Hello,

thanks for the answer. I changed everything to HTTPS, but I couldn't get the config. The sync archive gives me always this error message:

demunkVcon-1 | PRIMARY RUNNING Jan 08 2007 10:09:53 | CM0210 Unable to generate processed config

I did a capture with the NAM module and I saw that cw2000 is communicating over SSL with the concentrator, but I can?t see what there are exactly doing. The sync archive generate just 30 packets what is a bit low for me.

Regards

Thomas

This error occurs after the config is fetched, but before it is archived. You should look at the dcmaservice.log for any relevant errors. This could be cause by bad characters somewhere in the config.

Hi Thomas,

could you fix this issue? I've got the some problem on our LMS 2.6.

Andr?

Are you running into the same errors as above? Any errors in the dcmaservice.log as jclarke mentions above?

This are the messages from the log file, but I'am not sure what this means.

[ So Jan 21 03:12:13 CET 2007 ],INFO ,[Thread-22447],com.cisco.nm.xms.xdi.pkgs.SharedDcmaVPN3000.analyzer.VPN3000ConfigFileReader,,70,VPN3000ConfigFileReader: org.xml.sax.SAXParseException: The root element is required in a well-formed document.

[ So Jan 21 03:12:13 CET 2007 ],ERROR,[Thread-22447],com.cisco.nm.rmeng.dcma.configmanager.DeviceArchiveManager,archiveNewVersionIfNeeded,1076,CM0210 Unable to generate processed config

[ So Jan 21 03:12:13 CET 2007 ],ERROR,[Thread-22447],com.cisco.nm.rmeng.dcma.configmanager.ConfigManager,updateArchiveForDevice,1261,Error archiving config for demunkVcon-1

[ So Jan 21 03:12:13 CET 2007 ],INFO ,[Thread-22447],com.cisco.nm.xms.xdi.pkgs.SharedDcmaVPN3000.analyzer.VPN3000ConfigFileReader,,70,VPN3000ConfigFileReader: org.xml.sax.SAXParseException: The root element is required in a well-formed document.

[ So Jan 21 03:12:13 CET 2007 ],ERROR,[Thread-22447],com.cisco.nm.rmeng.dcma.configmanager.DeviceArchiveManager,archiveNewVersionIfNeeded,1076,CM0210 Unable to generate processed config

[ So Jan 21 03:12:13 CET 2007 ],ERROR,[Thread-22447],com.cisco.nm.rmeng.dcma.configmanager.ConfigManager,updateArchiveForDevice,1261,Error archiving config for demunkVcon-2

regards

Thomas

your error message leads me to believe that there is a special character in the config that is causing its processing to fail. Can you check this? This may be related to bug CSCsa35538

Configuration fetch for VPN 3000 devices fails if there are characters like '<,''>' in the configuration file.

Workaround is to remove those characters from the configuratio file. For XML parsers these characters are the delimiters.

Check the following:

Check that XML export is enabled on your device:

1. Log on to: "_http://_ <http:///> VPN device-IP/"

2. Expand the Administration link. (At the left side)

3. Expand File Management link.

4. Click XML Export.

5. Give "running" as the - File Name.

6. Click ok.

To TFTP the configuration file to the server:

a) Click TFTP Transfer. (Administration > File Management > TFTP Transfer)

b) Concentrator File = running.

c) Action = (select) put.

d) TFTP Server=IP Address of "CiscoWorks-Server"

e) TFTP Server File= running (Before this create a file named "running" under

?NMSROOT\tftpboot", where NMSROOT corresponds to the installation path for CiscoWorks. By default this is C:\Progra~1\CSCOpx for Windows and /opt/CSCOpx for Solaris).

Then open the "running" file under "NMS ROOT\tftpboot" and check the configuration file,whether it has only the following contents

"

standalone="yes" ?>?.

If so, the issue is on device side.

I couldn't find any of this characters like '<,''>' in my config.....

Regards

Thomas

Do you run through the XML commands I listed?

hi,

The XML export is not working "Unable to export XML file. Disabled." is the meassage what I get. But I checked the original config file from the concentrator.

regards

Thomas