To enable NETCONF on a Cisco Device, the following prerequisites must be met:
- Cisco IOS Release > 12.4(9)T
- username / password access (either local or via tacacs) must be configured
A detailed guide about how to configure NETCONF over SSH can be found on http://www.cisco.com
Enable SSH Version 2
R3#show ip ssh SSH Disabled - version 1.99 %Please create RSA keys (of atleast 768 bits size) to enable SSH v2. Authentication timeout: 120 secs; Authentication retries: 3 R3#conf t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#ip ssh rsa keypair-name sshkeys Please create RSA keys (of atleast 768 bits size) to enable SSH v2. R3(config)#crypto key generate rsa usage-keys label sshkeys modulus 768 The name for the keys will be: sshkeys % The key modulus size is 768 bits % Generating 768 bit RSA keys, keys will be non-exportable...[OK] % Generating 768 bit RSA keys, kes will be non-exportable...[OK] crypto_lib_keypair_get failed to get sshkeys R3(config)#*Nov 29 13:18:51.307: %SSH-5-ENABLED: SSH 1.99 has been enabled R3(config)#line vty 0 4 R3(config-line)#login local
Enable NETCONF
Enabling NETCONF can be done with one single command:
R3(config)#netconf ssh
Debugging NETCONF
To debug NETCONF on a Cisco device you can use debug netconf and debug cns xml. The latter command turns on debugging messages related to the CNS XML parser.
-1 Responses to “Enable NETCONF on a Cisco device”