Cisco PIX networking equipment (Telnet)
Connector name |
|
Connector type | PSLang script |
Type (UI field value) | Cisco PIX networking equipment (Telnet) |
Connector status / support | Customer-Verified Clients may contact Bravura Security support for assistance with this connector. Troubleshooting and testing must be completed in the client's test environment as Bravura Security does not maintain internal test environments for the associated target system. |
Installation / setup | Bravura Security Fabric performs operations on Cisco Private Internet eXchange (PIX) networking equipment using the |
The following Bravura Security Fabric operations are supported by this connector (depending on your product license and version):
administrator reset password
user verify password
verify+reset password
create account
delete account
get server information
update attributes
list account attributes
List:
accounts
attributes
For a full list and explanation of each connector operation, see connector operations.
See also
Alternatively, the
agtcisco-pix-ssh.confile associates the script with the SSH connector (agtssh) to access Cisco PIX via SSH. See Cisco PIX networking equipment (SSH) for details about this method.See TCP Telnet HTTP or HTTPS Access for details about
agttelnet.
Targeting the Cisco PIX networking equipment system
For each Cisco PIX networking equipment system, add a target system in Bravura Security Fabric (Manage the System > Resources > Target systems).
Type is Cisco PIX networking equipment (Telnet) .
Address uses options described in the table below.
The full list of target system parameters is explained in Target System Options .
Option | Description |
|---|---|
Options marked with a | |
Script file | Must be set to agtcisco-pix.psl (key: script) |
Server | The IP address/domain name of the Cisco PIX networking equipment. (key: server) |
Target system’s internal hostname or prompt | This is the internally-defined host name that, along with the logged in user’s name, comprises the Cisco PIX prompt. The script generates the expected prompt using this value, then uses the generated prompt to know when commands have completed. (key: name) |
Save target system configuration | Select this to commit changes made to this target to permanent storage on the networking device, otherwise it will be stored in memory. This is selected by default. (key: docommit) |
Enter administrative mode with ’login’ (otherwise ’enable’) | Select this to enter the administrative configuration mode with the login password, otherwise the system (enable) password will be used. (key: adminuser) |
User and password prompt expected (otherwise password) | Select this if the Cisco PIX target system expects a user and password prompt when connecting, otherwise only the password will be entered. This is selected by default. (key: connlogin) |
Advanced | |
Port | TCP Port number. Typical TCP port numbers are:
|
Connection over SSL | This is a generic Telnet target field that is ignored for Cisco PIX target systems. |
Validate the server’s certificate when connecting | This is a generic Telnet target field that is ignored for Cisco PIX target systems. |
Terminal type | This is a generic Telnet target field that is ignored for Cisco PIX target systems. |
Telnet special write option | This is a generic Telnet target field that is ignored for Cisco PIX target systems. |
Directory containing PEM-formatted CA certificate files | This is a generic Telnet target field that is ignored for Cisco PIX target systems. |
PEM-formatted CA certificate file | This is a generic Telnet target field that is ignored for Cisco PIX target systems. |
Timeout for connection | Amount of time the connector will wait for a response. (key: timeout) |
Setting up a target system administrator
Bravura Security Fabric requires 2 administrative credentials on Cisco PIX to perform Bravura Security Fabric operations. This includes credentials to connect to the Cisco PIX device, as well as a system (enable) password for elevated privileges.
System passwords do not have an administrator ID, however when defining the credentials for the Cisco PIX target system, an administrator ID is required. You can specify an arbitrary value for the administrator ID as this will not be validated. You must also ensure that this credential is identified as a S ystem password .
Creating a template account
Bravura Security Fabric uses template accounts as models or "blueprints" for creating new accounts on Cisco PIX networking equipment.
Consult the documentation included with your specific application to learn how to create an account to use as a template in Bravura Security Fabric . You can then add account attributes to determine how new accounts should be created based on the template account’s parameters.
Note that Bravura Security Fabric still requires a template account, even though attributes may or may not be copied from the template account, for example, if the configured action for all account attributes is Set .