Jump to content

List of Supported Devices for Configuration Management


Recommended Posts

[Last updated April 2021]

 

This is an entirely new capability offered by Domotz. We will add more and more devices to the following list for which Domotz offers the possibility to:

  • automatically back-up configuration
  • manually back-up specific configuration
  • compare across different versions
  • getting alerted if something changes
  • getting notified if running configuration is different from the saved one
  • restore previous saved configuration
  • upload and update the device with a new configuration

 

The following is the current list of supported devices for those capabilities:

 

Brand

Brand

Model #s Tested

Model #s Tested

 

Notes

Notes

Cisco

 

 

IOS Series:

  • Catalyst 2960
  • Catalyst 3560
  • Catalyst 3650
  • Catalyst 3750
  • SSH and SNMP enabled

 

  • In order to unlock this functionality, it requires an SSH user (with privilege 15)

 

  • SCP module should be enabled:

            ip scp server enable

 

  • In order to benefit the auto-rollback on error capability, the "archive" functionality should be enabled: 
archive
path flash:archive
write-memory

 

--

 

In order to create a user with privilege level 15 issue the following commands:

#conf t
(config)#username <username> privilege 15 password <password>


If you do not have AAA authentication ("no aaa new-model" in your conf file), you need to issue the following commands:
(config)#line vty 0 15
(config)#login local

 

In case that you are using AAA authentication (aaa new-model in your config file), in order for the privilege 15 user to log in in enable mode, you need to issue the following commands:
(config)#aaa authentication login default local
(config)#aaa authentication enable default enable
(config)#aaa authorization console
(config)#aaa authorization exec default local if-authenticated

 

Cisco

 

 

SG Series

  • SSH and SNMP enabled.

 

  • admin account with privilege level 15.

 

  • The following lines in the configuration file:

             - ip ssh password-auth   (mandatory)

             - no logging console (recommended) 
 

 

Luxul

 

 

  • XMS
  • AMS
  • SMBStaX
  • SSH and SNMP enabled.
  • admin account with privilege level 15.

 

Juniper

 

 

  • Juniper OS
  • SSH and SCP should be enabled..
  • User must be super-admin or capable of restoring configuration.

 

WatchGuard

 

 

  • Fireware OS
  • HTTPS (port 8080) is needed for recognition
  • SSH and TFTP enabled
  • Max configuration file size 5MB
  • (warning) We recommend having a separate ssh user for this feature since only 1 session per user is allowed at a time (warning)
  • (warning) A firewall rule must allow TFTP traffic from the Domotz agent host to the WatchGuard firewall

 

FortiNet

 

 

  • FortiOS
  • SSH and TFTP services enabled
  • Max configuration file size set to 5MB
  • A firewall rule must allow TFTP traffic from the Domotz agent host to the FortiGate device:

https://docs.fortinet.com/document/fortigate/6.0.0/Handbook/690377/trivial-file-transfer-protocol-tftp-session-helper-tftp

  • The following output configuration is needed for the correct interpretation of its configuration, through the FortiGate's CLI run the following (it removes the pause between output data):

# config system console
    set output standard
end

Note: Hash for passwords and other encrypted data may be shown as diff when comparing configurations even if the password is the same:

https://forum.fortinet.com/tm.aspx?m=176962 

 

 

Note: in order to trigger the Domotz driver to discover configuration files, SNMP should be enabled on the Network appliance. In this way, Domotz is able to correctly identify the device, and trigger the correct driver for configuration management purposes.

 

---------------------------------------------------------------------------------------------------------------------------------------------------------

 

Few screenshots related to the Device Configuration Management:

 

Automatic and Manual Backup - Domotz automatically backup the configuration of the device and shows the history of the last configuration files. The backup is executed every 6 hours, and a new version is only saved (and showed) if it differs from the previous version.

 

Moreover, Domotz allows the manual backup of the configuration file. A new version is created, regardless if it differs or not from the previous saved version:

 

Screen Shot 2020-04-07 at 12.56.42 PM.png

 

Through the same interface, it is possible to upload a new configuration file (which can then be applied to the device). Moreover, each saved configuration file can be locally downloaded.

 

Finally, user is also notified if there is a misalignment between the running and the startup (flash / bootflash) configuration.

 

Compare and Restore Configuration Files - Domotz allows the user to compare different saved versions of configuration files, and to restore a previously saved one:

 

Screen Shot 2020-04-07 at 12.56.53 PM.png

  • Like 1
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...