Before using AmpCon for deploying PICOS switches, System Configuration parameters need to be set. Login to the AmpCon GUI. Select the Settings->System Configuration menu and fill in the values for the following parameters:
- Enter the following default user name and password: admin/pica8. If you use TACACS, enter the user’s TACACS user name and password. User name and password need to be same for all PICOS switches managed by AmpCon. Please refer to step 6 below for TACACS example configuration and details.
- License portal URL: https://license.pica8.com.
- License portal user: Enter user id for the Pica8 License Portal.
- License portal password: Enter the password for the License Portal.
Note: Please refer to Appendix G for details on AmpCon Licensing.
5. Config Backup Number: This field is optional. Specify the maximum backup number for the config snapshots.
6. Initial security config file path: Before configuring and using the switch, switch will be configured with an initial security configuration to eliminate any unauthorized access. Create a text file and add PICOS security-related set CLIs (for example TACACS commands).
Example TACACS+ configuration for AmpCon:
First configure TACACS+
set system aaa tacacs-plus key xxxx set system aaa tacacs-plus disable false set system aaa tacacs-plus server-ip 10.10.51.42 |
Next, configure the TACACS+ user credentials as follows:
set system login user test authentication plain-text-password xxxxxx set system login user test class super-user |
Note that the user name and password for the above TACACS example configuration are test/ xxxxxx. Use these TACACS credentials in step1.
Another option is to upload an empty text file for initial security config. If you upload an empty initial security config file, use admin/pica8 as the password in step1.
Then click + in the Initial security config file path field.
The security configuration contained in the Initial security config file will be in effect in the switch only until the full configuration is pushed by AmpCon.
7. Initial parking security config file path: To eliminate any unauthorized access, switches in “parking lot” will be configured with an initial parking security configuration. That is, configurations in “Initial parking security config file” will be pushed to switches that already registered to AmpCon but without generated configuration.
Click + in the Initial parking security config file path field to add the security config file for switches in “parking lot”.
Notes:
As the username and password configured in step 1 are always used by AmpCon to SSH to switches, so, users should ensure that configurations in security config file and parking security config file will not make AmpCon fail to log in to the switch with the username and password configured in step 1.
Next, verify connection to the License server by clicking the link shown below. It will pop-up a window with the Success message shown below.
Click Save to save the System Configuration parameters.
