12-02-2013 05:20 AM
Hello
I'm having a look at getting wired User Tracking working on Prime 2.0. I checked that it is supported in the following link:
http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps12239/guide_c07-729089.html
I'm having a problem getting dynamic user tracking working for wired non-802.1x clients. The switches are configured for mac-notification traps and the config works fine for LMS.
Another LMS User Tracking feature I'd link to get working in Prime 2.0 is CUCM intergartion where Prime would pull IP Phone extensions/names etc from CUCM.
Are either of these User Tracking features supported in Prime 2.0 (or at least roadmapped) or should I stick with LMS 4?
Thanks
Andy
Solved! Go to Solution.
12-02-2013 09:40 AM
I checked another PI I have in production with a more dynamic environment and it appears to update wired clients on the polling cycle (2 hours default).
I think if you check the box under Administration > Client > Client Discovery it should poll based on receiving the traps. That feature is not enabled by default. See the tool tip in the screen shot below.
12-02-2013 07:02 AM
I am gettng good non-802.1x wired user tracking info. see the screenshot below (click to expand).
I don't have a CM so I can't comment on that bit.
Row 1 in the screenshot, for example, is confirmed with the following CLI output:
User_Access#sh run int fa1/0/41
Building configuration...
Current configuration : 177 bytes
!
interface FastEthernet1/0/41
description user access
switchport access vlan 10
switchport mode access
snmp trap mac-notification change added
spanning-tree portfast
end
User_Access#sh mac address-table | i 1/0/41
10 000f.b58e.3732 DYNAMIC Fa1/0/41
User_Access#sh inv
NAME: "1", DESCR: "WS-C3750-48P"
PID: WS-C3750-48PS-S , VID: V10 , SN: FDO1425X2M9
User_Access#sh ver | i bin
System image file is "flash:/c3750-ipservicesk9-mz.122-55.SE5.bin"
User_Access#
12-02-2013 07:14 AM
Thanks for the reply Marvin. I am getting user tracking info for wired non-802.1x clients but this is only through Prime's scheduled polling of the switches. Is your User Trackinfgi info dynamic? ie when you patch a new client into a switch does the switch generate an snmp trap that Prime 2.0 will disply in its user Tracking list (without waiting for the next scheduled polling)?
Thanks
andy
12-02-2013 09:12 AM
Good question. I don't know offhand but I'll check that the next time I am in the lab physically.
12-02-2013 09:40 AM
I checked another PI I have in production with a more dynamic environment and it appears to update wired clients on the polling cycle (2 hours default).
I think if you check the box under Administration > Client > Client Discovery it should poll based on receiving the traps. That feature is not enabled by default. See the tool tip in the screen shot below.
12-02-2013 10:38 AM
Thanks for that. I'm out the office for a few days and I'll try that on my return.
Cheers
Andy
12-04-2013 05:37 AM
I enabled "Poll clients when client traps/syslogs received" in Prime and tested switches by deleting the dynamic macs from them to generate traps. Tried this on various switches/ios versions:
Switch 1: WS-C2960-24PC-L c2960-lanbasek9-mz.122-55.SE6.bin
Switch 2: WS-C2960-48PST-L c2960-lanbasek9-mz.122-52.SE.bin
Switch 3: WS-C2950T-24 c2950-i6k2l2q4-mz.121-22.EA14.bin
All the switches above are configured for ip dhcp snooping and work well with lms3.2 for dynamic user tracking. Not sure why 2 of the switches don't display IP addresses in Prime - will upgrade the ios on the 2960 to see if this makes a difference.
Also added callmanager to Prime 2 but no sign of it matching discovered IP phones to extensions etc. I'll install LMS4.2 to see if this works.
So in short, enabling the "Poll clients when client traps/syslogs received" option in Prime works with mac-notification on the switches with the caveats above.
Thanks
Andy
12-04-2013 06:05 AM
Good info to know - thanks for the follow up. +5
If you're running a non-eval Prime with support I'd suggest a TAC case - I'd be very interested to see if they have a matrix of which versions of IOS do and do not support the feature.
I'm not surprised that some older IOS versions don't support all the nicer features. we run into this quite a bit when deploying ISE - another product that leverages some of the most recent IOS features.
12-04-2013 06:11 AM
Thanks for your help with this Marvin. Prime is on contract so I will be contacting TAC soon (we have quite a few 2950s which I know are EoL but I find the dynamic user tracking very useful on these switches). I'm in the process of installing LMS4.2 to test the CM integration which is very useful - this worked well with LMS3.2 and CM 7.X but 'broke' when we moved to CM 8.X. It'll be intersting to see if this works in LMS4.2. Will post back any updates.
Cheers
Andy
01-03-2014 08:05 AM
I added subsequent switches (same models and IOS) and didn't experience any problems with dynamic user tracking. I deleted and added the original switches back and they also started to work ok with dynamic user tracking. I added these switches via bulk import and set snmp timeout and retries to 30 and 3 respectively so maybe that was what made the difference.
I contacted our cisco partner about Prime Infrastructure 2.0 integration with cucm and they suggested having a look at Cisco Prime Collaboration. This looks like a huge (and expensive) product. I'll contact cisco pre-sales for other suggestions.
Cheers
Andy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide