02-10-2009 10:25 AM
During Config Archive, I'm encountering the following error when trying to connect using RME to a Cisco Catalyst 6513 FWSM.
"CM00139 Could not archive config, Cause: Action: Verify that device is managed and credentials are correct. Increase timeout value, if required."
I ran the credential verification using both the ssh protocol and the "SSH Enable Mode User Name and Password" check. It passes the protocol check, but fails with "Enable username credential missing." However, I do have the enable password set in device management/edit device credentials.
thanks
Bruce
Solved! Go to Solution.
02-15-2009 11:34 AM
So your problems with the FWSM fetch are now resolved?
02-10-2009 10:43 AM
There is a problem entering enable mode. In order to fetch the config from an FWSM, RME must be able to enter enable mode, enter config mode, configure "no pager", then exit config mode. Can the credentials specified in DCR perform these steps? Try to perform those steps manually. what does the transaction look like?
02-10-2009 11:06 AM
to answer the question about the credentials that are in DCR, yes...the account that i'm using is able to enter enable mode, config mode and then is able to make the change to "no pager"...
I'm not clear what you mean by "what does the transaction look like".
Bruce
02-10-2009 11:18 AM
From the LMS server, connect to the FWSM with SSH using the same credentials that are configured in DCR. Enter enable mode using the same enable password that is in DCR. Run the command "show pager". Then enter config mode, and configure "no pager". Then exit config mode. What does that transaction look like?
02-10-2009 11:23 AM
login as:
Type help or '?' for a list of available commands.
FWSM> en
Password: ****
FWSM# sho pager
no pager
FWSM>#
so, as you can see, from the LMS server, ssh to the FWSM is working...and works when you do the credentials check within RME...but, config arch is bombing on me...
bruce
02-10-2009 11:29 AM
You missed a step. You need to go into configure mode, and type "no pager". Also, enable ArchiveMgmt Service debugging under RME > Admin > System Preferences > Application Loglevel Settings, perform another Sync Archive to this FWSM, and post the dcmaservice.log.
02-10-2009 12:43 PM
sorry...i took from the show pager, that no pager was already set (from previously running the command). here is the output from the command:
fwsm> config t
fwsm(config)# no pager
fwsm(config)# exit
fwsm># sho pager
no pager
after setting debug mode, i ran the config arch again, and attached is the output fo the dcmaservice.log from that run...I didnt want to include it all (WAY too much)....
02-10-2009 06:35 PM
The problem is in your use of privilege levels. RME is expecting enable level to be 15, but you are currently at privilege level 2. That said, you appear to be hitting a code path that should be impossible. What patches have you applied to LMS?
02-10-2009 06:49 PM
"code path" not sure what you mean...I have applied no patches to LMS since installation. Im running LMS Portal 1.1.0, RME 4.2.0, CV 6.1.8, CM5.1.0, DFM 3.1.0
02-10-2009 06:53 PM
Nevermind, I found the problem. I can provide a patch if you want to test it. You will need to open a TAC service request to get it.
02-10-2009 06:56 PM
absolutely...I'll have to get approval before applying it, but give me the bug fix number and i'll vet it out thru my leadership and get the tac case submitted...is it an LMS issue or a firewall issue? that will point me to which way i need to submit the tac case...
thanks J
02-10-2009 07:28 PM
I don't have a bug yet. I'll file the bug when I get confirmation that my fix is the right one. The problem is with the FWSM code in RME.
02-10-2009 07:30 PM
roger....shall i wait to hear back from you or submit the tac case now?
02-10-2009 07:33 PM
Open the case now. Your engineer can get the patch from me.
02-10-2009 07:35 PM
ok...thanks...am I a test platform then?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide