We have successfully installed ciscoworks LMS 3.0 in our network.
We are facing some problems related to Campus user tracking.
In our network FWSM is running with 'MSFC Outside' topology (meaning FWSM has default route set towards the MSFC and then the MSFC is going towards our Internet/WAN Routers. All our LAN subnets are in FWSM to process and protect our inside traffic.
In the Campus user tracking Acquisition setting we have selected (use DNS to resolve hostname, get user name from UNIX host, get username from NT and NDS domain).
We have no problem with DNS Settings for layer 2 and layer 3 devices, since we are able to ping these devices using their host-names. DFM is also able to do reverse-lookup while sending email alerts. All end-users also have a reverse-lookup zone configured in DNS.
If we use user tracking reports it is only displaying the mac address of the end-users and not their usernames, hostnames and ip address. I understand that the username part requires a script to be loaded on the domain controller. We will skip that for now, We checked the Supported device tables for LMS 3.0 Dec 2007 Update and it seems FWSM is not supported for 'User Tracking'. Currently all our IP/Mac mappings are present in the FWSM if the 'show arp' command is issued. The Core Switches (MSFC Outside) have no knowledge of the IP addresses of these devices as they are one L3 hop away and the core switch has a route pointing towards the FWSM to reach all these Internet LAN subnets.
As a result, in Campus Manager >> User Tracking >> Configuration Subnet acquisition setting, we are not getting our internal subnets only external network subnets are being displayed (Like the subnets between the MSFC/FWSM, between the MSFC/Routers etc. All other LAN subnets are not appearing.
How we can solve this problem so that we can track the all users using their IP addresses. Is there any future planned release in which FWSM will be supported for User Tracking? Or any workaround like making a custom Import file and importing this information? Or any other work-around.
Any help is highly appreciated.