Campus Manager Discovery and NAT

Answered Question
Nov 6th, 2007

Is there any issues using NAT and discovery?

I have this problem too.
0 votes
Correct Answer by Joe Clarke about 9 years 3 weeks ago

This is not something that can easily be fixed in LMS. It needs to be fixed by adding an ALG to, for example, Cisco IOS NAT. The problem with that is that an IP PDU can show up in just about any object, so the ALG would need to be aware of the entire MIB tree (or at least support addition of objects that contain embedded addresses).

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Joe Clarke Tue, 11/06/2007 - 12:59

Absolutely. There is currently no ALG for SNMP, so the embedded IP address in the SNMP CISCO-CDP-MIB PDUs will not be translated. The result will be that Campus Device Discovery will try to contact devices by their un-NATed addresses, and this will fail.

paul.coley Mon, 11/12/2007 - 09:58

Thats not too good in my scenario...it means alot of manual entry. Was this NAT issue fixed in any of the latest releases of CIscoworks?

Correct Answer
Joe Clarke Mon, 11/12/2007 - 10:05

This is not something that can easily be fixed in LMS. It needs to be fixed by adding an ALG to, for example, Cisco IOS NAT. The problem with that is that an IP PDU can show up in just about any object, so the ALG would need to be aware of the entire MIB tree (or at least support addition of objects that contain embedded addresses).

paul.coley Mon, 01/21/2008 - 06:58

We currently use a product called IND Peregrine Network Discovery and it discovers based on SNMP and has no issue with dicovery via NAT. Since I am building this new Ciscoworks server I would like to know if I can import the device database from this third party product into Ciscoworks LMS 2.6

This would possibly save me a tonne of manual work regarding playing around with seed file and local host file.

Joe Clarke Mon, 01/21/2008 - 11:00

As long as you can export the device list and credentials into a CSV format that is compatible with the one DCR expects, you can certain use the third party data in LMS.

Though I am curious how this tool could do SNMP-based discovery of NAT'd devices. The same problems faced by Campus would have to affect this tool. That is, any IP addresses in embedded PDUs (e.g. ARP table, CDP cache, etc.) would not be translated. The only way I imagine it could work is if you specified a mapping file to tell it how to translate the inside addresses to global addresses.

Actions

This Discussion