Cisco :: LMS 4.0 Fault Notification Groups Setting Up
Sep 11, 2012
I am trying to setup Fault Monitoring on LMS 4.0. When I try to create a Fault Notification Group no devices are listed. They appear to be listed in all other places so I am at a loss as to explain why they are not appearing.
I created some User Defined Groups in LMS 4.1, now I want to apply certain fault notification groups to Event Sets.
Unfortunately the Groups I configured are not in the Group Selector of the Fault Notification Group: Admin > Network > Notification and Action Settings > Fault Notification Group
Have a setup for Cisco LMS3.2.1 which is a recent upgrade, also RME 4.3.2 and CM 5.2.2. Is it possible for the DFM to generate alerts such as email notification to user defined group (subnet grouped). These alerts should be critical in in nature.
I'm in the process of reconfiguring our DFM module have some significant network changes. I've reinitialized the modules databases and manually imported a test group of routers into DFMs device management. The devices have been found and have a known status in the device summary.When I begin the process to create a notification group for email based notifications, the notification group selection window shows no devices available. If I manually search for the devices, I am able to find them, but after selecting them, I'm given the following error:"The devices contaminated in the subscription are no longer found in the inventory"I've confirmed the devices existence in CS and RME.
Is it possible to assign a single ssid to multiple interface groups by assigning the ssid to multiple AP groups?
I have buildings geographically dispersed that are configured with multiple vlans in interface groups so that I can maintain an addressing scheme of dhcp assigned addresses per building. Each building is also further grouped as AP groups. I'd like to know if by assigning the same wlan ssid to each of the AP groups, will I maintain addressing integrity for each building? I'm thinking it will work.
Do the buildings have to be outside AP range of each other to avoid problems?
Despite there are all devices are managed in DFM (accorduing to Collection Summary Portlet or Rediscover devices) there are no devices in the Fault Monitor with the message "No devices are available"Does it mean, we have absolutly no faults in our network or does it mean that we have a problem with DFM?
How to find out which Fault Threshold group a specific interface belongs to.The scenario is that in Fault Manager there is an alarm for which I want to change the Threshold Setting.
Example Alarm: Event_Description HighUtilization Device IP x.x.x.x Device Type Routers Fault Last Updated At 19-Mar-2013 09:44:25 Component IF-router2.x.x/26 [Tu187] [x.x.x.x] [Code] .....
I upgraded the LMS 4.0 with LMS 4.0.1 but now the events are removed of Fault View. The equipments than I am monitoring are: ME-3600, ME-3800 and ASR 9000. This is a configuration problem or I have to update something else?
I have a Sony Viao laptop with WinXp SP3 which is now 6 years old. We are currently renting a holiday home in the USA which has an unsecured network. We have two other laptops and they are connected, no problem. This morning my Sony worked fine on email and web access but I was having trouble on FTP. Then email stopped and then web.I have tried all the usual solutions. Delete the Network, restart etc etc.It clearly show the network (and also another secured network I cannot access). When I connect it shows "Acquiring network address" then just hangs. If I press, repair it hangs on "Renewing your IP address" Does the fact that it can see the networks and when I "ping 127.0.01" it seems to be OK, mean that it CANNOT be a hardware fault? I ask this partly because the WLAN switch at the front often does not seem to work (when it does work it is green and currently it IS green)
As far as I understand it Fault Manager need to be able to do reverse lookup for ip adresses to show the correct name in the "device name" column. I have double and tripple checked and all devices that only is shown as an ip address do have a reverse in the dns used by the LMS server. The device is correctly registered and inventory have been run. If I hold the mouse pointer over the crosshair on the row of the offending device all info is shown including correct device name and fqdn.
The server is upgraded from 4.2.1 to 4.2.2 and we have the same problem before the upgrade.
I have an ISR 1921. Every now and then, it crashes saying "Possible software fault". The system LED flashes amber and only a hard reset (power on/off) will reload the ISR.
