Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Venting my frustration with ciscoworks

I have an end to end cisco network and we are trying to ge t ahandle on making managing all this cisco gear easier. I have been working with ciscoworks in various incarnations for about the last 5 years.

I've been fighting with LMS 2.5 now for going on a year, and have YET to be able to get it to function properly. I have found manageability in cisco devices short of using ssh and an IOS command prompt is next to an impossible task unless you want to do it in an insecure fashion.

There is still no full SNMP V3 support available in ciscoworks. The scp services have only recently come into fruition. I still have tons of devices with inconsistant IOS commands, varying levels of SSH support, and an overly buggy, almost useless LMS2.5 that I have to fight constantly just to get it to do BASIC tasks.

What is so freakin hard about making a device and the LMS sytem support fully secure device management in a consistant manner? I'm talking about full SSH 2 support, SCP, and snmp v3 with encryption and auth? We had a netowrk audit as aprt of outr HIPPA complaince measures and we got nailed for still using tftp and telnet to manage devices on our network.

What infuriates me to no end is I was just surveyed about what I wanted in a new version of ciscoworks and I told them JUST FIX THE DAMN STUFF YOU ALREADY HAVE! Don't add any mroe new crap until the stuff you have works relaibly! And I know others that said the same. Menawhile I get wind they are now creating a NEW ciscworks product to do workflow management! They could manage workflow form now until x-mas 2020 and it wouldn't do me any good if the basic work (updating software, archiving configs, etc) isn't getting done?

Anybody else as frustrated with this edsel as I am?

20 REPLIES
New Member

Re: Venting my frustration with ciscoworks

Yes I'm as frustrated as you, I just "upgraded" to the new 4.0 or LMS 2.5, I struggled with it for a week or so and then uninstalled it and I'm trying to get 3.5 working again. I thought it was going to be an upgrade it turns out that it was a whole new product and I didn't have a couple of spare months trying to figure out how to use it, I tried things like automated actions based on syslogs and found unusable even in 3.5 you had to manualy create each action i.e. no copy or cut and paste but at least it was functional. The user tracking in 3.5 is actually a good feature in 4.0 you have to scroll through hundreds of pages to find what your looking for.

I could go on for days and days.

You pretty much hit it on the head, if they would just concentrate on fixing and improving what they have maybe someday there would be a good product for managing 400 Cisco routers and switchs.

I would personaly like to meet the manager of product development for CW's and give him a good kick in the ass.

New Member

Re: Venting my frustration with ciscoworks

Yes I'm as frustrated as you, I just "upgraded" to the new 4.0 or LMS 2.5, I struggled with it for a week or so and then uninstalled it and I'm trying to get 3.5 working again. I thought it was going to be an upgrade it turns out that it was a whole new product and I didn't have a couple of spare months trying to figure out how to use it, I tried things like automated actions based on syslogs and found unusable even in 3.5 you had to manualy create each action i.e. no copy or cut and paste but at least it was functional. The user tracking in 3.5 is actually a good feature in 4.0 you have to scroll through hundreds of pages to find what your looking for.

I could go on for days and days.

You pretty much hit it on the head, if they would just concentrate on fixing and improving what they have maybe someday there would be a good product for managing 400 Cisco routers and switchs.

I would personaly like to meet the manager of product development for CW's and give him a good kick in the ass.

New Member

Re: Venting my frustration with ciscoworks

Let me put my 2 cents in...I didn't upgrade but installed LMS 2.5 fresh. It took months to get many of the features to work and I had to open an new TAC case just about every week to get things to function properly. DFM is still useless to me since all my devices are in "learning" state. I was told the latest service pack (which just came out Dec.) would fix this but it is still a bug. I agree with your assessment. STOP with the enchancements and new features and concentrate on FIXING the original so that the basic functions work properly.

New Member

Re: Venting my frustration with ciscoworks

I'm another frustrated LMS2.5 upgrader. Into the 3rd week of trying to get things to work on a fresh machine with 2.5.1 installed directly (fortunately we didn't touch the production machine). Campus can't connect to the ANI server, User Tracking Utility (User Search band) can't connect to the server (if it could it doesn't support SSL anyway), DFM alerts window appears to frozen, User Tracking in multi-page format is terrible and I'm still waiting for it to resolve IP addresses for the vast majority of the 5,000 odd entries, looks like you can't call perl scripts on windows server from syslog automated action (used to work) and documentation says you can't pass variables to the .bat file. On top of this I'm struggling with the various java versions that each software version insists on using, including ACS which we're running on the same server.

I was really looking forward to an improved CiscoWorks environment including badly needed security improvements - instead I'm finding myself leaning towards dropping the upgrade project, returning the test server hardware, and trying to pacify the security people.

