Cisco Systems SMNMADPTR manual Disabling AAA Login Authentication on the NAM Console Line

Page 32

Configuring the NME-NAM-120S for Management

Router Configuration (Cisco IOS Software)

!

interface loopback 0

ip address 10.1.1.1 255.255.255.0

!

!

interface Integrated-Service-Engine3/0 ip unnumbered loopback 0

no shutdown

!

NAM Configuration (NAM software)

root@myNAM.company.com# show ip

IP address:

209.165.201.2

Subnet mask:

255.255.255.224

IP Broadcast:

209.165.201.223

IP Interface:

External

DNS Name:

myNAM.company.com

Default Gateway:

209.165.201.222

Nameserver(s):

171.69.2.133

HTTP server:

Enabled

HTTP secure server:

Disabled

HTTP port:

80

HTTP secure port:

443

TACACS+ configured:

No

Telnet:

Enabled

SSH:

Disabled

Disabling AAA Login Authentication on the NAM Console Line

If you configured authentication, authorization, and accounting (AAA) on your router, then you might have to log in twice to open a NAM console session from the router: first with your AAA username and password, and second with the NAM login and password.

If you do not want to log in twice to open a NAM console session from the router, then disable AAA login authentication on the router’s NAM console line by performing this procedure.

Note, however, that if your router contains both the NME-NAM-120S and the NM-CIDS, the Cisco intrusion detection system network module, then AAA can be a useful tool for centrally controlling access to both network modules. For information about AAA, see the Cisco IOS Security Configuration Guide for your Cisco IOS release.

SUMMARY STEPS

1.enable

2.configure terminal

3.aaa authentication login list-namenone

4.line number

5.login authentication list-name

6.end

7.show running-config

Cisco Branch Routers Series Network Analysis Module (NME-NAM-120S) Installation and Configuration Note, 4.0

32

OL-14942-02

 

 

Image 32
Contents Series multi-services and integrated services routers DescriptionContents Prerequisites for NME-NAM-120SNetwork Modules Router Platform IOS Version Minimum Required?Upgrade or Downgrade ConfigurationRestrictions for the NME-NAM-120S File ServerNAM Software Monitoring Traffic Through Internal InterfaceHardware Interfaces Gateway routerHow to Install, Upgrade, or Downgrade NME-NAM-120S Setting Up Network Module InterfacesFrom the Host-Router CLI Ip unnumbered type numberExample Command or Action PurposeUsing the commands ip interface internal and ip address Using the commands ip interface external and ip address ExamplesFrom the Router CLI Opening a SessionYou can conduct only one session at a time Closing a Session Use the following steps to close a sessionControl-Shift-6 From the Router promptUpgrading or Reinstalling NAM Software Types of NAM Software UpgradesNAM Software Images PrerequisitesFrom the Service-Module Interface ConfigureShow config Boot helper Boot compactflash Upgrading the NME-NAM-120S Application Image Full ImageLocate the following file Session into the NME-NAM-120S consoleEnter boot flash Optional Verify your bootloader configuration settingsEnter boot helper Upgrading the NAM Application Image Patch Upgrading the NAM Helper Image NAM CLI Exit the NAM CLI prompt and get to the NAM login Because the exit command closes the sessionFTP server must be reachable from NAM CLI Download and save the NAM helper image to the NAMThis section describes how to upgrade the NAM helper image From the Router Enable exec Mode PromptFrom the Service Module Interface Upgrading the NAM Helper ImageReboot the NAM Break to the NAM bootloader promptConfigure the bootloader to load Address, NAM default gatewayConfiguring the NME-NAM-120S for Management Reboot the NAM. By default the NAM willBoot to the NAM application image Download helper image from FTP serverEnter IOS exec mode Enter IOS configuration from terminalEnter IOS interface configuration mode For the integrated-service-engineNAM management address Setup a full 32-bit static route forExit the router configuration mode Router Configuration Cisco IOS Software Callout Interface LocationNAM Configuration NAM Software Enter the IOS interface configuration mode For the integrated-service-engine interfaceIntegrated-service-engine interface Bring up the integrated-service-engineRouter Configuration Cisco IOS Software Configuring the External Interface for Management Enter IOS exec mode Enter IOS configuration from terminalEnable the loopback interface Exit from interface configuration modeSetup the NAM default gateway AddressCallout Interface Location Disabling AAA Login Authentication on the NAM Console Line Login authentication list-name End Show running-configEnables privileged Exec mode Enter your password if promptedEnters global configuration mode Creates a local authentication listIp interface internal external Show ipConfigures the NAM system IP address Optional Configures the NAM system broadcast addressConfigures the NAM system default gateway address Optional Enables outside loginsConfiguring the NME-NAM-120S This section provides the following examplesSample Output for the show ip NAM CLI Command Enabling NAM Packet MonitoringWhat to Do Next Checking Network Connectivity with PingAnalysis-module monitoring Enable Configure terminal Ip cefEnd Show running-config Verify that you enabled the Cisco Express Forwarding Switching path and enabled packet monitoring onCorrect interfaces This section provides the following exampleEnabling and Accessing the NAM Traffic Analyzer Ip http server enable or Ip http secure server enableEnables the Http server Enables the Http secure server HTTPsEnter a password Configures a password for the web username Open a Telnet or SSH session to the NAM. SeeAccessing the NAM Traffic Analyzer Enabling the NAM Traffic AnalyzerChanging the NAM Root Password Password rootResetting the NAM Root Password to the Default Value Troubleshooting TipsChanging the NAM Root Password Verifying the NAM Root PasswordEnables privileged Exec mode Enter your password if promptedOpening and Closing a Telnet or SSH Session to the NAM Reloads the software onExit Logout Telnet PrerequisitesSSH Prerequisites To the NAM and return to the Cisco IOS CLI, complete Leaves a subcommand modeReturn to command mode Managing the NME-NAM-120S Shutting Down and Starting Up NME-NAM-120SConfiguration Mode Command Purpose Verifying System Status Configuring Logging Options and Generating Diagnostics Additional References Show trace bufferShow trace store TraceMIBs RFCsMIBs MIBs Link RFCs TitleDescription Link Feature Information for Network Analysis ModuleTechnical Assistance Glossary Service engine Service or servicesEngine Service module NetFlowVoIP SyslogTelnet OL-14942-02