UT only working on 3 devices?

Answered Question
Dec 22nd, 2009

Hi All,

1st question:

Where can I find the UTlite install package? I have LMS 4.2.


2nd Question:

My user tracking is only running and discovering 3 devices. All of my devices are in CiscoWorks, but for some reason, User Tracking only reports mac-addresses on 3 devices. I don't currently have UTLite installed on any PCs, so I don't expect to see any usernames, but I should see mac-addresses and Ips right? Is there a log file I can look at to determine why it is only looking at 3 devices? I have a total of 62 devices in CiscoWorks. General setup of the network is two 4507Rs as a "core" with 3750 stacks or 4506s which are both running at layer 2. My remote sites are just a 2801 connected via our MPLS connected to a 3750. The three devices that are showing in User Tracking, one is a router at a remote site, and the other two are at my main site. A 2801, a 2950, and a 3750. Everything else seems to work fine, CW pulls configs, collects inventory, etc. Thanks.


Here's the contents of the S:\Program Files\CSCOpx\log\ut.log

messages will remian logged to file: S:/PROGRA~1/CSCOpx/log\ut.log
2009/12/21 23:00:05 main MESSAGE ProcessInitializer: Properties will be read from S:\PROGRA~1\CSCOpx\campus\etc\cwsi\ut.properties
2009/12/21 23:00:12 main MESSAGE DBConnection: Created new Database connection [hashCode = 24585668]
PartialOrderNode tree dump: time base = VMPSMajor
<root>
    VMPSMajor: <root>
    VMPSMajor:     VMPSMajor.GetXMLData
    VMPSMajor:         VMPSMajor.PingSweep
    VMPSMajor:         VMPSMajor.PopulateFromDCR
    VMPSMajor:             VMPSMajor.GetBridgeTable
    VMPSMajor:             VMPSMajor.Sweep
    VMPSMajor:                 VMPSMajor.GetIpXlateTable
    VMPSMajor:                 VMPSMajor.GetIpv6XlateTable
    VMPSMajor:                     VMPSMajor.GenerateTable6
    VMPSMajor:                         VMPSMajor.GenerateTable
    VMPSMajor:                             VMPSMajor.PushPortConfigDetails


SMFunction evaluation order: time base = VMPSMajor
  VMPSMajor.GetXMLData  Major
  VMPSMajor.PingSweep  Minor
  VMPSMajor.PopulateFromDCR  Major
  VMPSMajor.GetBridgeTable  Minor
  VMPSMajor.Sweep  Major
  VMPSMajor.GetIpXlateTable  Minor
  VMPSMajor.GetIpv6XlateTable  Minor
  VMPSMajor.GenerateTable6  Major
  VMPSMajor.GenerateTable  Major
  VMPSMajor.PushPortConfigDetails  Major


Time base VMPSMajor has 6 major nodes and 3 minor traversals.


log4j:ERROR No appenders could be found for category (CTM.common).
log4j:ERROR Please initialize the log4j system properly.
In classlist loader
In classlist loader processing sub classes
updation done
In classlist loader completed
2009/12/21 23:00:25 main MESSAGE DBConnection: Created new Database connection [hashCode = 4736426]
Calling default
Subnet to SubnetData Map Size :92
2009/12/21 23:01:41 DBConnecton-Reaper MESSAGE DBConnection: Closed Database connection [hashCode = 4736426]
2009/12/21 23:01:41 DBConnecton-Reaper MESSAGE DBConnection: Closed Database connection [hashCode = 24585668]
2009/12/21 23:02:00 main MESSAGE DCRDevWrapper: Closing DCRProxy
2009/12/21 23:19:32 EvalTask-vmpsadmin-08 WARNING VmpsAdminSMFGetIpXlateTable: snmp error encounteredcom.cisco.nm.lib.snmp.futureapi.SnmpReqTimeoutException: SnmpRequestTimeout on 192.168.59.1 while performing SnmpWalk(*) at index = -1
2009/12/21 23:23:02 EvalTask-vmpsadmin-08 WARNING VmpsAdminSMFGetIpv6XlateTable: snmp error encounteredcom.cisco.nm.lib.snmp.futureapi.SnmpReqTimeoutException: SnmpRequestTimeout on 192.168.59.1 while performing SnmpWalk(*) at index = -1
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken to insert batch number 1 Seconds.
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken to update all records :::: 0 Seconds.
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken for the entire process:::: 0 Seconds.
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken to update neighbor attribute : 2 seconds.
2009/12/21 23:23:04 main MESSAGE DBConnection: Created new Database connection [hashCode = 14591848]
Rogue MAC properties loaded from file: S:\PROGRA~1\CSCOpx\campus\etc\cwsi\MACDetection.properties
EnableRogueMAC property value: false
RogueMAC Notification Email-ID:
EnableNewMAC property value: false
UnQualifiedMAC property value: false
Configured RogueMAC's:
Configured RogueOUI's:
Configured NonRogueMAC's:
Configured NonRogueOUI's:

