Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1288
Views
2
Helpful
2
Replies

Cisco Network Assistant -> PIX515E problems

luke
Level 1
Level 1

‎06-26-2006 06:32 AM

Hi all, i have managed to create a community of cisco devices however although i can add the pix to the community it does not show up in the topology? HTTPS is enable. I can also access the pix via ASDM.

any help would be great.

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-26-2006 07:00 AM

CNA, like ciscoworks, uses Cisco Discovery Protocol (CDP) to determine where devices fit in a topology (Ref CNA Getting Started Guide section on communities: "Do not disable CDP on candidates, members, or any network devices that you might want Network Assistant to discover.")

PIX firewalls do not support CDP. See the release notes, to wit:

"Firewalls

Cisco PIX 515E Firewalls

Note PIX Firewalls do not support the Cisco Discovery Protocol, so they are not automatically shown as neighbors in the Topology view. They are shown only after you add them to a community by using a Create Community or Modify Community window. To see a PIX Firewall link to another community member, you must add the link manually by selecting Add Link in a Topology popup menu."

Hope this helps, please rate helpful posts.

nathan.murr
Level 1
Level 1
In response to Marvin Rhoads

‎02-15-2012 10:56 PM

There's a very funny situation with latest CNA release 5.7:

Following the release notes for 5.0 and later (updated jan 15 2012), you can still add the PIX firewalls:

 Firewalls 


 Cisco PIX 515E firewalls. PIX firewalls do not support the Cisco  Discovery Protocol, so they are not automatically shown as neighbors in  the Topology view. They are shown only after you add them to a community  by using a Create Community or Modify Community window. To see a PIX  firewall link to another community member, you must add the link  manually by selecting Add Link in a Topology popup menu.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_network_assistant/version5_0/release/notes/OL12210a.html#wp713345

And they're still present in the "additional devices" section of the supported devices list:

PIX-501, PIX-506, PIX-506E, PIX-515, PIX-515E, PIX-525, and PIX-535 firewalls

http://www.cisco.com/en/US/docs/net_mgmt/cisco_network_assistant/version5_0/release/notes/OL12210a.html#wp699844

Also, following the lastest getting started guide for 5.4, you can still manually add devices that were not auto discovered:

Manually Adding Members
Network Assistant provides two ways to manually add devices to a community.
1. In the Create Community window, enter the IP address for the device that you want to add.
2. Click Add to Community.
The second way to manually add a device uses the Topology view:
1. If the Topology view does not appear, choose View > Topology from the feature bar.
2. Right-click a candidate icon, and select Add to Community.
Candidate device labels are cyan; member labels are green.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_network_assistant/version5_4_1/quick/guide/English/creatcom.html#wp1038469

The funny is, that actually you can't do it

There's no "add to community" button anymore, only "discover" one left which does not discovers PIX firewalls (although http access is enabled). So you can't even see them from now...sad.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card