Solved: UT only working on 3 devices?

rtjensen4 · ‎12-22-2009

Hi All,

1st question:

Where can I find the UTlite install package? I have LMS 4.2.

2nd Question:

My user tracking is only running and discovering 3 devices. All of my devices are in CiscoWorks, but for some reason, User Tracking only reports mac-addresses on 3 devices. I don't currently have UTLite installed on any PCs, so I don't expect to see any usernames, but I should see mac-addresses and Ips right? Is there a log file I can look at to determine why it is only looking at 3 devices? I have a total of 62 devices in CiscoWorks. General setup of the network is two 4507Rs as a "core" with 3750 stacks or 4506s which are both running at layer 2. My remote sites are just a 2801 connected via our MPLS connected to a 3750. The three devices that are showing in User Tracking, one is a router at a remote site, and the other two are at my main site. A 2801, a 2950, and a 3750. Everything else seems to work fine, CW pulls configs, collects inventory, etc. Thanks.

Here's the contents of the S:\Program Files\CSCOpx\log\ut.log

messages will remian logged to file: S:/PROGRA~1/CSCOpx/log\ut.log
2009/12/21 23:00:05 main MESSAGE ProcessInitializer: Properties will be read from S:\PROGRA~1\CSCOpx\campus\etc\cwsi\ut.properties
2009/12/21 23:00:12 main MESSAGE DBConnection: Created new Database connection [hashCode = 24585668]
PartialOrderNode tree dump: time base = VMPSMajor
<root>
    VMPSMajor: <root>
    VMPSMajor:     VMPSMajor.GetXMLData
    VMPSMajor:         VMPSMajor.PingSweep
    VMPSMajor:         VMPSMajor.PopulateFromDCR
    VMPSMajor:             VMPSMajor.GetBridgeTable
    VMPSMajor:             VMPSMajor.Sweep
    VMPSMajor:                 VMPSMajor.GetIpXlateTable
    VMPSMajor:                 VMPSMajor.GetIpv6XlateTable
    VMPSMajor:                     VMPSMajor.GenerateTable6
    VMPSMajor:                         VMPSMajor.GenerateTable
    VMPSMajor:                             VMPSMajor.PushPortConfigDetails

SMFunction evaluation order: time base = VMPSMajor
VMPSMajor.GetXMLData Major
VMPSMajor.PingSweep Minor
VMPSMajor.PopulateFromDCR Major
VMPSMajor.GetBridgeTable Minor
VMPSMajor.Sweep Major
VMPSMajor.GetIpXlateTable Minor
VMPSMajor.GetIpv6XlateTable Minor
VMPSMajor.GenerateTable6 Major
VMPSMajor.GenerateTable Major
VMPSMajor.PushPortConfigDetails Major

Time base VMPSMajor has 6 major nodes and 3 minor traversals.

log4j:ERROR No appenders could be found for category (CTM.common).
log4j:ERROR Please initialize the log4j system properly.
In classlist loader
In classlist loader processing sub classes
updation done
In classlist loader completed
2009/12/21 23:00:25 main MESSAGE DBConnection: Created new Database connection [hashCode = 4736426]
Calling default
Subnet to SubnetData Map Size :92
2009/12/21 23:01:41 DBConnecton-Reaper MESSAGE DBConnection: Closed Database connection [hashCode = 4736426]
2009/12/21 23:01:41 DBConnecton-Reaper MESSAGE DBConnection: Closed Database connection [hashCode = 24585668]
2009/12/21 23:02:00 main MESSAGE DCRDevWrapper: Closing DCRProxy
2009/12/21 23:19:32 EvalTask-vmpsadmin-08 WARNING VmpsAdminSMFGetIpXlateTable: snmp error encounteredcom.cisco.nm.lib.snmp.futureapi.SnmpReqTimeoutException: SnmpRequestTimeout on 192.168.59.1 while performing SnmpWalk(*) at index = -1
2009/12/21 23:23:02 EvalTask-vmpsadmin-08 WARNING VmpsAdminSMFGetIpv6XlateTable: snmp error encounteredcom.cisco.nm.lib.snmp.futureapi.SnmpReqTimeoutException: SnmpRequestTimeout on 192.168.59.1 while performing SnmpWalk(*) at index = -1
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken to insert batch number 1 Seconds.
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken to update all records :::: 0 Seconds.
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken for the entire process:::: 0 Seconds.
2009/12/21 23:23:04 main MESSAGE VmpsAdminSMFPushPortConfigDetails: Time taken to update neighbor attribute : 2 seconds.
2009/12/21 23:23:04 main MESSAGE DBConnection: Created new Database connection [hashCode = 14591848]
Rogue MAC properties loaded from file: S:\PROGRA~1\CSCOpx\campus\etc\cwsi\MACDetection.properties
EnableRogueMAC property value: false
RogueMAC Notification Email-ID:
EnableNewMAC property value: false
UnQualifiedMAC property value: false
Configured RogueMAC's:
Configured RogueOUI's:
Configured NonRogueMAC's:
Configured NonRogueOUI's:

Joe Clarke · ‎12-22-2009

That's the problem. With SNMPv3, you must configure access to SNMPv3 vlan contexts in order for UT to get end hosts. Unfortunately, this version of code does not support this. You must upgrade to 12.2(25)SG1 code or higher to get this support. When you do that, you will see the "show snmp context" command. For each of the vlan-X contexts, you must configure:

snmp-server group gfcu v3 auth context vlan-X read myview

Then UT will be able to poll the switch for end hosts.