Correct Answer by Joe Clarke about 7 years 2 months ago

That's the problem.  With SNMPv3, you must configure access to SNMPv3 vlan contexts in order for UT to get end hosts.  Unfortunately, this version of code does not support this.  You must upgrade to 12.2(25)SG1 code or higher to get this support.  When you do that, you will see the "show snmp context" command.  For each of the vlan-X contexts, you must configure:


snmp-server group gfcu v3 auth context vlan-X read myview


Then UT will be able to poll the switch for end hosts.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Joe Clarke Tue, 12/22/2009 - 08:20

UTLite can be found under NMSROOT/campus/bin.  Consult the Campus online help on how to set this up on the Windows end hosts.


As for the missing end host entries, when you say that all your devices are in LMS, are all of the switches managed by Campus Manager?  That is, when you look at the topology map, do you see all of your switches with green switch icons?  If not, you must make sure those switches are managed by checking your Campus filters, then running a new Campus Data Collection.


You must also make sure that none of your SNMP community strings contain '@'.  This will break UT.


Beyond that, you will need to post the show ver and show run of a switch not showing up in UT.  From that switch, also post the output of "show int status" and "show mac".  From the Campus server, post the NMSROOT/campus/etc/cwsi/portsData.xml and vlanData.xml files.

rtjensen4 Tue, 12/22/2009 - 08:42

Here's the requested data for one of the switches not showing up. This one happens to be a 4506.I verified that none of my devices have an '@' in the SNMP string, and that all the switches are showing as green icons on the topology map. Thanks.

Joe Clarke Tue, 12/22/2009 - 08:50

It looks like you're using SNMPv3, is that correct, or have you filtered the community strings out of the config?

rtjensen4 Tue, 12/22/2009 - 08:56

You are correct, we're using SNMP v3. The username / PW for it does not contain @ and CW has the correct credentials, it can poll other things via SNMP from the device.

Correct Answer
Joe Clarke Tue, 12/22/2009 - 09:00

That's the problem.  With SNMPv3, you must configure access to SNMPv3 vlan contexts in order for UT to get end hosts.  Unfortunately, this version of code does not support this.  You must upgrade to 12.2(25)SG1 code or higher to get this support.  When you do that, you will see the "show snmp context" command.  For each of the vlan-X contexts, you must configure:


snmp-server group gfcu v3 auth context vlan-X read myview


Then UT will be able to poll the switch for end hosts.

rtjensen4 Tue, 12/22/2009 - 09:05

Thanks! Darn SNMP v3 and its secure-ness....


So, for example, on one of my 3750s with 12.2(44) SE2, i could issue:

snmp-server group gfcu v3 auth context 150 read myview

for access to hosts on vlan 150 only?

Joe Clarke Tue, 12/22/2009 - 09:06

The context name is "vlan-150", but yes, that is the general idea.

rtjensen4 Tue, 12/22/2009 - 11:55

I added the following lines to my 4507R, which is considered the "Center" of my network, and re-ran user acquisition. As far as SNMP goes, it's configured the same. IOS is 12.2(53)SG1. I am still only seeing devices on those 3 devices.... hmm...


snmp-server group gfcu v3 auth read myview write myview notify myview

snmp-server group gfcu v3 auth context vlan-59 read myview
snmp-server group gfcu v3 auth context vlan-101 read myview
snmp-server group gfcu v3 auth context vlan-102 read myview
snmp-server group gfcu v3 auth context vlan-103 read myview
snmp-server group gfcu v3 auth context vlan-104 read myview
snmp-server group gfcu v3 auth context vlan-105 read myview
snmp-server group gfcu v3 auth context vlan-106 read myview
snmp-server group gfcu v3 auth context vlan-110 read myview
snmp-server group gfcu v3 auth context vlan-111 read myview
snmp-server group gfcu v3 auth context vlan-112 read myview
snmp-server group gfcu v3 auth context vlan-113 read myview
snmp-server group gfcu v3 auth context vlan-121 read myview
snmp-server group gfcu v3 auth context vlan-131 read myview
snmp-server group gfcu v3 auth context vlan-141 read myview
snmp-server group gfcu v3 auth context vlan-151 read myview

snmp-server group gfcu v3 auth context vlan-250 read myview
snmp-server group growsnmp v3 auth notify *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF0F
snmp-server view myview internet included
snmp-server host 192.168.59.242 version 3 auth growsnmp