I have an inventory added to Ciscoworks and am getting alerts on interfaces that I want to exclude but for the life of me I can't figure out how to exclude interfaces. Any tips on how to exclude interfaces from the fault engine in 4.1.
I have not used the ACS5.1 yet so watch out for the easy questions
1) Is it possible to generate report for the users who are inactive for say last 30 days? Customer is looking to audit these users to see if they really need access to any device.
2) Are there any known issues while assigning the priviligaes level to users. In current implementation of this customer users are always logged into priv 1 though they are assigning the priv level of 5. I understand with ACS 4.x we can enable the exec process and assign the priv under user/group policy. What are the configurations that customer might be possiby missing in this case?
3) Is there any SNMP or other notification available in ACS 5.1 where admin can be notified at the time a particulat set of user logs in.
I want to configure E-mail fault notification in LMS 4.0. So Where i will configure E-mail settings like username, password, mail server IP address in LMS. We are using e-mail service hosted in gmail. Through this mail service ca we able to use email notification.?
I'm needing to be able to send e-mail nofigication when one of our network devices isn't able to be access. I have looked at the DFM configuration but I'm a little confused to how to set this up so that we don't get inundated with to many e-mails.
i have trying for a few days to connect my HP G7000 notebook to the internet through my wireless but i have tried everything i can think without getting anywhere. I only got it a few days back for my daughter to do her homework ect, but can't get it to connect i see a post on here about updating drivers but i can't get it to connect to do this, then thought about downloading the driver update it may need to my laptop but i really dont want to download anything onto my laptop as its a different model with different drivers and dont want it to stop my laptop working.i get on the HP G7000 is cannot communicate with primary DNS server 194.168.4.100 then underneath that message it is saying Network diagnostics pinged the remote host but did not receive a response
We are running LMS 4.1 and we have more than 150 devices.LMS could not find the fault discovery for 3 switches with partnumber WS-C3560C-12PC-S. This switches are considered as unknown.Ios version is c3560c405-universalk9-mz.122-55.EX3.bin But other things are ok. Inventory Collection ,Config Archive, Topology Data Collection etc . Is there any way to fix ths issue? We have compact switch WS-C3560CG-8PC-S, which is working perfectly for all features.
LMS discoverd all my devices and updated the DCR. This devices are visible in DFM. For some of this devices i would like to change the threshold values. For some reason the devices are not visible in Monitor->Fault Settings->Seup->Threshold Settings (please see screenshot) Is there another approach to change the threshold values?
I've just installed LMS 4.2, like it a lot so far. In the Fault Monitor, the Device Name column shows the device's IP address rather than the host name. We need for it to show the host name, for ease of troubleshooting; most folks don't have the IP addresses memorized. Likewise, when an email is sent out for an event, the managed device field also shows up as the device's IP address.
The devices were all discovered with their IP addresses rather than a host name...should LMS have automatically found their host names? Regardless, I manually updated all of the device's host names, yet they still display as an IP address in the fault monitor.
Also, it appears I need to figure out some way to throttle alerts. One particular device will report an event (ie a temperature out of range) dozens of times in a polling period...several per second, even though it's the same alert.
If I ask to the Supported Device Finder Portlet about C4503-E (SysObjectId: 1.3.6.1.4.1.9.1.874), it tells that this device is supported by DFM 4.1.0. Nevertheless, in DFM module each one devices appear in the "All Unknown Devices" group, with Error Code: Unsupported. CDP is enable in each one of these devices.
Has any one got a working setup for SSL VPN users in regards to notification about password is going to expire and then providing the VPN user the opportunity to change password during the VPN login process, involving ASA5520 - ACS Radius server - Active Directory Our VPN users are connecting with Cisco Any Connect VPN Client V.2.5.3046 to a ASA5520 running 8.4(1), all user validation is handled via Radius though a Cisco ACS 5.2 server, which in turn validates the users up against MS Active Directory.
