Cisco IOS

JSA Risk Manager supports the Cisco Internet Operating System (IOS) adapter.

The Cisco IOS adapter collects device configurations by backing up IOS-based network switches and routers.

The following features are available with the Cisco IOS adapter:

Neighbor data support
Dynamic NAT
Static NAT
SNMP discovery
Static routing
EIGRP and OSPF dynamic routing
P2P Tunneling/VPN
Telnet and SSH connection protocols

The following table describes the integration requirements for Cisco IOS.

Table 1: Integration Requirements for Cisco IOS
Integration requirement	Description
Versions	IOS 12.0 to 16.2 for routers and switches. Cisco Catalyst 6500 switches with MSFC. Use the Cisco IOS adapter to back up the configuration and state of the MSFC card services. If a Cisco IOS 7600 series router has an FWSM, use the Cisco ASA adapter to back up the FWSM.
User Access Level	A user with command exec privilege level for each command that the adapter requires to log in and collect data. For example, you can configure a custom privilege level 10 user that uses local database authentication. The following example sets all `show ip` commands, to privilege level 10. `privilege exec level 10 show ip`
SNMP discovery	Matches ISO or Cisco Internet Operation System in SNMP sysDescr.
Required credential parameters To add credentials in JSA log in as an administrator and use Configuration Source Management on the Admin tab.	Username Password Enable Username (Optional) Use this field, if the user needs to enter a specific privilege level when logging in to the device. Use the format `level-<n>` where `n` is a privilege level [0-15]. For example, to enter privilege level 10, enter the following command: `level-10` This results in sending the enable 10 command to the Cisco device. Enable Password (Optional)
Supported connection protocols To add protocols in JSA, log in as an administrator and use Configuration Source Management on the Admin tab.	Use any one of the following supported connection protocols: Telnet SSH
Commands that the adapter requires to log in and collect data	`terminal length 0` `show startup-config` `show ip arp` `show cdp neighbors detail` `show mac address-table dynamic` `show ip ospf neighbor` `show ip eigrp neighbors` `show ip bgp neighbors` `show interfaces` `show version` `show interfaces` `show access-lists` `show ip route \| exclude ^B'` `show ip route bgp \| include 0.0.0.0/0` `show ipv6 route \| exclude ^B` `show ipv6 route bgp \| include 0.0.0.0/0` `show ipv6 routers` `show ipv6 interface` `show ipv6 access-list` `show object-group` `show vlan` `show vlans` Try to use the `show vlan` command first. If the `show vlan` command is not available, use the `show vlans` command. The `show vlans` command is used for Catalyst 6500 series switches and Cisco 7600 series routers.

Cisco IOS

Related Documentation