Targeting the Cisco IOS networking equipment system
For each Cisco IOS networking equipment system, add a target system in Bravura Security Fabric (Manage the System > Resources > Target systems).
Type is Cisco IOS networking equipment (telnet)
Address uses options described in the table below.
The full list of target system parameters is explained in Target System Options .
Option | Description |
|---|---|
Options marked with a | |
Script file | Must be set to agtcisco-ios.psl (key: script) |
Server | The IP address/domain name of the Cisco IOS networking equipment. (key: server) |
Target system’s internal hostname or prompt | This is the internally-defined host name that, along with the logged in user’s name, comprises the Cisco IOS prompt. The script generates the expected prompt using this value, then uses the generated prompt to know when commands have completed. (key: name) |
Save target system configuration | Select this to commit changes made to this target to permanent storage on the router, otherwise it will be stored in memory. This is selected by default. (key: docommit) |
Enter administrative mode with ’login’ (otherwise ’enable’) | Select this to enter the administrative configuration mode with the login password, otherwise the system (enable) password will be used. (key: adminuser) |
User and password prompt expected (otherwise password) | Select this if the Cisco IOS target expects a user and password prompt when connecting, otherwise only the password will be entered. This is selected by default. (key: connlogin) |
Hashed MD5 passwords (’secret’) supported | Select this if the Cisco IOS target supports hashed MD5 targets. This is selected by default. (key: advencrypt) |
Advanced | |
Port | TCP port number. Typical TCP port numbers are:
|
Connection over SSL | This is a generic Telnet target field that is ignored for Cisco IOS target systems. |
Validate the server’s certificate when connecting | This is a generic Telnet target field that is ignored for Cisco IOS target systems. |
Terminal type | This is a generic Telnet target field that is ignored for Cisco IOS target systems. |
Telnet special write option | This is a generic Telnet target field that is ignored for Cisco IOS target systems. |
Directory containing PEM-formatted CA certificate files | This is a generic Telnet target field that is ignored for Cisco IOS target systems. |
PEM-formatted CA certificate file | This is a generic Telnet target field that is ignored for Cisco IOS target systems. |
Timeout for connection | Amount of time in seconds the connector will wait for a response. Default is 300 seconds. (key: timeout) |
Setting up a target system administrator
Bravura Security Fabric requires 2 administrative credentials on Cisco IOS to perform Bravura Security Fabric operations. This includes credentials to connect to the Cisco IOS router, as well as a system (enable) password for elevated privileges.
System passwords do not have an administrator ID, however when defining the credentials for the Cisco IOS target, an administrator ID is required. You can specify an arbitrary value for the administrator ID as this will not be validated. You must also ensure that this credential is identified as a System password .