The Device Management Interface (DMI) is an XML-RPC-based protocol used to manage Connect Secure/Policy Secure devices. The protocol allows administrators and third-party applications to configure and manage Connect Secure/Policy Secure devices bypassing their native interfaces. This article provides the configuration steps for enabling a DMI Agent to use with a NETCONF (Network Configuration) Client.
Problem or Goal
The configuration steps are as follows:
Create a unique admin account under Authentication Servers > Administrators.
Configure the DMI agent. Go to Configuration > DMI Agent
Set the following options:
Enable DMI connection for Inbound
Accept connections on "Internal Port and set the TCP port to 22
Set the Primary and Backup port to 7804
Check DMI Logging
Next, run the following command from a Linux system:
ssh -l <user> <ip address> -p <port> -s netconf
Where <user> is the username providing the XML output
When prompt, enter the password for the <user> ID. See example below.
When connecting through the DMI agent, the prompt for password cannot be avoided. Authentication is required since configuration changes can be made to the PCS device through the DMI agent.
If successful, a log entry is posted in Log/Monitoring > Admin Access log: