Cisco :: LMS Prime 4.1 Store Device Configurations External?
Apr 9, 2013We use Cisco LMS Prime 4.1 to archive our Cisco Equipment configurations.
Now we want to store the configurations off site.
We use Cisco LMS Prime 4.1 to archive our Cisco Equipment configurations.
Now we want to store the configurations off site.
We upgraded to Cisco LMS 4.2.1 recently and we have noticed that every time we reboot our Windows VM Server the archived configurations from the network devices are no longer displayed. They do not appear in the archive, version tree or directory. We are meeting the minimum system requirements for running LMS 4.2.1 and we do not seem to have found any possible bugs related to this.
View 8 Replies View Relatedare the connections between the ACS and external identity stores encrypted?I know that when setting up LDAP identity store there is the option to specify SSL conection. Are the other connections encrypted by default, or is the data sent between the ACS and AD, for example, sent in the clear?
View 3 Replies View RelatedI have a new techni colour wifi router TG582n which has a usb cobnnection in the side. I also have a new Samsung 400 gig external hard drive can these be linked to make a wifi hard disc store.
View 2 Replies View Relatedi have few devices in Cisco works, when i try to view their configuration. i get this error.DCMA0011: No configurations archived for the device(s). The selected device(s) should have at least one archived version.
View 1 Replies View RelatedWhat's a good product to use to backup device configurations?
View 19 Replies View RelatedI have a new Cisco Secure ACS 5.2 on a VM. We want to use it to for administrative access to our Cisco equipment with TACACS+. I am trying to map user permissions to different groups of devices based on active directory group membership, however it is not working.
I am using an LDAP (configured for secure authentication) external identity store. On the directory organization tab, I have confirmed the accuracy of the subject and group search base and the test configuration button shows that it's finding > 100 users and >100 groups.
On the directory groups page I have entered the groups according to the required format. cn=groupname1,ou=groups,dc=abc,dc=com
I have a rule based result selection under group mapping. I have two rules in the format below.
Conditon
LDAP:Externalgroups groupname1
Result
Identitygroup1
I have the default group set to a identity group named other. My problem is, no matter what user attempts to authenticate, the Default rule is applied, and the user is put into the other identity group.This occurs when I log on as a groupname1 user, groupname2 user, or as user that is not a member of either of those groups. LDAP authentication works and the user is able to logon to the device.
I have installed ACS 5.4 and we are looking to authenticate our Anyconnect users with ACS via Active Directory. I think I have the correct commands in our ASA ( we had ACS 4 and authenticated our anyconnect users ).
I also have configured ACS to use Active Directory and installed the server side cert in ACS. I'm just uncertain how to program ACS to use the security group that I have setup in Active Directory.
I am using CISCO PRIME LMS 4.1 for manage my network, i ran a device discovery job using a ping sweep on the ip ranges of my network, ie 192.168.1.0/24, 192.168.2.0/24 and so on... the discovery found all my devices, but it discovered duplicate devices with illegal ip Addresses, i.e.,
ip device
192.168.1.255 S1
192.168.2.0 S1
192.168.2.1 S1 (the real address)
all in reachable status.
I don't understand why the program adds that repeated illegal addresses.. How can I run the device discovery to avoid this problem?
is there anyway to change the IP address of a device without data lost? I saw an option in to change it in Inventory > Device Administration: Add / Import / Manage Devices > Edit identity but from what I read I can get a data lose,
View 1 Replies View RelatedWe are currently running Cisco prime 4.1 and want to make sure there is a backup of the configurations from our switches and routers. The VLANconfig is not collected according to the devicestatus dashboard. i am aware there were a known issue with LMS running on a virtual server and vlan not being able to be collected, is this issue resolved? i have tried the various workarounds with TAC support and it hasnt worked. We have the running and startup config collected for our devices when looking at the device status dashboard. does this mean if a switch crashes we can restore the config to a new switch immediately?
i saw there is a version 4.2. maybe this version resolves the issue with LMS on a virutal server? i cannot find the download to upgrade to 4.2 in the support section though.