HQ_Core_4507R#sh snmp context
vlan-1
vlan-59
vlan-101
vlan-102
vlan-103
vlan-104
vlan-105
vlan-106
vlan-110
vlan-111
vlan-112
vlan-113
vlan-121
vlan-131
vlan-141
vlan-151
vlan-250
vlan-501
vlan-502
vlan-503
vlan-800
vlan-1002
vlan-1003
vlan-1004
vlan-1005

Joe Clarke Tue, 12/22/2009 - 12:30

Post the full show run from this switch as well as the "show int status" and "show mac".

Joe Clarke Tue, 12/22/2009 - 12:42

It looks like you removed your portsData.xml and vlanData.xml attachments.  I need to see those as well.

rtjensen4 Tue, 12/22/2009 - 12:43

Whoops, just trying to remove unnecessary info. here they are:

Joe Clarke Tue, 12/22/2009 - 12:48

Campus does not think the switch has any access ports.  This could be due to a bad SNMP configuration in DCR.  Verify that your SNMPv3 configuration in DCR is correct, and that the SNMPv3 username configured in DCR is in the gfcu group.  Then run a new Campus Data Collection so the XML files will get regenerated.  Then run a new UT major acquisition.

rtjensen4 Tue, 12/22/2009 - 12:53

Ok, I have verified that the username is in the right snmp group. One thing I noticed, when I went into data collection settings on CM, it was set to poll only Critical Devices, but when I hit "Show Devices", it threw an alert saying "There is no devices in Crtical poller.". I change it to "All Devices" and its running again now. Thanks for your help.

Joe Clarke Tue, 12/22/2009 - 12:56

The device poller has nothing to do with Data Collection.  When I say start a new Data Collection, I mean go to the Campus Manager homepage, and click the Start Data Collection link.  Run a new Data Collection for all devices.

rtjensen4 Wed, 12/23/2009 - 11:41

Hi Joe,

I added those lines to all my switches and re ran data collection and UT Tracking, Now i'm seeing 600 hosts. YAY! THanks. One thing I noticed is that the MAC addresses are being reported, but the IP addresses aren't. Is there somthing similar that needs to be added to my routers to allow CM to match the ARP tables?

Resolution is working for my main location which uses layer 3 switches, but my branch location switches are only showing mac addresses, no IPs. The branches are setup with a 2801 connected via a 802.1q trunk to a 3750. the 2801 uses sub interfaces to route between the voice and data VLANs. Thanks for your help!

Joe Clarke Wed, 12/23/2009 - 11:44

You must make sure that each of the routers are properly managed by Campus, and show up with green router icons on the map.  They must also have their ARP tables populated with the MAC addresses showing up in UT, and you must not have an SNMP view applied which blocks the ipNetToMediaTable.  Beyond that, nothing is required to allow for UT to poll the ARP tables.

rtjensen4 Wed, 12/23/2009 - 12:16

Hmm... that may be the issue. On the Visual Map, all my headquarters devices show up, but none of my branch locations do. Everything is connected via MPLS. The devices show up in the Device Selector if I go to Campus -> All Devices... Where do I look to start troubleshooting that? Does CW recognize that the devices at my branch locations are not physically attached to other managed devices?

Joe Clarke Wed, 12/23/2009 - 12:24

Campus uses CDP to build the topology map.  If you are running MPLS, CDP won't work.  Therefore, your branches will be disconnected.  Even so, as long as the devices are in DCR, Campus will manage them.  You should see them either on the Layer 2 View or the Unconnected Devices View.  If they are not showing up, then make sure you don't have any Data Collection filters applied that would keep them from being managed.

rtjensen4 Wed, 12/23/2009 - 12:33

All the devices show up in either Layer 2 View OR Unconnected Devices view. I'm trying to determine why 3 of the routers are showing up in the unconnected group. They have CDP enabled and no SNMP filters on them. Maybe I will just remove them and re-add them. Thanks for your help

Joe Clarke Thu, 12/24/2009 - 09:47

For devices to be connected, they must have CDP neighbors which are also managed by Campus Manager.  Make sure the routers' neighbors are in DCR with proper SNMP credentials.

Actions

This Discussion