Solved: LMS 3.2 - User Tracking behind FWSM

Sven Hruza · ‎02-08-2011

Hi,

we have some Cisco FWSM in use and now I found out, that there is no user tracking data for layer 3 for the end hosts which are behind the FWSM.

The FWSMs are managed by LMS 3.2, so I thought user tracking is possible, too.

Thanks!

Sven

Gaganjeet Chug · ‎02-08-2011

Hi,

Just for an example, there is one SysObjectID for FWSM that you can find in the device supported list:-

1.3.6.1.4.1.9.1.674. This FWSM is not supported for User Tracking in Campus Manager.

However ,as per Device Supported list of LMS 3.2, it shows that full RME support is available but User Tracking is not supported for Campus Manager for the FWSM having SysObjectID - 1.3.6.1.4.1.9.1.674.

FWSM, ASA, and PIX devices are not supported by Campus Manager since they do not support CDP. Therefore, UT will not be able to use them as routers to get ARP data.

Here is an alternative that Sir Joseph Clarke suggest for FWSm, the concept of shadow router.

Kindly have a look at this thread too.

https://supportforums.cisco.com/message/3156083#3156083

Hope it helps too.

Thanks & Regards

Gaganjeet

View solution in original post

Gaganjeet Chug · ‎02-08-2011

Hi,

Its as per Design since FWSM is not supported by Campus Manager .

Kindly see the below thread :-

https://supportforums.cisco.com/message/687400#687400

Thanks,

Gaganjeet

Sven Hruza · ‎02-08-2011

Thanks for the reply.

But that thread is 6 years old and I had the hope that there is a solution now.

Because managing the FWSM in Campus Manager is possible. Only the UT is not working.

Sven

Gaganjeet Chug · ‎02-08-2011

Hi,

Yes that was old but still its not supported in LMS 3.2 .

Please send me the output of the snmpwalk for the SysObjectID for the FWSM device failing in order to check 
if they are supported on your CM version. This is how to do it:

    * Kindly go to Device Center
    * Choose the problematic firewall device from Device Selector on the
      left
    * Choose SNMP Walk from Tools
    * Type in .1.3.6.1.2.1.1.2 in the starting OID
    * Check the Output OIDs Numerically box
    * Hit OK
    * Send me a screenshot of the screen that appears
    * Repeat for the other devices

Here is the device suported list for LMS 3.2

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/3.2/device_support/table/lms32sdt.html

Thanks,

Gaganjeet

Sven Hruza · ‎02-08-2011

Hi,

okay...thanks for the link.

But I am wondering about the fact that there is no FWSM in the device list, but there is a device package in LMS which works.

And RME is working, too.

Sven

Gaganjeet Chug · ‎02-08-2011

Hi,

Just for an example, there is one SysObjectID for FWSM that you can find in the device supported list:-

1.3.6.1.4.1.9.1.674. This FWSM is not supported for User Tracking in Campus Manager.

However ,as per Device Supported list of LMS 3.2, it shows that full RME support is available but User Tracking is not supported for Campus Manager for the FWSM having SysObjectID - 1.3.6.1.4.1.9.1.674.

FWSM, ASA, and PIX devices are not supported by Campus Manager since they do not support CDP. Therefore, UT will not be able to use them as routers to get ARP data.

Here is an alternative that Sir Joseph Clarke suggest for FWSm, the concept of shadow router.

Kindly have a look at this thread too.

https://supportforums.cisco.com/message/3156083#3156083

Hope it helps too.

Thanks & Regards

Gaganjeet

Sven Hruza · ‎02-08-2011

Thanks Gaganjeet for the explanation.

The solution with a shadow router is not a possible way for us.

So I have the hope that someday Cisco is able to support the FWSM for CM and UT.

That would be very helpful!

Sven