i have installed LMS application onas follows;
Server 1:DFM and CM (DCR Server)
Server 2:RME (DCR Slave)
Server 3:IPM (DCR Slave)
Server 4:CV. (DCR Slave)
There are the issues:
1. There`re more than 3,000 devices in the network,but it can only discover less than 30% of it.
2.There are several duplicates of the devices that in the DCR Master and also the devices managed by RME.
3. IPM is not managing any device despite the fact that it can see the devices from the DCR master.
4.CV(CiscoView) is not managing any device despite the fact that it can see the devices from the DCR master.
5. RME could not archive the configs of many of the devices.
6. Syslog alerts is not working despite the fact that RSC has been installed on Server 1 to send syslog messages to Server 2 for RME Syslog analyzer to analyse.
SNMP,Syslog and CDP have been configured on all devices.
Someone should please help me with what to do for this solution to run successfully.
Thanks in advance.
A few questions and a suggestion or two follow
1. What version of LMS ?
2. What OS and what system specs ? (CPU, RAM, disk)
3. Integrated with ACS, external authentication or local authentication ?
4. Hostname or IP address to manage your devices.
5. How many devices are you licenced for ?
Its at least version 2.5 since thats the first version you can split out the apps on multiple boxes. Of course Common Services is installed on each box.
I would suggest that you modify your application distribution so that Campus and DFM are on thier own boxes and not trying to cohabitate, as they are both resource hogs. If you put DFM on Server 4 you should be golden. I've found that RME works best when it and RME are installed on the same box when you're clustering.
Cisco view has virtually no impact on what ever box you put on it so it really doesnt need its own sandbox so why not put it on all boxs ? you can choose if you show it to your users via registered apps.
"I've found that RME works best when it and RME are installed on the same box when you're clustering."
I've found that RME works best when it and the DCR master are on the same box when you're clustering.
can you please explain this statement: "I've found that RME works best when it and the DCR master are on the same box when you're clustering"
I don`t really understanding what you meant and also please kindly give a break down, e.g. Server 1 ....., Server 2 .......,Server 3 ....,etc.
Thanks for you advice and reply,cheers.
Common Services is where the inventory of all the device credentials are maintained as of V3.0 and has to be installed on each member of the cluster. One CS installation is the "Master" otherewise known as the "Device Credential Depository(DCR) Master". Resource Manager Essentials (RME) is the heaviest subscriber of the services provided by the DCR so if both of them reside on the same box, the responce time is quicker rather than traveling up and down the OSI stack a couple of times to get an answer for a query.
Here's what I'm suggesting for your application layout PROVIDED that you have sufficient CPU, RAM and Disk to support it. A single processor, 1 GB of ram and 720 MB of disk just wont cut it.
Server 1. CS and RME and CV
Server 2 CS and Campus and CV
Server 3 CS and DFM and CV
Server 4 CS and IPM and CV
you swept me of my feet with your response.
ARE YOU SAYING THAT IF I HAVE "A single processor, 1 GB of ram and 720 MB of disk just wont cut it.". iT WON`T WORK ?
I deeply appreciate it, I will like to know you more beyond this techie thing,you`re a good man,cheers.
1. LMS version 3.0
2. OS windows 2003 server with SP4
3. No external or local authentication
4. Ip address to manage the devices
5. The Licence is for 5000 devices.
Please note i need to receive syslog messages and SNMP traps messages and since this is done by different applications, how do i go about it.
2. Hardware ? Single Dual quad processors ? How much RAM per box ? Swap size ?
3. So you are using the built in Ciscoworks local internal application authentication, authorization and accounting.
RME and DFM are the only apps that need Syslog and SNMP traps, just create a Netconfig job to add them as destinations to all of your devices.
I deeply appreciate your prompt reply,thanks alot.
Another question i will like to ask is how do i resolve this "syslog messages and SNMP traps messages".
In my network,all the devices have been configured to send both syslog messages and SNMP traps messages to x.x.x.125.
But now I have the RME and DFM apps on separate boxes,e.g. Server 1: RME and CiscoView, Server 4: DFM. Since Server 1 is my DCR master and has an IP Address of x.x.x.125. How do i tell the application to forward SNMP traps to DFM.
Secondly, kindly explain what you meant by this statement "just create a Netconfig job to add them as destinations to all of your devices."
Thanks once again,cheers.
Dont use the application to forward traps, configure your devices to send it directly to each box. Otherwise use a trap exploder.
Resource Manager Essentials -> Config Management-> Netconfig
you`re the bomb,i highly respect your technical know how.
One more thing, how to i get a trap exploder.
