cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1759
Views
0
Helpful
10
Replies

LMS 3.0 - RME fail to archive a switch configuration

Rodrigo Gurriti
Level 3
Level 3

Hello,


I've experienced the following problem:

I've scheduled a job for about 130 devices to collect their startup config, but i have a fail status for around 25 devices. What could have caused this fail?

On the report I see that the LMS could not connect via telnet/TFTP/SSH/HTTP (strange because it can i tested on the device center)

I also tried to:

Checked the credentials.

I used a prompt from the LMS server to telnet to one of the switch with problem and it worked just fine with the credentials I double checked. (its not a path block from a ACL or anything)

Deleted the switch from RME and its credentials and added back again.

What can cause it to fail ?

Thank you

10 Replies 10

Gaganjeet Chug
Level 4
Level 4

Hi,

Kindly enable the debugging for Archive Management as follows adn then run the job for one failed device :-

Go to RME > Admin> System Preferences >Application Log level settings > From the application Menu - select Archive management > Select the Loggin level to DEBUG for both Archive Service and Archive Client. and Click APPLY.

Create a new Archive Management Job and select one or two troubled devices for the new Job. The Job will have an ID like 1123. After the Job completed succesfully / failed . Send me the screenshot of the error of the failed reason.

Look for the Job ID on the server and you will find the folder having the same as JOB ID. Send me the jib log from the Job folder.

Also send me dcmaservice.log and dcmaclient.log from the NMSROOT\log folder. Kindly send me the screenshot of the credentails verification report for this device.

Note :- NMSROOT is the directory where you have installed your LMS . Kindly remove any sensitive information from the debug logs.

Thanks,

Gaganjeet

I've kinda found a problem, my LMS does not reconize the telnet, I can login via telnet from the LMS server but then I try to check credentitals it says incorect.

Why is that ?

Gaganjeet I'll get you that info

Hi,

Its good that you figure out this. So, you can try to export the credentials for this device into CiscoWorks. Go to Common Services > Device management and click on Export tab. Select the device and export the device credentials, provide the extention of the file as .csv and once its done. Open the file and check the credentials.

Also, are you having customized prompts configured for device using Tacacs ?.

Thanks,

Gaganjeet

Gaganjeet,

Done that, the credentials are correct, I'm using TACACS+ on the devices, but I did not change the login prompt, it is the same (username and password).


Here is my AAA config from one of the devices (switch)

aaa new-model
aaa authentication attempts login 5
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+


TACACS+

tacacs-server host X.X.X.X
tacacs-server timeout 10
no tacacs-server directed-request
tacacs-server key 7 XXXXX

VTY

line vty 5 15

Here is a error msg from trying to show run using the netshow

ERROR:RME_CDL1031:Transport session to device failed TELNET: Failed to establish TELNET connection to X.X.X.X - Cause: Authentication failed on device 3 times. Failed to detect SSH version running on the device.

(ssh would not work because the IOS for these switches are ip base w/out crypto)

Hi,

Kindly post the screenshot when you will try to login to device.

Thanks,

Gaganjeet

Hi,

Agter making the required changes for device in Common Services. Kindly resubmit the device under RME > Device > Device management > Select the device and click on resubmit tab at the bottom. This wil force RME to update the device credentials from Common Services.

Run the Device Credentials verification report from RME > Devices > Device Management > Device Credentials Verification reports and post the result of the job.

Thanks,

Gaganjeet

Gaganjeet,

Here is the print, it did not work. :/

Gaganjeet

I think I know what the problem is, I think my is CWLMS is for 100 devices and I have 130 devices registered. I think that could be the problem. Its weird it let me add devices with a limited license but don't let me manage it once its in.

I'll check the licensing

Never mind its LMS-300

Hi,

Kindly make sure you have install the latest device packages for Common Services and RME. Kindly go to Common Services > Software Centre > Device Update.

First update the device package for Common Services (it will restart the dameon manager), after that update the device packages for RME.

Now try to run the credentials verification job again.

Thanks,

Gaganjeet

Review Cisco Networking for a $25 gift card