LMS Questions

Answered Question
Mar 14th, 2007

Hello,


I have installed LMS 2.5 and upgraded to LMS 2.6 how do i configure my PIX 515e to show up in LMS?


I can not figure out how to set the snmp ro and rw strings.

Correct Answer by Joe Clarke about 9 years 11 months ago

You need to add an snmp-server host command for your CiscoWorks server. For example, if your CiscoWorks server's address is 10.1.1.1, and it is on the inside interface of the PIX:


snmp-server host inside 10.1.1.1

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Joe Clarke Wed, 03/14/2007 - 12:34

You will first need to make sure you have all of the latest RME 4.0.5 device packages installed from Cisco.com. You can do this under Common Services > Software Center > Device Update. The PIX 515E support was added recently.


To add a device and credentials into LMS 2.5+, go to Common Services > Device and Credentials > Device Management, and click Add. First fill in all of the device identity information (i.e. hostname, IP, etc.), then click Next to fill in the credentials (including the community strings).


Note: you only need a read-only community string for PIXes.

brianwagerer Wed, 03/14/2007 - 12:40

Ok I have the ro string set in the PIX

However when I run the inventory collection it fails on the PIX with Transport session to device failed. Cause: Authentication failed on device.

Joe Clarke Wed, 03/14/2007 - 12:58

Inventory Collection or Config Collection? This error looks more like a configuration archive sync message. What version of the Pix RME device package do you have? Does SNMP Walk of the PIX work in the LMS Device Center using the same RO community string you specified in DCR?

brianwagerer Thu, 03/15/2007 - 05:05

Failed to snmpwalk the device. Please check your community string and starting OID, and try again.


How do i konw what the starting OID is?

Joe Clarke Thu, 03/15/2007 - 08:17

The problem is most likely not the starting OID (though you can try .1.3.6.1.2.1.1), but rather with the SNMP configuration on the PIX. What is your configuration? Is the LMS server allowed to query the PIX via SNMP?

brianwagerer Thu, 03/15/2007 - 08:42

In the PIX i have these settings


snmp-server location MTR

snmp-server contact ******

snmp-server community ******

snmp-server enable traps snmp

Correct Answer
Joe Clarke Thu, 03/15/2007 - 09:25

You need to add an snmp-server host command for your CiscoWorks server. For example, if your CiscoWorks server's address is 10.1.1.1, and it is on the inside interface of the PIX:


snmp-server host inside 10.1.1.1

Joe Clarke Thu, 03/15/2007 - 11:06

Then double-check the community string is valid DCR for the Concentrator, and make sure there are no firewalls between the LMS server and the Concentrator that could be blocking SNMP.


You should also check your Concentrator filters and rules to see if you're blocking SNMP. That is done under Configuration > Policy Management > Traffic Management.

Actions

This Discussion