In this post, I will show, how to create iMC access templates, to configure the iMC access to devices. I will show, how to create
iMC Access Template for SNMP
The basic protocol for network management is SNMP and as any other network management tool, iMC need SNMP to discover and monitor the device. Of course you should secure the communication between the network management station and the network device. Therefore you should at lest use SNMP v2 which has some kind of authentication included. If you need more security, you should go with SNMP v3, which provides even more protection. I will configure SNMP v3 for my iMC access template.
To create the template, go to “System–>Resource Management–>SNMP Template” and click the “Add” button:
You have to specify a “Name” for the template and a “Parameter Type”. Here you can select which version of SNMP you would like to use and you should make sure, that the “Parameter Type” match the capabilities of your device. I have chosen SNMP v3 with authentication and encryption. This means, I have to insert an “Authentication Password” and an “Encryption Password”. If you have inserted all needed information, you can save the iMC access template for SNMP by clicking on the “OK” button.
iMC Access Template for Telnet
If you have to use telnet in your environment, you can also create an iMC access template for telnet. I use this only in my test environments, but would recommend to use SSH in production environments. I only show this for completion. To create an iMC access template for telnet go to “System–>Resource Management–>Telnet Template” and click the “Add” button:
For “Authentication Mode” you can choose between different types of authentication, which depends on the way you configured your devices. I choose “Username+Password” which is the most common type. You have to provide a “Username” and a “Password”. Save the template by clicking on the “OK” button.
iMC Access Template for SSH
To configure an iMC access template for SSH go to “System–>Resource Management–>SSH Template” and click the “Add” button:
For most of the scenarios, the “Authentication Mode” “Password” is enough. If you need a different one, please select the correct one from the list. You have to provide a “User Name” and a “Password”. Click the “OK” button to save the template.
I would always recommend to use SSH instead of telnet to get access to the devices.
Use an iMC Access Template
You can use the created templates for device discovery within iMC. Go to “Resource–>Resource Management–>Add Device”:
On top of the page, not visible in the screen above, you have to enter some device specific information like IP or hostname. Below that you find the settings for SNMP, telnet and SSH. Here you can “Configure” the default values and select one of the created templates. At discovery time, iMC will use the credentials and methods defined in the templates to access the device.
If you change the templates
Here, you can select the devices for which you would like to configure new access credentials and you can configure the new template. This will update the used access credentials for the selected devices.
If you have any questions or if you would like to provide feedback, please use the comment function below.
Hi, I’ve been looking for a method to add a core switch and all managed nodes on the subnet e.g. 10.10.x.x /16into IMC. Your explanation is very detailed, but will this help me or is there a further step to follow.
Many thanks
Hi Vincent,
Actually, creating access templates is the first step. Afterward, you can use the auto-discovery feature to scan a subnet for example for devices. during this scan, you would use the created access templates to try to access the devices. Unfortunately, I have no iMC available at the moment, but look into the manual and look for “Auto discovering devices”. This should point you in the right direction.
BR
Florian
Hi Florian, thanks for this very comprehensive and useful article. I have a side question that might not be directly connected to the access templates but hope it is ok to ask it anyway. I am wondering if there is a possibility of an automatic deletion of nodes from IMC if they are not longer reachable, either via ICMP, SNMP or SSH. And if there is such a function, is it possible to specify for how long a node must have been unreacheable to be deleted from IMC? I have been searching for the answer but could not find it anywhere.
Hi David,
There is no such function within iMC. Can you explain the use case in more detail? Why would it make sense to remove unreachable devices from iMC? Normally, this indicates an issue that needs to be resolved.
But you can always use the API from iMC to get this functionality using an external script. Might this work for you?
BR
Florian
I have created SNMPv3 templates. Now I’m not able to locate a note with the passkeys for authentication and privacy. How the passwords can be revealed or is there a location on the server where those can be viewed?
Hi Pat,
I’m not sure if this is possible at all To my understanding the passkeys are saved in a way that they cannot be revealed. You should either find your notes about the passkeys (maybe you can get it from devices where the passkeys are already configured) or you need to create new passkeys and distribute them through the network.
BR
Florian