I wish Cisco could produce a formal list of bugs, potential problems, and gotcha's related to an upgrade so that you don't have to spend days and weeks discovering, testing, wondering, searching and cursing.

New Member

Re: Venting my frustration with ciscoworks

Hey there's one really unhappy CW "victim" here! Lived also with many incarnations of CWs and with this LMS 2.5 which seems to be big joke to me. Seems that we are just beta testers of Cisco, so much things have gotten even worse compared to i.e. LMS 2.2! Of course you have to wait carefully for something completely re-written product, but this is.. I don't know even what to say. Even basic stuff doesn't seem to work: for example Campus Discovery logic is really stupid and doesn't work right in our environment any more - there's PERs going on -> TAC Case Engineer recommends to update to LMS2.5.1 to solve the problem, but then overall functionality of CW gets even worse. Many existing problems like for example "Campus ANI process dies w/o reason" are never fixed. Some new problems like Syslog Analyzer process dies after some time exist - this has been worked quite well with earlier versions. And so on.. and so on.. overall usability and especially some products like Device Fault Manager are awful to use. And with default settings LMS 2.5 gets your network so flooded that you maybe don't want to use it anymore not mention when you try to use that so-called intuitive web interface!

So what to say.. I hope and think there are better products to handle your infra - even Open Source can tackle some areas of LMS like RANCID project does. Ciscoworks LMS can be almost "usable" for a couple of hundreds devices in basic use (to backup configs and provide basic reports etc.), but I think it's quite expensive for just that use if you think the whole LMS package (so many products and in case of DFM you want just forget it). For more larger and complex environments (thousands of devices) I wouldn't recommend it to anyone!

Regards,

Marko Seppanen

New Member

Re: Venting my frustration with ciscoworks

LMS 2.5 is unstable at all. We can't use it in production environment. Often we have to restart LMS processes and clean databases to make it working. Yes, we can open TAC case and solve some simple problems shortly, but next day we'll get almost same problem. We can't clean databases and restart LMS every day.

Last week I've uninstalled DFM cause it is useless and it flooded our network.

VTP views in our environment don't work. ANI process freezes and became working back in 15-30 minutes or dies at all. Discovery doesn't work properly. We spent few months with TAC engineers. They only asked same questions and even didn't read log files. Then I found in logs that moment where discovery logic is broken and showed this place to TAC engineer. HE said something like this: "I know now where problem is! You have wrong environment! You have DNS reverses working for all your loopbacks. But Cisco provides solution for this situation: Remove you DNS reverses for some loopbacks!" Fast and well working network environment should become broken to make discovery working. Otherwise discovery just hangs up. So... what can I say... We are not beta testers, we are alfa testers.

New Member

Re: Venting my frustration with ciscoworks

Hallelujah, Brother!

I just "upgraded" to LMS 2.5 last summer and was stunned to find that the interface I kept bitching about was actually worse. Fortunately they compensated for the crappy, more windows are better, interface by making sure that nothing actually worked. Or maybe nothing worked so they made the interface bad so no one would figure it out?

Cisco desperately needs to scrap the whole of CiscoWorks and start over with focus concentrated on:

A) A simple, flexible, easy-to-use interface.

B) Basic functions like config and IOS management and reporting that actually work.

Personally I'm so tired of spinning my wheels with CiscoWorks that I'm ready to recommend we either roll our own NMS or go try something like the Solarwinds config manager. It looked flaky in the brief eval I did but it's new and at least Solarwinds generally writes software that works. I don't think it'd do the IOS management but CiscoWorks won't either so that's no loss. Right now I do most mass router changes with Perl scripts that I wrote so if if simplified that I'd be making progress.

Thanks for blasting CiscoWorks. Since they haven't listened before its doubtful they'll start now but maybe we'll get lucky.

New Member

Re: Venting my frustration with ciscoworks

I just upgrade our LMS 2.2 server to 3 gig in preparation for our upgrade to LMS 2.5...

My boss wants me to upgrade the server in place, i.e

install over the top of our production LMS 2.2 server.

I'm getting more and more worried about this upgrade now.

New Member

Re: Venting my frustration with ciscoworks

My question is: Why are the developers not reading these comments. They seem to be wrapped up in their own world and writing this code with no regard to the users. Every time I speak to a Cisco employee or attend any kind of Cisco training I get the same response from everyone. They feel the product is a joke. It is an albatross for Cisco and they need to start listening. The user tracking seems to be pretty good but the rest is just useless.

New Member

Re: Venting my frustration with ciscoworks

What developers dude? Don't you get it? Cisco doesn't frickin care about us or CiscoWorks. There are users on this forum that are more knowledgable with the product than anyone in the TAC. Sorry nhabib and the 1 other guy supporting this, you guys are helpful but it's clear that Cisco doesn't give a flying **** about their users.

