You create a CLI device-access group for each group of managed devices that is configured with a different access protocol and/or different set of CLI login credentials. The assumption is that all devices that use a particular access protocol are configured with the same set of credentials (and timeout value). If there are two groups of devices that use a particular access protocol, each configured with its own set of credentials, you would create two CLI device-access groups for that particular access protocol. For example, you would create two CLI device-access groups named SSH2_S1 and SSH2_S2. The matching criteria for each of the groups would limit the group’s members to the appropriate devices.
| Parameter |
Default value |
Description |
|---|---|---|
| AccessProtocol |
TELNETSSH1SSH2 Default: TELNET |
Determines the remote-access application to use to establish connections to the managed devices that belong to this group. Secure Shell 2 (SSH2) is recommended. The Network Protocol Management Suite includes Telnet client software. Instructions for configuring an SSH client are given in Chapter 8, “Configuring SSH Security.” |
| LoginID |
String of unspecified length Default: null string (empty) |
Specifies the username (user ID) for the managed devices that belong to this group. You must enter a value for this parameter. |
| Password |
A structure that has the following default value: {NULL String,ENCRYPTED} |
Specifies the user password for the managed devices that belong to this group. If the managed devices that belong to this group are configured for passwordless authentication, or if the access protocol for this group is SSH1 or SSH2 and passwordless authentication is in effect, leave this parameter blank. Otherwise, enter the password twice to confirm the password value.
Note:
IP Availability Manager uses the site key to encrypt the entered password value. As explained in System Administration Guide, the site key is created during the installation of applications. |
| PrivilegedModePassword |
A structure that has the following default value: {NULL String,ENCRYPTED} |
Specifies the Privileged-mode enable password for the managed devices that belong to this group. For Privileged-mode access (not User-mode access), and assuming that the ProhibitPrivLevelCLILogon parameter in the eigrp.conf file (GUID-5FBCF605-A431-484A-B4F6-FBC6F87865D5.html#GUID-5FBCF605-A431-484A-B4F6-FBC6F87865D5___NPM_CONFIG_NPM_29353) or the isis.conf file (GUID-5FBCF605-A431-484A-B4F6-FBC6F87865D5.html#GUID-5FBCF605-A431-484A-B4F6-FBC6F87865D5___NPM_CONFIG_NPM_49456) is FALSE (default), you must enter a value for this parameter. Enter the password twice to confirm the password value.
Note:
IP Availability Manager uses the site key to encrypt the entered password value. As explained in System Administration Guide, the site key is created during the installation of applications. |
| Timeout |
1 to 496 seconds Default: 10 seconds |
Sets the amount of time to wait for a Telnet/SSH response before the Telnet /SSH session request times out. |
