Manualshelf

User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-8525
61626364656667686970
File Administration Discovery Configurator (EE)
46
AlliedView NMS Administration Guide
Status polling via ICMP or SNMP does not require CLI access; CLI discovery is only required when device configuration
(backups, port management, VLAN management, etc.) is desired and is only applicable to fully-supported devices (refer to
Section 1).
Once a device has been discovered by way of SNMP, more detailed discovery requiring a CLI login is required to manage the
device. The NMS will attempt to log into each device until it either discovers an accepted login or all login attempts are
rejected. The login sequence generally follows the order of the logins in the table. The order may be modified by selecting a
row and then clicking on the up or down ( ) buttons.
The login sequence can be overridden by the Hints field. Hints are a comma-separated list of device category, sysLocation, IP
address, and subnets (in x.x.x.x/bits notation). Login parameters for a device that matches any of the hints will be attempted
before any other login parameters. If there are more than 1 login entry with matching hints, they will be attempted in the
sequence from the list.
If all login attempts with matching hints fail, all of the entries without hints will be attempted until one is accepted or all are
rejected. And if all of those fail, all of the rest (without matching hints) will be attempted.
The Description field is a free format reminder of what each login entry represents.
There are 2 login types: User and Security Officer, which are specified by the radio button. The “user” type uses the User Id
and Password to initially log into the device. User login is all that's required for iMAPs running without TACPLUS.
If a device is running with TACPLUS enabled, the NMS also needs a Security Officer passcode (to enable securityofficer).
Security Officer passcodes can be designated by clicking on the Security Officer radio button. For Security Officer, the User
Id field is not applicable and will be disabled and set to “tacacs+”. (You can still define a user login with the user id tacacs+, if
necessary, by clicking on the User radio button instead of the Security Officer radio button) Security Officer passcodes will
be attempted as ordered in the list and as overridden by Hints. Since multiple Security Officer passcodes are permissible, be
sure to use the description field to keep track of which is which (since they will typically be indistinguishable without
displaying the passcode).
There is also the option to select the protocol. The default is telnet, but here is also the option to choose SSH. These are
also added to the User ID list.
Most Allied Telesis devices support SSHv2. Using SSH involves configuring and enabling the SSH server. This involves:
Server authentication, confidentiality, and integrity
User authentication through the use of a password and/or public key
Connection encryption for interactive login sessions
Refer to customer documents for Allied Telesis products for support of specific SSH features.