ACS Engine /Appliance Monitoring and Management

Unanswered Question
Sep 20th, 2010
User Badges:

Dear Frdz ,


I have been using Cisco ACS appliance version 4.1 and I would like to enable the SSH and SNMP monitoring .

What I have seen ,Our Cisco ACS appliance doent show the SNMP configuration option and aslo would like to enable the SSH for CLI access as our current console switch is not supporting .Please guide me how to enable SSH and SNMP features ..


Thanks in advance


Regards ..

Manik Palekar

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Tue, 09/21/2010 - 13:52
User Badges:
  • Gold, 750 points or more

SSH should be enabled by default. But you can not do much thing with SSH session.

You can configure SNMP in System Configuration ->Appliance Configuration.

manik.palekar Tue, 09/21/2010 - 17:14
User Badges:

Thanks for your reply ..


I had tried to connect ACS appliances through putty SSH but it did not work .Do we need to enable ssh through CLI ?


System Configuration ->Appliance Configuration => Under this setting i dont see the SNMP configuration option .


Regards ..

Manik Palekar

Yudong Wu Tue, 09/21/2010 - 22:20
User Badges:
  • Gold, 750 points or more

It is listed in end user guide for SNMP support. Not sure why yours don't show it.

http://www.cisco.com/en/US/partner/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/SCBasic.html#wp288031


For SSH, I don't think there is a command to enable/disable it. Basically, there is only several commands you can use via SSH. What's the purpose for you to use it?

manik.palekar Wed, 09/22/2010 - 18:03
User Badges:

I am also not able to find what could have caused with SNMP tab option ...but I found same issue on cisco community ..following is the suggestion and iam not sure how to ensure these things ...


SSH I need to get the tech support file as I am not able to download the support file from WEB interface also I need it  for resource monitoring ..



#############################################################################################################

Probably you have an appliance that was not re-imaged with 3.3.3 CD, where SNMP was introduced and to have SNMP option, it was necessary to re-image. And you made all the remote upgrades and reached from 3.x to version 4.1.4.13.3 on your ACS SE.


To get this option,

- Take a backup of the database

- re-image ACS SE with 4.1.1.x recovery Cd for the appropriate platform, and then upgrade it to version 4.1.4, and then apply patch 3

- Restore the backup


https://supportforums.cisco.com/message/850213

################################################################################################################3

Yudong Wu Thu, 09/23/2010 - 08:09
User Badges:
  • Gold, 750 points or more

Hi Manik, Re-imaging ACS appliance is always a last resort for the issue like this. Since we do know your ACS version should support SNMP but you could not see it in GUI, you'd better to re-image it. Re-image could fix the issue of not getting support file as well.


SSH don't give you much command to run. here is what I got

acs-1113-2> help
Command                  Description
----------------------------------------------------
?                    List commands
exit                 Log off
help                 List commands
csdbsync -syncnow    RDBMS synchronization


So basically, you can only run some RDBMS sync commands via SSH.

manik.palekar Thu, 09/23/2010 - 18:11
User Badges:

Hi Yudong ..


I do agree ..command line access will not help out more rather than basic network configuration ..but this is a only way to setup a appliance from remote location...

@ SNMP configuration ,Below are the current ACS appliance version details .base image 3.3.1.6 doesnt support SNMP features ..? what version does it support ..? plz do one favor me ...send me a link how to upgrade the base image ...


Cisco Secure ACS: 4.1.1.23
Appliance Management Software: 4.1.1.23
Appliance Base Image: 3.3.1.6


Regards ..

Manik Palekar

Yudong Wu Thu, 09/23/2010 - 21:22
User Badges:
  • Gold, 750 points or more

Hi Manik,

ACS started to support SNMP since version 3.3.3.11.

Your appliance was probably upgraded to 4.1 from 3.3.1.6.

You will need ACS 4.1 Recovery CD to re-image your appliance.

Recovery-CD is not downloadable from CCO. You have to open a TAC case and ask TAC engineer to publish it to you.

You need tell TAC engineer what kind of ACS appliance you have.

Before doing re-image, please do a backup first.

Actions

This Discussion