View solution in original post

Joe Clarke · ‎12-22-2009

UTLite can be found under NMSROOT/campus/bin. Consult the Campus online help on how to set this up on the Windows end hosts.

As for the missing end host entries, when you say that all your devices are in LMS, are all of the switches managed by Campus Manager? That is, when you look at the topology map, do you see all of your switches with green switch icons? If not, you must make sure those switches are managed by checking your Campus filters, then running a new Campus Data Collection.

You must also make sure that none of your SNMP community strings contain '@'. This will break UT.

Beyond that, you will need to post the show ver and show run of a switch not showing up in UT. From that switch, also post the output of "show int status" and "show mac". From the Campus server, post the NMSROOT/campus/etc/cwsi/portsData.xml and vlanData.xml files.

rtjensen4 · ‎12-22-2009

Here's the requested data for one of the switches not showing up. This one happens to be a 4506.I verified that none of my devices have an '@' in the SNMP string, and that all the switches are showing as green icons on the topology map. Thanks.

Joe Clarke · ‎12-22-2009

It looks like you're using SNMPv3, is that correct, or have you filtered the community strings out of the config?

rtjensen4 · ‎12-22-2009

You are correct, we're using SNMP v3. The username / PW for it does not contain @ and CW has the correct credentials, it can poll other things via SNMP from the device.

Joe Clarke · ‎12-22-2009

That's the problem. With SNMPv3, you must configure access to SNMPv3 vlan contexts in order for UT to get end hosts. Unfortunately, this version of code does not support this. You must upgrade to 12.2(25)SG1 code or higher to get this support. When you do that, you will see the "show snmp context" command. For each of the vlan-X contexts, you must configure:

snmp-server group gfcu v3 auth context vlan-X read myview

Then UT will be able to poll the switch for end hosts.

rtjensen4 · ‎12-22-2009

Thanks! Darn SNMP v3 and its secure-ness....

So, for example, on one of my 3750s with 12.2(44) SE2, i could issue:

snmp-server group gfcu v3 auth context 150 read myview

for access to hosts on vlan 150 only?

Joe Clarke · ‎12-22-2009

The context name is "vlan-150", but yes, that is the general idea.

rtjensen4 · ‎12-22-2009

I added the following lines to my 4507R, which is considered the "Center" of my network, and re-ran user acquisition. As far as SNMP goes, it's configured the same. IOS is 12.2(53)SG1. I am still only seeing devices on those 3 devices.... hmm...

snmp-server group gfcu v3 auth read myview write myview notify myview

snmp-server group gfcu v3 auth context vlan-59 read myview
snmp-server group gfcu v3 auth context vlan-101 read myview
snmp-server group gfcu v3 auth context vlan-102 read myview
snmp-server group gfcu v3 auth context vlan-103 read myview
snmp-server group gfcu v3 auth context vlan-104 read myview
snmp-server group gfcu v3 auth context vlan-105 read myview
snmp-server group gfcu v3 auth context vlan-106 read myview
snmp-server group gfcu v3 auth context vlan-110 read myview
snmp-server group gfcu v3 auth context vlan-111 read myview
snmp-server group gfcu v3 auth context vlan-112 read myview
snmp-server group gfcu v3 auth context vlan-113 read myview
snmp-server group gfcu v3 auth context vlan-121 read myview
snmp-server group gfcu v3 auth context vlan-131 read myview
snmp-server group gfcu v3 auth context vlan-141 read myview
snmp-server group gfcu v3 auth context vlan-151 read myview

snmp-server group gfcu v3 auth context vlan-250 read myview
snmp-server group growsnmp v3 auth notify *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF0F
snmp-server view myview internet included
snmp-server host 192.168.59.242 version 3 auth growsnmp

HQ_Core_4507R#sh snmp context
vlan-1
vlan-59
vlan-101
vlan-102
vlan-103
vlan-104
vlan-105
vlan-106
vlan-110
vlan-111
vlan-112
vlan-113
vlan-121
vlan-131
vlan-141
vlan-151
vlan-250
vlan-501
vlan-502
vlan-503
vlan-800
vlan-1002
vlan-1003
vlan-1004
vlan-1005

Joe Clarke · ‎12-22-2009

Post the full show run from this switch as well as the "show int status" and "show mac".

rtjensen4 · ‎12-22-2009

File is show run, show int status, and show mac

Joe Clarke · ‎12-22-2009

It looks like you removed your portsData.xml and vlanData.xml attachments. I need to see those as well.

rtjensen4 · ‎12-22-2009

Whoops, just trying to remove unnecessary info. here they are:

Joe Clarke · ‎12-22-2009

Campus does not think the switch has any access ports. This could be due to a bad SNMP configuration in DCR. Verify that your SNMPv3 configuration in DCR is correct, and that the SNMPv3 username configured in DCR is in the gfcu group. Then run a new Campus Data Collection so the XML files will get regenerated. Then run a new UT major acquisition.

rtjensen4 · ‎12-22-2009

Ok, I have verified that the username is in the right snmp group. One thing I noticed, when I went into data collection settings on CM, it was set to poll only Critical Devices, but when I hit "Show Devices", it threw an alert saying "There is no devices in Crtical poller.". I change it to "All Devices" and its running again now. Thanks for your help.