Is this part of any of the LMS application? If yes which one please. If no, do you know if any trap exploder that you have test on LMS apps has working? Can you recommend it.
Please reply, I deeply appreciate,cheers.
I still await your reply as per the SNMP trap exploder so that devices can send SNMP traps to DFM. Which one do you recommend and how do I configure it.
here is the application distribution:
Server 1: RME and Cisco View(DCR Master)
Server 2: IPM
Server 3: CM
Server 4: DFM
Is this ok? Will it resolve most, if not all my problem as listed in my post?
Please kindly respond,c heers.
Its just the start of getting things to work.
Next thing you have to do is ensure your SSO PKI certificates from each server are installed on the others.
Then you need to ensure that you have established a common account on all 4 servers.
Then you need to check to see if each of your CS installations knows about all the others via the DCRCLI command "lsmode" which should give you an output that looks something like this :
DCR ID: prolnm01-DCR-1704183
DCR GROUP ID: Group1704183
DCR Mode is Master. Registered Slaves are:
DCR Slave ID:prolnm04-DCR-5882137 URL:prolnm04:443
DCR Slave ID:prolnm02-DCR-6222760 URL:prolnm02:443
DCR Slave ID:prolnm03-DCR-8897654 URL:prolnm03:443
Then log into each server via the GUI and check under Common Seervices-> Admin->Mode Settings for something that looks like this:
Current Mode: Slave
Master Hostname: prolnm01
Master Certificate: Valid
Master Server is reachable.
Thats the begining, once you confirm that I can describe the rest
I have done as stated above and I got the a good result just like as stated above.
Can you please advice on what next to configure/enable on each apps for LMS to work.
Thanks in advance,cheers.
On each server GUI go to Common Services -> Device and Credentials->->Group Customization and change User Defined Groups-> to "show (opick one its a personal choice) from "All Peer Ciscoworks Servers"
So now add an instance of Ciscoview to your Master server from each of your slave servers (I always use this app for this purpose as its quick)
Server-> Home Page Admin-> Aplication Registration->Register->Import from other servers-> (fill in the info for your slave server and pick Ciscoview to register)
Now you can use the device selector instance in ciscoview to see if the applications actually will have access to the contents of the DCR.
Now for the devices:
Ensure that all of your devices have CDP enabled on them. To ensure consistancy of what your system is discovering, use the following commands in global configuration mode:
cdp source-interface type number pick something for each type of device that works for you , it should also be the identity of the device in Ciscoworks
logging source-interface should be the same as the as the cdp source-interface
Make sure that SNMP Read and Read Write community strings for each device are configured the same as they exist in the Ciscoworks inventory.
This should take care of the simple items.
What technologies connect your devices ? Are they all local LAN ? Some across WAN links (frame-relay, ATM, Metro Ethernet, etc) ? Some techniologies do not pass CDP so you have to specify correctly configured devices in each isolated area as seed devices, you only need one for Ciscoworks to find most of the rest, it gets better the more longer it runs.
For IPM issues you must be running an IOS version that supports it and have either "ip sla enable" or "rtr enable" in thier configuratuions prior to them being put into that application. Be aware that IPM for 3.0 only supports a total of 1,000 devices per instance. IPM for 3.01 supports 5,000 devices per instance.
To make sure that syslog messages are getting to your RME server, search for the file syslog_info
i cannot thank you enough for this insightful comments you have made.
1.All the devices have CDP enabled,though i have some non-Cisco devices too.
2.Do i need to open any port on the firewall for all the LMS apps to work?
3. Some of the devices are on LAN while some are across the WAN
4. What are the things I need to configure on each app, your comments/advice/suggestion are highly needed here, PLEASE.
Thanks for your timely reply,cheers.
1. LMS can only manage the cisco devices
2. Yes you can fin them here http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/3.1/install/guide/prereq.html#wp1075786
Server to device, device to server are the items you need from the table.
3. Then I would add in at least one device from each remote location across the wan in your discovery.
4. Campus (or CS if you have installed the Demcember update) you need to configure your discovery with your current RO community string as well as seed devices (remember 1 from each remote across the wan area)
I deeply appreciate everything you`ve done for me on this LMS issues.
I will let you have an update on this.
Can you please let me have your e-mail address or better still send me a to firstname.lastname@example.org.
I really want to know you beyond the techie thing,thanks alot,cheers.
I have done as stated in this thread, I manually seeded in the DCR but am still getting duplicate devices. Secondly, the DCR Master cannot import the certificate of one of the three slaves,precisely DFM application. Wwhat do you think have done wrong.
If after rectifying these problems, what are the next things I need to do.