12-27-2011 03:29 AM
Hello, CiscoWorkers!
I really need assistance in configuration. I've installed LMS 3.2 few times, but still can't find any devices. Please help me out. Any help appreciated. Thank you in advance.
MS Server 2003, I've swithces 3750, 4503, 4506, 4948. There is checkpoint installed and uses ACLs, I don't understand which ACL may prevent device discovery.
Topology is here:
Thank you for any help.
BR,
Eric
email: yernur@ymail.com
Solved! Go to Solution.
12-27-2011 08:40 PM
Verify that the SNMP credential settings are correct for Discovery. This means that you've configured the proper ranges and community string (or SNMPv3 credentials) for your network.
12-27-2011 05:25 PM
Device Discovery can use a number of protocols to find devices (e.g., CDP, ping sweeps, ARP tables, routing tables, etc.), but all devices found must be reachable via SNMP. This means you need to allow udp/161 though your Checkpoint firewalls (in addition to ICMP if you are using ping sweeps for discovery).
12-27-2011 07:18 PM
Thank you, Joseph. I'll double check on checkpoint for that issue, but previously I've cleared all ACL related to my ciscoworks server, so everything is allowed there. There is ACL on CheckPoint stated permit host CW any any and permit any CW any.
So, what should be next step?
Thank you for your help.
12-27-2011 08:40 PM
Verify that the SNMP credential settings are correct for Discovery. This means that you've configured the proper ranges and community string (or SNMPv3 credentials) for your network.
12-28-2011 12:35 AM
Here are credentials for SNMP
snmp-server user public public v1
snmp-server user public public v2c
snmp-server community public RO
snmp-server user public public v1
snmp-server user public public v2c
Is there a way to check correctness of credentials in CW? I think SNMP configured correctly, username for exe mode and enable password are inserted correctly. What is next step?
Thank you, Joseph. I really appreciate your help. You are the first who replied for my trouble.
12-28-2011 08:21 AM
All you need for SNMP v1/v2c is "snmp-server community public RO". However, public is a bad choice for a production community string. If that is really what you have configured on your device, then that's what you need to configure in your Discovery settings. Make sure the range is appropriate (e.g., "*.*.*.*" to cover all devices in your network). If things are still not working, you can get a sniffer trace on the LMS side and the "debug snmp packet" output on one of your seed devices to make sure SNMP is flowing between the two points.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide