Some newby questions :)

Answered Question
Jun 4th, 2008

Good day everyone!

I am new to CiscoWorks, just managed to install it and integrate with ACS and I have some newby questions:

1. How to delete devices from database (old devices, unreachable devices).

2. How to send CLI commands to the group devices for management purposes (collect information) and for configuration (using netconfig I was able to send only predifined commands to routers and switches) What I want is to send raw CLI commands. Is it possible?

3. My syslog collector status tells me: 533 invalid messages received, 533 total. What does it mean? Why all syslog messages are invalid?

4. Campus user tracking does not shows me IP addresses, only MAC association to physical ports. I believe its not OK?

I have this problem too.
0 votes
Correct Answer by Joe Clarke about 8 years 6 months ago

I'm not sure exactly what kind of support you're looking for, but we will be adding VSS support in Topology Services and User Tracking in Campus Manager 5.1 which will be part of LMS 3.1 due out July 1. That will complete our current VSS support plans as RME 4.1.1 already has VSS support.

Correct Answer by Joe Clarke about 8 years 6 months ago

You will either need to establish a route so that the LMS server can reach this address, or, if the device is running new enough code, use the command:

cdp source-interface LOOPBACK_IF

Where LOOPBACK_IF is the loopback interface you want to use as your CDP source interface.

1. Then you'll want to remove them from Common Services->Device and Credentials->Device Management, pop a csv list of up to about 50 devices in the selector search, select and delete.

3. Do you have syslog'ing enabled on the devices to the server ? Any intervening technology like NATs or firewalls ?

4. VSS -ICK! yes thats not supported by Ciscoworks right now. I heard about that last year in San Jose along with the sup 720b and thought CSR1's looked like a better solution.

I'll try and answer a few that are within the relm of my experience:

1. I dont personally use ACS integration as I use ranged authentication profiles instead of per device profiles.

2. Either cwcli (ciscoworks CLI) or netshow. Netconfig you can send raw cli commands using the adhoc template, but unless you build in the logic to gather the results local or remotely, it'll just run the command and ignore the results. Netshow gathers the results.

3. Take a look at your syslog_info file (located in unix under /var/log/ ) and check to see if the format of the syslog messages is correct... they should look like :

Mar 3 07:17:36 10.13.63.7 2008 Mar 03 10:17:29 EST -05:00 %PAGP-5-PORTTOSTP:Por

t 5/9 joined bridge port 5/9

4. That means that the Campus is not gathering the arp tables of the router servicing the layer 2 switching environment to match up with the MAC addresses it finds on the switchports. You need to check to see if the router(s) that service this layer two environment are in your data collection. The easiest way to to ensure that "enable auto mode" is checked in your Mode and Policy settings located under Campus Manager->Data Collection->Mode and Policy Settings. This will collect data from any device in the Device Credential Repository (DCR) that matches the range you specify below it. With ACS integration AND individual device authentication profiles you should get info from all of your devices.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.4 (5 ratings)
Loading.
Correct Answer

I'll try and answer a few that are within the relm of my experience:

1. I dont personally use ACS integration as I use ranged authentication profiles instead of per device profiles.

2. Either cwcli (ciscoworks CLI) or netshow. Netconfig you can send raw cli commands using the adhoc template, but unless you build in the logic to gather the results local or remotely, it'll just run the command and ignore the results. Netshow gathers the results.

3. Take a look at your syslog_info file (located in unix under /var/log/ ) and check to see if the format of the syslog messages is correct... they should look like :

Mar 3 07:17:36 10.13.63.7 2008 Mar 03 10:17:29 EST -05:00 %PAGP-5-PORTTOSTP:Por

t 5/9 joined bridge port 5/9

4. That means that the Campus is not gathering the arp tables of the router servicing the layer 2 switching environment to match up with the MAC addresses it finds on the switchports. You need to check to see if the router(s) that service this layer two environment are in your data collection. The easiest way to to ensure that "enable auto mode" is checked in your Mode and Policy settings located under Campus Manager->Data Collection->Mode and Policy Settings. This will collect data from any device in the Device Credential Repository (DCR) that matches the range you specify below it. With ACS integration AND individual device authentication profiles you should get info from all of your devices.

m.sobolev Thu, 06/05/2008 - 05:09

1. Its not about ACS integration, I want to remove dead devices from "All devices".

2. Thanks! I think its that I need!

3. Syslog file of LMS is full of its own logs, but not the device generated strings.

4. Management mode is set to auto, and core switch is added to campus manager. I am afraid that its not supported by CM - its VSS1440...

By the way VSS is not supported in topology services, in netconfig and in a lot of more modules.

Correct Answer

1. Then you'll want to remove them from Common Services->Device and Credentials->Device Management, pop a csv list of up to about 50 devices in the selector search, select and delete.

3. Do you have syslog'ing enabled on the devices to the server ? Any intervening technology like NATs or firewalls ?

4. VSS -ICK! yes thats not supported by Ciscoworks right now. I heard about that last year in San Jose along with the sup 720b and thought CSR1's looked like a better solution.

m.sobolev Thu, 06/05/2008 - 08:43

1. Wow! Thanks, I have been searching it for eternity :)

2. Magically It works now, and I was able to create "automated action". But can you suggest me how to get full syslog messages history for single device?

3. No comments, I'll be waiting for support to come in next release...

m.sobolev Fri, 06/06/2008 - 09:30

One more question - How can I debug - why one of the CDP neighbors of seed device is not discovered? (double checked community, management range, etc...)

m.sobolev Fri, 06/06/2008 - 12:03

ОК, I found it! but now again stuck:

device was not discovered because its cdp management ip address is not reachable!

how could I change this address? to loopback address?

Correct Answer
Joe Clarke Fri, 06/06/2008 - 12:06

You will either need to establish a route so that the LMS server can reach this address, or, if the device is running new enough code, use the command:

cdp source-interface LOOPBACK_IF

Where LOOPBACK_IF is the loopback interface you want to use as your CDP source interface.

m.sobolev Fri, 06/06/2008 - 12:09

Thank you, this Catalyst is running 12.2(33)SXH2a - no cdp source-int, so I think I have to add this device manually...

m.sobolev Fri, 06/06/2008 - 12:10

BTW, Can you tell me then Cisco plans to add full support for VSS in CiscoWorks modules?

Correct Answer
Joe Clarke Fri, 06/06/2008 - 12:17

I'm not sure exactly what kind of support you're looking for, but we will be adding VSS support in Topology Services and User Tracking in Campus Manager 5.1 which will be part of LMS 3.1 due out July 1. That will complete our current VSS support plans as RME 4.1.1 already has VSS support.

m.sobolev Tue, 06/24/2008 - 11:23

Please tell me - is 3.1 is an upgrade for 3.0 or we'll have to purchase it?

Actions

This Discussion