03-13-2017 07:44 AM - edited 03-03-2019 08:29 AM
Hi,
I’m using NSO NFVO to spin up a CSRv1k and want to use Netconf to manage it. My day0-file (attached) configures Netconf and when the device is started I can SSH into it and also connect to the Netconf port.
The password is accepted for SSH, but not for netconf, why is that?
07-31-2017 02:08 AM
Since asking this question I managed to solve the problem myself with a smaller simpler day0 configuration.
The problem I had was the line
username admin privilege 15 password $ADMIN_PWD
It is missing a "0" after "password":
username admin privilege 15 password 0 $ADMIN_PWD
A working day0 configuration follows, note that it is smaller than the one attached in the question.
All dollar-variables needs to be exchanged for your scenario. This day0-configuration is used by the NSO tailf-etsi-rel2-nfvo function pack and the '$'-variables are replaced with their actual values.
!
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
!
!####_DAY0_HOSTNAME_AND_ENABLE_PASSWORD
!
hostname $HOSTNAME
!
enable secret $ADMIN_PWD
!
interface GigabitEthernet 1
description mgmt interface
ip address $NICID_0_IP_ADDRESS $NICID_0_NETMASK
no shutdown
!
interface GigabitEthernet 2
description left interface
ip address $NICID_1_IP_ADDRESS $NICID_1_NETMASK
no shutdown
!
interface GigabitEthernet 3
description right interface
ip address $NICID_2_IP_ADDRESS $NICID_2_NETMASK
no shutdown
!
ip route 0.0.0.0 0.0.0.0 $NICID_0_GATEWAY
!
aaa new-model
aaa authentication login default local
aaa authorization exec default local
username admin privilege 15 password 0 $ADMIN_PWD
!
line con 0
stopbits 1
line vty 0 4
transport input ssh
line vty 5 15
transport input ssh
!
ip domain lookup
ip domain-name tail-f.com
ip tftp source-interface GigabitEthernet 1
ip ssh version 2
ip ssh source-interface GigabitEthernet 1
no ip ssh stricthostkeycheck
!
!####_DAY0_GENERATE_CRYPTO_KEY
!
crypto key generate rsa modulus 2048 general-keys
!
netconf-yang
!
do write memory
I also recommend an excellent blog post here: https://cisco.jiveon.com/groups/nso-field-portal/blog/2017/04/03/a-network-engineer-building-an-nso-environment-with-pnp-and-pioneer-from-scratch
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide