Cisco IOS
Description
The Cisco IOS connector connects to Cisco IOS, IOS-XE, and IOS-XR devices via SSH and runs CLI show commands to enumerate local user accounts and their privilege levels. It maps IOS privilege levels (0–15) to entitlements and identifies level-15 accounts as privileged.
System Type Classification
| Field | Value |
|---|---|
| System Type | Infrastructure |
| Default Scan Priority | 200 |
Version Support
| OrbisID Edition | Supported |
|---|---|
| Community | No |
| Pro | Yes |
| Enterprise | Yes |
Supported Protocol
| Protocol | Port | Notes |
|---|---|---|
| SSH | 22 TCP | SSHv2 required; SSHv1 not supported |
What OrbisID Discovers
| Data | Source |
|---|---|
| Local user accounts | `show running-config |
| Privilege levels (0–15) | privilege level N in user config stanza |
| Enabled secret presence | enable secret / enable password detection |
Connection Requirements
Required Permissions
The scanning account requires privilege level 1 or higher to run show commands. For full discovery, privilege level 15 (enable mode) is recommended.
Minimum permissions:
- SSH login access to the device
show running-config— or equivalent parser view withusernamesection visibility
Credential Mapping
| OrbisID Field | Value |
|---|---|
credential.username | IOS local username |
credential.password | IOS password |
system.hostname | Device management IP or hostname |
Network Requirements
The OrbisID server must have SSH access to the Cisco device on port 22.
Configuration Steps
- Create a local user on the Cisco device with sufficient privilege:
username orbisid-scanner privilege 15 secret <password> - Create a Credential in OrbisID:
- Username:
orbisid-scanner - Password: IOS password
- Username:
- Navigate to Systems → Add System
- Fill in the fields:
| Field | Value |
|---|---|
| Name | Descriptive name (e.g., Cisco IOS – Core Router) |
| OS Type | CiscoIos |
| System Type | Infrastructure |
| Hostname | Device management IP or hostname |
| Credential | The scanning credential |
- Click Test Connection
- Click Save
Troubleshooting
| Symptom | Likely Cause | Resolution |
|---|---|---|
Authentication failed | Invalid username or password | Verify local user credentials on the device |
Connection refused | SSH not enabled | Run ip ssh version 2 and line vty 0 4 / transport input ssh |
| No accounts returned | show running-config not authorised | Use privilege level 15 for the scanning account |
Permission denied | ACL on vty lines | Add the OrbisID server IP to the VTY access list |