Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

LMS, CSM and ACS Integration Questions

Hi there,

I currrently have LMS 3.0.1 integrated with Cisco Secure ACS 4.1.4.


As well as using ACS for AAA, we have used ACS as our master device inventory doing a regular bulk-import from ACS into DCR using the Default Device Credentials.


This all works very nicely managing all our routers/switches, albeit need to consider upgrade to LMS 3.2 (but that's another topic )

I am now looking at deploying CSM 3.3.1 (seems to be the latest version available) for managing all our PIX and ASA devices.

I've been looking at the discussions and documentation on integration between these platforms and it would appear that CSM and LMS can be integrated into a Master/Slave relationship for DCR replication, and that CSM can be integrated with ACS in the same way as LMS as it shares the same common services architecture.

I can't see any real point in integration CMS/LMS into Master/Slave DCR when my "master" device store is ACS, therefore I've integrated CSM into ACS as I did for LMS and setup a similar bulk import and default device credentials.


This seems to be working fine, in that I can login to CSM using credentials from ACS and the CSM Device and Credentials list shows all my network devices imported from ACS.

Again I've logged into the CSM Client using credentials from ACS but I don't seem to be able to "import from DCR", the only option I have is to import from an export file from DCR.   The problem here is that the export file contains all the default device credentials which I don't want users to know.

Have I missed something?


Do I also need to install RME, if so where do I download RME 4.2 from as I only seem to be able to find RME 4.3.1 on Cisco Website which is seemingly too new.

Thanks
Michael

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: LMS, CSM and ACS Integration Questions

Ah, I think I understand what you're asking.  I do not support CSM, so I'm not sure exactly how importing devices from DCR into CSM works.  You might try asking that question on the Security > Network Management forum.

4 REPLIES
Cisco Employee

Re: LMS, CSM and ACS Integration Questions

CSM uses Common Services, so it has the same integration and import/export capabilities as LMS.  However, depending on the version of CSM, you may not have all of the same features as your see in LMS 3.0.1.  However, you should be able to do a bulk import from ACS.  The URL is:

http://SERVER/cwhp/dcr.device.management.do

The Bulk Import button should show you all of the options you see in LMS.

As for exporting, prior to LMS 3.2 (Common Services 3.3) the credentials were always exported.  CS 3.3 added support for just exporting the devices without credentials.

Community Member

Re: LMS, CSM and ACS Integration Questions

Thanks for that, I think I've setup the bulk import from ACS ok.

Are you saying the only way to import the devices into the CSM client is using an export file?

Unless I'm reading the CSM user guide incorrectly I thought there should be an "Add Device from DCR Wizard", I can't seem to find this anywhere?

Thanks

Michael

Cisco Employee

Re: LMS, CSM and ACS Integration Questions

Ah, I think I understand what you're asking.  I do not support CSM, so I'm not sure exactly how importing devices from DCR into CSM works.  You might try asking that question on the Security > Network Management forum.

Community Member

Re: LMS, CSM and ACS Integration Questions

Thanks - will post there.

484
Views
0
Helpful
4
Replies
CreatePlease to create content