I am trying to figure out why the Device view has no systlogs in Cisco Prime 4.1.I have everything configured, the switch is sending debugging level logs to the IP of the Prime Server. I am fairly certain it is reporting because it has alot of other information in the server.
View 1 Replies View RelatedWe have a Prime LMS and a Prime NCS instance running. At the moment, instead of having the 2 systems do device discovery independantly, I thought a good way to set things up would be for LMS to do all of the discovery, and then export the DCR from LMS into NCS.
Now doing this manually in a cinch, but I'd like to automate the process. LMS has some nice scripting features that allows me to easily use the 'dcrcli' script to export a CSV file of the all of devices and credentials, which can be put in a format that NCS can bulk import. I plan to do this on a regular basis using a cron entry.
What I can't seem to find is any documentation on how I might be able to achieve the import piece of the puzzle on the NCS box. Are there command line utilities as with LMS that would allow me to import devices, and put the scripting into a cron file to do on a regular basis?
The problem is that - although negotiated in global discovery settings - Prime appends domain name to the device name so that all switches (not routers) have "confusing names". The domain name is not required in device name. What can i do?
View 2 Replies View RelatedI have problems with setting the snmp retry / timeout parameters for our devices. I managed to import our devices with bulk import , but after it I realized that for some devices the snmp retry / timeout values were different ( created the bulk file with 3 retries and 30 sec timeout , but in the system the appear with 2 retries and 1 sec timeout). I tried to change it manually , but after a while it goes back to the wrong values.
View 1 Replies View RelatedWe have LMS Prime 4.2. I know how to view the running config on a single device. How do I run a report that will pull all the running configs of all my devices in one report? I'd be able to same them as one big pdf or text file. ]
View 1 Replies View Relatedbefore I open a TAC case: How does Cisco Prime NCS handle the device licenses for stack of 3750 switches? Just one device license for the stack or a license for every physical switch in the stack? I can't find a answer on the Cisco website, but maybe one of you knows it from a deployment you have done..
View 2 Replies View RelatedI have a checkpoint Safe@Office 500 firewall router, connected to adsl via another adsl device in bridged mode.We needed to assign an external IP to a device behind the firewall.We contacted the ISP, and now they have assigned an additional IP to our adsl account.I have read from the documentation that:"NAT can be defined automatically via the network object (Node, Network or Address Range). When you define NAT via the network object, rules are automatically added to the Address Translation Rule Base"....so I add the object, with the external IP given to us by our ISP, and the wizard simply complains that the IP address is invalid.My thoughts are that the router does not know about the additional IP provided by our ISP. If so, how do I tell the router that there are other IP addresses available to use? I have rebooted the router, and no luck.
View 1 Replies View RelatedWe're currently evaluating Cisco Prime LMS 4.2.Something we've been trying to achieve for the past couple of days is to have LMS notify us when a Microsoft Host is Unreachable, and then to notify us once that alarm has cleared (the Microsoft Host is Reachable again).
We're at the point where the Microsoft Host was discovered, LMS incorrectly identified it as a Cisco Call Manager, so we changed it's identity to non-cisco device > microsoft host > microsoft host. LMS currently has the device listed as being in the 'Questioned' state. SNMP timeout has been set to 15 seconds, and the SNMP community is correct.
Being new to LMS Prime, and having not received any training on the product to this point, we turned to the admin guide, but we couldn't find anything that goes into detail for how to manage the notification for non-Cisco devices.
Is what we're trying to achieve possible with Cisco Prime LMS 4.2? We just want to be able to receive simple 'host unreachable' notifications for Microsoft servers, and the corresponding 'cleared' notifications once the server is back online.
I'm currently running CiscoWorks LMS 4.0.1 on Windows 2003 under VMware and just got upgrade licensing for Prime Infrastructure 1.2. I am assuming that I will need to upgrade the current server to Prime LMS 4.2 in order to ensure that data migration to Prime Infrastructure goes well. I am planning to follow Cisco's recommendation to run Prime LMS and Prime Infrastructure in parallel for a time and migrate individual functions.