For the relevant connection profile on the ASA, the options Advanced / General/ Password Management / Enable password management has been selected together with the Notify user 14 days prior to password expiration, as mentioned its connecting to a Cisco ACS Radius server with MSCHAPv2 enabled on both the ASA and ACS.
On the ACS server under users and Identity Stores > External Identity Stores > Active Directory we have a successful bind to the AD, the values End User Authentication Settings > Enable password change has been selected.
Just to make sure the password notification function is working in the first place I change the ASA5520 AAA Server group to use LDAP instead of Radius and configured a direct path towards one of our domain controllers, sure enough when the user logged in he got a notification about the password would expire in xx days and then provided with a option to change the password right away or just connect with the current password.
The thing is I don’t want to just use LDAP for VPN authentication, I have quite a expensive setup on the ACS servers with unique ACL's for various group of employees and especially for external consultants, I also use the ACS for customization for webpage and resources when Web VPN is used.
Can it really be so that password expiration notification only works using LDAP, and if this is really the case, is there any way to configure Dual Authentication, so I could first validate the user against LDAP and next against the ACS??
(Side note: I tried to configure the ASA to use LDAP as normal Authentication and then the ACS as Authorization, but it failed, first off because the ASA started to use PAP/ASCII against the ACS and even if I allowed that, it seemed like the ASA wasn’t parsing the users password onwards, with the result that ACS failed and the user account ended up getting locked out in the AD).
Is it possible to have email notification when a rule is hit on the ACS(5.1)?
Ive had a look around and cannot see any options, the server team seem to think its not possible to have this triggered from AD either on a side note, where are the SMTP settings on the ACS?
We have the RVS4000 and have IPS turned on. How can I be notified (email would work) when updates to the IPS signatures are available, so I can keep our IPS signatures current?
I'm on a network in an office where each person's computer has different specs, some PC, some Mac. We all share files off a common drive, either using it directly, or, copying it to our local machine to work on it then return it to the shared drive. I'm looking for a way to attach a notification to a file to let everyone know it has been "signed out" by someone, to avoid two people taking the same file at the same time.I looked at a simple program called Shediko Badges, which puts a badge over the icon, by right clickingon the file and choosing a badge from a menu, and undone just as easily, however, it can't be seen by everyone else on the network. This is the sort of thing I'm looking for, simple, cheap or free, that somehow marks a specific file without changing the name. It could be a colour change, an icon change... whatever, ideally with several options, for example where a different colour could be assigned to each person in the office, similar to the coloured labels on a Mac.
I lost my internet connection icon in windows 7. When connected, the network notification and icon appears at the taskbar and displays how many bar signal the network has and it was working even earlier this afternoon here. I just used my wired connection for a short time and as i stopped using it then i discovered the wireless connection bar signal is lost, all for me to see a ' Round Star' in the bar side of my internet icon. Am connected to the internet but i can't my connection signal and i tried to restore my computer but after i do that i get a dialog say 'The system restore did not completely succesfully because an anti-virus is running on this computer and has prevented it from changing the settings, turn off anti-virus ans try again' but i have no anti-virus program on my PC.
Cisco Prime 4.2. My device is stuck in Questioned state in Fault Management. The device though can be pinged from the server. Actually, I can already manage the device and have archived its configuration. Problem is, on Fault Monitoring Device Administration, its on Questioned state even though I already tried to rediscover the device several times.Do I need to configure something on the server like put in the IP address and hostname of the device in the host file of Windows Server 2008?
I'm trying to configure Fault Tolerance on a pair of 4710s. I followed the doc, and configured int gi1/4 as the fault tolerance interface, using vlan 12. However the GUI is saying FT Vlan Down
The troubleshooting wiki said check the physical connectivity, but everything there looks good. Each ACE can ping it's own IP, but not the router on that VLAN, or the peer. They're connected to a dedicated VLAN in a switch, and I even tried a crossover cable to directly connect the two. [code]