check: Prerequisites for Configuration Replace and Configuration Rollback.

You can enable it by issuing these commands on the IOS cli:

#configure terminal

(config)#archive

(config)#path flash:archive

(config)#write-memory


Still getting a timeout error or bad credentials error?

1) Please remove any banner you may have configured:
#configure terminal
(config)# no banner login

2) Please remove keyboard-interactive authentication in the authentication methods:
#configure terminal
(config)# no ip ssh server authentication user keyboard

Please remember always to perform a:

# copy running startup

so that your switch has saved its configuration and if rebooted it does not revert to the old one

Share via Social Networks

You might also like…

Read more top posts in this category

Want more tips on Network Monitoring?

Ready to get started with Domotz?

  • Powerful
  • Automated
  • Simple
  • Affordable
Start Your Free Trial Contact Sales