My real question is about Syslog handling. All of the managed devices are currently sending Syslog data to LMS. As a last step in the migration, is it possible to change the IP address of the Prime Infrastructure server to replace the Prime LMS server so that the Prime Infrastructure server will just start getting all the Syslog data, or do I need to go change hundreds of managed devices to point to a new address?
What is the relation between: cisco NCScisco Prime LMSCisco Prime infrastructure.As i orderd a Cisco Prime infrastructure from a Cisco Partner and what i got is :
x2 cisco NCS appliances
x1 DVD cisco prime infrastructure
x1 DVD Cisco prime 4.2
Just brought an ipod and downloaded itunes but my laptop wont connect to the itunes store, it says basically it cant connect and that i need to take a look at my network settings? I have this same problem with steam aswell and got so frustrated i ended up deleting it even though i have games on there.
View 7 Replies View RelatedSituation: I have a File server, name is \fileserver and ip address is: \192.168.1.254The shared drive on the server is split into 2 folders which are: Data and HomeI have 17 laptops which all connect to these folders via a group policy which maps the L: to Data and the H: to Home. On 4 of the laptops, for some reason I can't access the Home folder as I get an access denied message. I am the administrator and have full rights. On the other 13 laptops it works fine. I have found that if I try connecting using the IP address \192.168.1.254Home, it works fine.[CODE]
View 10 Replies View RelatedI'm trying to authorize managment access for HP ProCurve Manager via ACS RADIUS. But I get the failure: 15015 Could not find ID Store Machine is configured under Network Devices and AAA Clients, the sevice selection rule selects the correct access service, Access Service is Network Access, authorization profiles = permit access.
View 2 Replies View Relatedi can access app store on my iphone at home and other broadband connections but cant access at work. thinking if it would be the asa thats stopping htis. i have allowed port 3689 but no joy.
View 3 Replies View RelatedUsing Sha1 for Cisco 7925g and sha256 for data. Two separate CA's, one EnTrust (SHA1) the other Local Wondows CA (SHA256); ISE can only use one at a time to process a particular protocol (ie..EAP-TLS, HTTP, etc...) As a result we have to have a separate PSN just for Wireless and Wired VoIP (which can only hold SHA1 RSA1024).
View 5 Replies View RelatedMy dad has an issue with his Windows 7 home edition laptop, he cant get any updates on AVG, Itunes or access the itunes store, he keeps getting error messages denying access. Hes using the 64bit Itunes lastest version (I uninstalled his very out of date itunes last night and downloaded the new version) but still the store wont open
View 14 Replies View RelatedHave spa module on 6509E experience that error:
!
sh log | b crash
SLOT 3: Aug 18 12:52:10 CST: %CARDMGR-2-ESF_DEV_ERROR: An error has occurred on
Ingress ESF Engine: Control Store Parity Error
SLOT 3: Aug 18 12:52:10 CST: %ESF_CRASHINFO-2-WRITING_CRASHINFO: Writing crashin
fo to disk0:crashinfo.esf_20110818-175210
[Code]....
My Location Free has recently stopped letting me access the App Store, Itunes store and Facebook. Someone suggested I change the channel, but not sure how to do that.
View 1 Replies View RelatedI have a cisco ASA 5505 . I need to store " show capture 'word' ( where is a variable) output to syslog server for analyzing packet and port .
View 2 Replies View RelatedThe following messages are filling up my syslog.
*spamApTask0: Nov 09 15:59:29.071: %LOG-3-Q_IND: capwap_ac_reassembly.c:652 Unable to store capwap fragment from 88:f0:77:b6:fd:00.
*spamApTask3: Nov 09 15:59:27.616: %CAPWAP-3-REASSEM_SPACE: capwap_ac_reassembly.c:652 Unable to store capwap fragment from 88:f0:77:b6:fd:00.
What could be causing it? I am using 1524 APs in a Mesh environment with a WLC 5508 (7.0.116.0) which is connected to a H3C switched network.
The MAC addresses above are from my MAPs and I don't think I am getting it from the RAPs.
Is P S 3 the best way to connect netflix to TV and can you store movies in the P S 3 Hard- Drive
View 1 Replies View Relatedhow can i store urls used by the client side in the server using java
View 1 Replies View Related