Cisco RME/CSM

Unanswered Question
Feb 19th, 2008

I have installed the CiscoWorks Common Services with SP3 and Resource Manager Essentials Incremental Device Support 3.5 and Security Monitor 2.1.

Now i wanted to configure my devices and RME so that I can view them in cisco view. Can anybody help me out how to configure RME for cisco devices.

I have configured my devices for snmp. But still not able to see them in CSM. I have configured my firewall with snmp but when i add them, I didnt get any event and other function.

Kindly tell me how to conifgure the devices and RME for cisco view and Cisco secure monitor for IPS/VPN/FW.

I will be very greatful to all.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Joe Clarke Tue, 02/19/2008 - 09:22

I can speak about RME and CiscoView, but you might be better off asking your VMS questions on one of the security forums. Assuming your devices have SNMP configured, you can add them to RME under RME > Administration > Inventory > Add Devices.

RME and CiscoView don't automatically share settings, so you could either simply go to Device Manager > CiscoView, and enter your device's IP address to view it, or import the device list from RME. To import the device list, go to Device Manager > Administration > CiscoView Server > CiscoView Device List > Import Device List. Enter your RME access parameters, and click Import. Then go to Edit Per User List, and add all of the newly imported devices to each user that will be using CiscoView. Apply your changes. Then when you launch CiscoView, all those devices will appear under the Select Device pull-down.

wasiimcisco Tue, 02/19/2008 - 14:51

Thansk for the reply. My all secuirty devices are configured for SNMP already.

TDC-INT-525-01(config)# sh run | in telnet

telnet 172.28.32.50 255.255.255.255 inside

telnet 172.28.92.72 255.255.255.255 edn

telnet timeout 5

TDC-INT-525-01(config)# sh run | in http

access-list outside_acl extended permit tcp any host 41.223.188.39 eq https

http server enable

http 172.28.32.50 255.255.255.255 inside

http 0.0.0.0 0.0.0.0 edn

TDC-INT-525-01(config)# sh run | in ssh

aaa authentication ssh console LOCAL

ssh 172.28.32.50 255.255.255.255 inside

ssh 172.28.37.0 255.255.255.0 edn

ssh 172.28.92.0 255.255.255.0 edn

ssh timeout 5

TDC-INT-525-01(config)# sh run | in snmp

snmp-server host inside 172.28.32.50 community ciscoworks123

no snmp-server location

no snmp-server contact

snmp-server community ciscoworks123

snmp-server enable traps snmp authentication linkup linkdown coldstart

snmp-server enable traps syslog

IPS Configuration

service notification

trap-destinations 172.28.32.50

trap-community-name ciscoworks123

trap-port 162

exit

enable-notifications true

enable-set-get true

system-location BZV-TDC-4255

system-contact Wasim Hassan

But when I try to add manually in RME, I got the following errors which i have mentioned in the screen shots.

Kindly tell me how to solve the problem.

Attachment: 
Joe Clarke Tue, 02/19/2008 - 15:08

First, the Domain Name is not another name for IP address. This should be the DNS domain name for this device. If you do not have one (i.e. this device's IP address does not resolve to a fully-qualified name), then leave this field blank. I suspect you will get further if you put the IP address of the device in the Device Name field. That is:

Device Name: 172.28.32.5

Domain Name:

User Field 1:

User Field 2:

User Field 3:

User Field 4:

Serial Number: 907410468

Next, do not user Local User and Local Password for PIX devices. Instead, use TACACS User and TACACS Password. Of course, this assumes that you get a username prompt when you telnet to the PIX. If you just get a password prompt, only fill in the telnet password. If you DO get a username prompt, you should leave the telnet password field empty.

A PIX cannot have a read-write community string, so leave this field empty.

As for import, you need to specify the IP address of your CiscoWorks server. That is:

Host Name: 172.28.32.50

Port: 1741

Note: CiscoView does not support the PIX, so you will not be able to view that device in CV.

wasiimcisco Thu, 02/21/2008 - 07:02

Thanks for the reply,

My dear friend, pix is supported by ciscoview. I have configured it and it is working fine. But IPS is not configurable. I am not even able to see any package for IPS on cisco website. Kindly tell me how to configure it.

See the snapshot for devices that gave me error.

Now I am having problem with Cisco Performance monitor. I am only able to import VPN concentrator into Performance monitor via RME. But not been able to import PIX firewall. Though the same RME entry is working fine for Cisco View.

Kindly tell me how to confiugre PIX firewall and IPS for performance monitor.

Also i am not able to delete the entries of devices from Performance monitor that were unable to import.

Joe Clarke Thu, 02/21/2008 - 09:30

Yes, sorry. I was thinking of the ASA devices. Your Performance Monitor and VMS questions might be better answered on one of the security forums.

wasiimcisco Thu, 02/21/2008 - 10:27

My dear even ASA is now supported in cisco View. only IPS is not supported. Rest are all supported.

Joe Clarke Thu, 02/21/2008 - 10:36

No, there is no ASA device package for CiscoView. There is currently no plan to release an ASA device package for CiscoView since ASDM should be used for that kind of management.

wasiimcisco Thu, 02/21/2008 - 12:03

Thanks for the update. But I want your help in configuing the Performance monitor for PIX and IPS.

I am only able to configure it for concentrator but not for PIX and IPS. Can you help me out how to configure the PIX and IPS for the Performance monitor. I will be very greatful to you.

Also tell me how to clear the error devices from cisco performance monitor.

My firewall configuration:

TDC-INT-525-01# sh run | in snmp

snmp-server host inside 172.28.32.50 community ciscoworks123

no snmp-server location

no snmp-server contact

snmp-server community ciscoworks123

snmp-server enable traps snmp authentication linkup linkdown coldstart

snmp-server enable traps syslog

TDC-INT-525-01# sh run | in domain

domain-name default.domain.invalid

domain-name default.domain.invalid

TDC-INT-525-01#

Kindly also the attachment for the following errors that i m getting in performance monitor. DO let me know how to remove devices from performance monitor

Joe Clarke Thu, 02/21/2008 - 12:06

As I said, Performance Monitor questions would be better answered on one of the security forums. I have no experience with PM, so I will not be able to offer any clues as to why it is not working.

Actions

This Discussion