Cannot update Banner on 3750 with LMS2.6

Unanswered Question
Dec 19th, 2007

I have a problem with updating 3750 switches using LMS 2.6. I have updated 2950/4506/2811 successfully with the same Netconfig job but the 3750's fail every time. Here is the LMS error:

Message: Command(s) failed on the device

TFTP: Failed on the device. Insufficient no. of interactive responses(or timeout) for command: banner motd "W A R N I N G ..."

Then I checked one of the devices, the log showed this:

%SYS-4-CONFIG_RESOLVE_FAILURE: System config parse from (tftp://x.x.x.x/20071211235750957-x.x.x.x.cfg) failed

This looks like a TFTP problem but why does everything work except 3750s? I checked the configs, nothing special about them. I tried putting in/taking out the service config command but that did no good. I can manually paste this banner into one of these switches but not through LMS Netconfig job.

Any ideas? Thanks for any help

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
David Stanford Wed, 12/19/2007 - 06:50

%SYS-4-CONFIG_RESOLVE_FAILURE: System config parse from(tftp://x.x.x.x/20071211235750957-x.x.x.x.cfg) failed

is due to a service on the routers that looks for tftp server but can not find the tftp server.

That is configured as "service config", which is a service on the routers that looks for tftp servers on the network. When it finds a tftp server running, it tries to find

certain filenames on it (such as network-confg, cisconet.cfg, etc). If it finds those

filenames, then it will download them and merge them with your running configs.

If you do not want your router to perform such service, you can turn if off by going into

to your configuration:

-------------------------------------

9-11-8-3725-118#config t

Enter configuration commands, one per line. End with CNTL/Z.

9-11-8-3725-118(config)#no service ?

alignment Control alignment correction and logging

compress-config Compress the nvram configuration file

config TFTP load config files

:

-------------------------------------

http://www.cisco.com/en/US/products/hw/routers/ps133/products_tech_note09186

a008020b19e.shtml

Once you turn 'service config' off, you will not get the error messages.

Joe Clarke Wed, 12/19/2007 - 09:38

Dave's comments on the syslog message are correct. However, this has nothing to do with your Netconfig problem. Please post your entire template.

gng4life Wed, 12/19/2007 - 13:56

Correct jclarke. I've researched that issue and it's something else not related to the LMS problem I'm having.

The template is simply, "banner motd WARNING ...(continues on for message)". I have the user-defined task set to config and the right device type (routers/switches/LRE/etc). I've tried several combinations such as making the banner message very short (less than 10 characters), I've tried it without the "motd" command in the task also. I'm running out of ideas. I am looking for a way to do it with the "parameterized" feature but not sure if that will do anything. Since it's only specific to the 3750s, it seems like it's a config problem. I plan on putting a new, out of the box 3750 on the network without any new config additions except IP then try pushing the job to that device. I'll post the results later. Do you have any other ideas? Thanks

Joe Clarke Thu, 12/20/2007 - 09:48

The easiest thing to do is use the Netconfig Banner template which already has capabilities to deploy a MOTD banner. However, if you have to use a custom template, you will need to add the multiline support tags. This is documented in the RME online help:

You can enter multi-line commands as a part of User-defined and Adhoc tasks. The multi-line commands must be within the tag and .

These tags are case-sensitive and you must enter them only in uppercase. You cannot start this tag with a space.

Example

banner login "Welcome to

CiscoWorks Resource Manager

Essentials - you are using

Multi-line commands"

You can have a blank line within a multi-line command. The commands within the MLTCMD tags are considered as a single command and will be downloaded as a single command onto the device.

gng4life Fri, 12/21/2007 - 02:07

Jclarke,

Thanks again for the update. This is strange...I put the exact message you have posted and ran the netconfig job. It says it completed successfully but when I go to the switch, there is no banner there. I thought I had the wrong switch but did it again and then tried a different switch...no luck. In the log, it shows CW2K login and doing a tftp config but there is no banner in the config. Am I seeing things? How is this possible? I'm keep testing the MLTCMD commands but so far, no luck. Any other suggestions? Thanks for all the help!

Joe Clarke Fri, 12/21/2007 - 11:11

I would need to see a sniffer trace or the job log with debugging enabled. The example does work provided the syntax is preserved. Have you looked at the device's running config and confirmed the banner is not configured?

gng4life Sun, 12/23/2007 - 00:32

I could try to do a trace at the server switch that connects the CW server but I'm really not sure what that would show you since the job is coming back as successful. What debug would you like to see? It should just show the commands being sent and responded by the 3750s. Again, remember this job works on every other router/switch I have (2950/2811/2651/4006/4506/6509) just not on the 3750.

I can take screen shots and e-mail them to you if that would help but it's just as I'm saying. The logs just show the config was tftp'ed successfully but it's not there. I copy/pasted your example in the netconfig template so syntax is correct.

Yes, I checked sh run and sh start to verify there is no banner configured there.

Are there any other command tags I can put in the template to try? Is there possibly another way I can get banners in, I'm really getting short on time. Thanks for any help and Happy Holidays.

Joe Clarke Sun, 12/23/2007 - 00:47

You may have a bug in that version of code on the 3750s that is preventing the CISCO-CONFIG-COPY-MIB from working correctly. You might try changing the protocol order to try telnet or SSH first instead of TFTP.

As for debug, enable ConfigJob debugging under RME > Admin > System Preferences > Loglevel Settings, run the job, then post the directory pertaining to that job. The directory will be under /var/adm/CSCOpx/files/rme/jobs/NetConfigJob (Solaris) or NMSROOT\files\rme\jobs\NetConfigJob (Windows).

Actions

This Discussion