для Cisco Cisco Packet Data Gateway (PDG)

 

A Security Administrator can set a plain-text or encrypted password for access to CLI test commands. The password 
value is stored in /flash along with the boot configuration information. The show configuration and save configuration 
commands will never output this value.  

  VPC-VSM requires that cli test-commands mode be enabled. Use of cli test-commands other than 

those required to configure SecGW can slow system performance, drop subscribers, and/or render the system 
inoperable. 

The Global Configuration mode command tech-support test-commands [encrypted] password password sets an 
encrypted or plain-text password for access to CLI test-commands. 

When a test-commands password is enabled, the Global Configuration mode command cli test-commands [encrypted] 
password password requires the entry of the password keyword. If the encrypted keyword is specified, the password 
argument is interpreted as an encrypted string containing the password value. If the encrypted keyword is not specified, 
the password argument is interpreted as the actual plain text value 

  If tech-support test-commands password is never configured, cli-test commands will always fail. 

If the password keyword is not entered for cli test-commands, the user is prompted (no-echo) to enter the password. 
Also, cli hidden must be enabled by a Security Administrator to access the CLI test-commands. 

 

  Low-level diagnostic and test commands/keywords will now be visible to a user with Administrator 

or higher privilege. There is no visual indication on the CLI that the test-commands mode has been enabled. 

The Global Configuration mode command tech-support test-commands [encrypted] password password sets an 
encrypted or plain-text password for access to CLI test-commands. 

This command sequence is shown below. 

[local]host_name# config 

[local]host_name(config)# tech-support test-commands [encrypted] password 
password 

[local]host_name(config)#