New Member

Re: Venting my frustration with ciscoworks

I'm sorry to hear that you also invested in this horrible piece of software. If you can afford to, I would recommend switching to Opsware NAS right away. It is fast, easy to use, intuitive, clean, and uses open systems like mySQL for it's backend, which means you can customize and integrate it into the rest of your OSS framework. Cisco doesn't have any long term plans to keep CW going anyways, hence all their acquisitions of companies that know what they're doing in this space. It will go away soon, so you might as well buy something new and stop suffering.

New Member

Re: Venting my frustration with ciscoworks

Have any of you seen the announcement from Opsware that Cisco has licensed Opsware to rebrand it. Check out www.opsware.com. I would imagine Cisco could replace our beloved CW2k ;-) with Opsware NAS.

Blue

Re: Venting my frustration with ciscoworks

Or this could simply be a similar resale arrangement like the Opnet deal. Anyone has more info than what's in the PR?

Is there a feature comparison chart between Opsware NAS and CiscoWorks LMS? Which pieces of CiscoWorks does NAS directly compete with?

Silver

Re: Venting my frustration with ciscoworks

Opsware only competes in the RME portion of the suite for configuration management. My group runs both applications.

I believe that my results looking at this thread are atypical, but I'm not your average administrator. I do NOT run Ciscoworks on windows, I manage over 3,000 devices, nor do I use single server implementations.

The key thing is to choose the correct operating system and correctly size the server for the number of devices, applications and number of users you want to manage and run concurrently,

Silver

Re: Venting my frustration with ciscoworks

I don't think that having ciscoworks running on Solaris will keep all the trouble one can have with Ciscoworks away from you and your staff.

Many of the quirks I see on windows I see on Solaris too and the Solaris version has his own quirks.

I do feel the interface of LMS 2.5 is slight better then 2.2 but far from perfect. The DFM interface is horrible. The guy that made that should be banned from programming and obliged to use it on real network.

To move away from applets for everything is good but the HTML interface we got in return is a missed opportunity.

And the whole thing especially the databases must get documented some time and it must come with a development kit for the resellers.

Then Ciscoworks can start to compete.

Michel

New Member

Re: Venting my frustration with ciscoworks

Interesting,

I can hardly wait to begin testing the LMS2.5 box.

I asked recently if they planned to support Solaris 10 and someone replied that LMS 3.0 would.

Seems someone is developing something.

I have stayed away from LMS 2.5 as I think it is an inbetween product similar to HPOVNNM7.x

I am sure the world will be a much better place when LMS 3.0 and HPOVNNM 8.0 are released.

Oh the promise of a better tomorrow

Silver

Re: Venting my frustration with ciscoworks

If you have an experienced Solaris administrator (not a hack) you can get Ciscoworks working like its suppose to with effort. You cannot take the application off the CD's, install all the patches, and just turn it on and it works. This is true with most more complex software packages, thats why consultants still get paid.

New Member

Re: Venting my frustration with ciscoworks

I do not think that the Solaris vs. Windows2003 could resolve anything.

Anyway, waiting that Cisco Corp. will answer to these posts, I wish to share a couple of evaluations about LMS 2.5.1 bugs

The main issues are about the DBs: they can get some odd state that cannot be recovered by the software, e.g.: LMS 2.5 (resolved in 2.5.1) does not clean up the cdp neighbors list; if you check the ODBC connection, you must apply the “CSCOpx/bin/dbpasswd.pl” Perl script to restore the correct password; if the syslog db connected to the rmeng db gets huge, the rme process gets stuck.

Secondarily it is always very hard to understand what is wrong when cw2000 cannot reach some device (password? SNMP community? DNS or IP? Protocol? ACL?), moreover the log files contain information for the software developers and are useless for the end users.

Best regards.

Paolo Calcaterra

Silver

Re: Venting my frustration with ciscoworks

It depends on the administrator's skill set and the other tools and methodologies available. We use Solarwinds (for snmp ad-hoc queries), have all of our devices using TACACS+ for AAA (those log files speak volumes of information for authentication failures), and ACL's are candy when compared to firewall rulebases...a quick scan of them for where the queries will ingress/egress isn't difficult.

New Member

Re: Venting my frustration with ciscoworks

I'm very new to using LMS and 2.5 is my first real dip into managed networking.

Personally the most frustrating thing I find is that non of the apps in CW talk to each other. My example is as follows:

Each night one of our core switches is powered down from 7pm to 7am for physical security reasons - the DFM reports this and shows an alert for all the switches being 'unresponsive' in the morning. After 7am however when the switch is up again, DFM still reports them as unresponsive - even tho CM is running a UT acquisition, RME has run a daily inventory and I can run a ping-sweep across all the switches from my own workstation!!

If only the apps could talk to each other or at least centralise the device-state knowledge.

430
Views
60
Helpful
20
Replies
CreatePlease to create content