LMS devices config management

Unanswered Question
Oct 21st, 2008

Hi,

i implemented LMS 2.6. I need to configure devices configuration management:Scheduled backup, ...Please can you help about steps on LMS and CLI commands on Routers to accomplish this task?

Thanks in advance,

Edy

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Tue, 10/21/2008 - 12:34

Scheduled Backup has nothing to do with device configuration management. A scheduled backup backs up the LMS data from all applications. Do you want to configure this, or do you want to setup RME to periodically archive the configurations from your devices?

edy-khalife Tue, 10/21/2008 - 12:40

please i want to setup RME to periodically archive the configurations from my devices.

Joe Clarke Tue, 10/21/2008 - 14:09

Go to RME > Admin > Config Mgmt > Collection Settings, and enable both the polling and the collection jobs. Then, schedule each job type to run when you want. The recommendation is to run periodic polling jobs daily, and periodic collection jobs weekly.

edy-khalife Tue, 10/21/2008 - 14:31

and nothing should be enabled on the routers and switches ? (rcp, cdp,...?)

edy-khalife Wed, 10/22/2008 - 01:38

thanks i started see things. but can you help with the CLI command on ASA and Content Switch?

Joe Clarke Wed, 10/22/2008 - 09:03

What configuration tasks do you need to perform on these device types?

edy-khalife Wed, 10/22/2008 - 09:18

Hi,

i need to access ASA and CSS11503 config from LMS. As well back it up.

Joe Clarke Wed, 10/22/2008 - 09:23

I assume you already have telnet and/or SSH configured on these devices, then. To configure SNMP on the ASA, follow these steps:

http://www.cisco.com/en/US/docs/security/asa/asa71/system/message/logconf.html#wp1042030

To configure SNMP on the CSS, follow these steps:

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.10/configuration/administration/guide/SNMP.html#wp1015685

Then, you just need to configure your devices' SNMP community strings and telnet/SSH credentials in Common Services > Device and Credentials > Device Management. SNMP and telnet/SSH are sufficient to manage these two device types.

edy-khalife Fri, 10/24/2008 - 05:01

Hi,

i enabled scp and ssh from LMS.i am still having the following errors while retreiving the config file. please advise.

1. Firewall2 PRIMARY RUNNING Oct 24 2008 04:20:49 CM0056 Config fetch failed for Firewall 2 Cause: CM0204 Could not create

DeviceContext for 17 Cause: CM0206 Could not get the config transport implementation for 10.160.149.4 Cause: UNKNOWN Action:

Check if required device packages are available in RME. Action: Check if protocol is supported by device and required device

package is installed.

2. Firewall1 PRIMARY RUNNING Oct 24 2008 04:20:53 CM0056 Config fetch failed for Firewall1 Cause: CM0204 Could not create

DeviceContext for 7 Cause: CM0206 Could not get the config transport implementation for 10.160.149.2 Cause: UNKNOWN Action:

Check if required device packages are available in RME. Action: Check if protocol is supported by device and required device

package is installed.

3. Intrusion Prevention PRIMARY RUNNING Oct 24 2008 04:20:49 CM0056 Config fetch failed for Intrusion Prevention Cause:

CM0204 Could not create DeviceContext for 15 Cause: CM0206 Could not get the config transport implementation for 10.180.1.254

Cause: UNKNOWN Action: Check if required device packages are available in RME. Action: Check if protocol is supported by

device and required device package is installed.

Joe Clarke Fri, 10/24/2008 - 11:14

This indicates that you are missing a device package for your devices, or you have an installation problem. What are the sysObjectIDs from these three devices?

edy-khalife Fri, 10/24/2008 - 12:04

how i can check the sysObjectIDs? and how i can get a device package, and install it?

thanks

Joe Clarke Fri, 10/24/2008 - 12:06

You can use the SNMP Walk tool in Device Center with the starting OID of "sysObjectID". Device package updates can be downloaded from Common Services > Software Center > Device Update.

edy-khalife Fri, 10/24/2008 - 12:24

one clarification: on the routers and switches in rcp command there is user and passwoerd option.

but in ASA i don't find this option in scp command? can you advise?

Joe Clarke Fri, 10/24/2008 - 17:59

RCP does not require a password, just a username. Instead of a password you configure trusted hosts. SCP works just like SSH. You must provide both a username and a password. SCP is configured just like SSH on IOS, except you also need to add:

ip scp server enable.

edy-khalife Sat, 10/25/2008 - 02:05

hi the commands on ASA that i configured are:

ssh scp ennable

ssh "IP of LMS" inside

is there any command needed in addition?

the above command is for routers and switches.

Joe Clarke Sat, 10/25/2008 - 14:46

SCP is not supported for the ASA devices in RME. You can only use SSH or telnet to fetch the config from those devices.

edy-khalife Sun, 10/26/2008 - 00:56

so ssh "IP" only needs to be used and ssh scp enable should be removed?

edy-khalife Sat, 10/25/2008 - 06:59

i did the SNMP walkout, i got the following:

The following is a SNMP walk of device 10.160.149.2 starting from sysObjectID

SNMP Walk Output

--------------------------------------------------------------------------------

sysObjectID

RFC1213-MIB::sysObjectID.0 = OID: CISCO-SMI::ciscoProducts.672

what infos this give?

Joe Clarke Sat, 10/25/2008 - 14:53

This device should be supported. Go to Common Services > Software Center > Device Update, and click on the number next to Resource Manager Essentials. In the resulting pop-up, enter 1.3.6.1.4.1.9.1.672 in the text box. Search by SysObjectID. You should see a match. If not, you will have to update your RME packages.

Actions

This Discussion