Cat 6513 FWSM and CiscoWorks RME/CS

Answered Question
Jan 23rd, 2009
User Badges:

Hey folks,


I'm in a bit of a quandrie here...


I'm trying to archive the config from a 6513 FWSM, it is bombing out with an SNMP error…I was under the impression that I could merely use SSH to perform the archive…The error is implying, that at least once, works needs to inventory the FWSM using SNMP, is that the case, or should I just be able to config the credentials in CS and then connect using SSH…maybe I've missed something??

Correct Answer by Joe Clarke about 8 years 5 months ago

No. RME relies on being able to periodically poll managed devices for inventory information. SNMP is a requirement throughout the management lifetime of a device.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Joe Clarke Fri, 01/23/2009 - 12:25
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

ALL devices must be configured for SNMP before LMS can manage them. Therefore, you will need to configure the FWSM for SNMP. Once the FWSM has been managed, and RME has it in a Normal state, then you can archive the config. Config archive for the FWSM will happen with either telnet or SSH depending on your chosen protocol order.

Bruce Summers Fri, 01/23/2009 - 17:29
User Badges:

understood and thats what i was afraid of...


Let me ask this question...If after it has been inventoried and in a normal state, can snmp then be removed and merely archive the configs using telnet/ssh???

Correct Answer
Joe Clarke Fri, 01/23/2009 - 17:50
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

No. RME relies on being able to periodically poll managed devices for inventory information. SNMP is a requirement throughout the management lifetime of a device.

Bruce Summers Fri, 01/23/2009 - 18:00
User Badges:

let me ask this last question..If I'm not concerned about periodically polling to update the inventory, would it be feasible to remove the SNMP config and merely connect using SSH to archive the config? I have been told, and I havent found it anywhere yet, that SNMPV3 is not supported on the FWSM's...

Joe Clarke Fri, 01/23/2009 - 18:05
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

No, SNMPv3 is not supported on the FWSMs, PIX, or ASA devices. However, neither is SNMP read-write. You must keep SNMP enabled, but it's not like that can be used to change anything. The most one could gain is information. That can be limited by only allowing the LMS server to poll the FWSM via SNMP.

Actions

This Discussion