cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
967
Views
0
Helpful
2
Replies

LMS 4.0.1 tries to connect to itself through proxy

baudetpi
Level 1
Level 1

Hello,

I am experiencing a weird issue with LMS 4.0.1 running on Windows 2008 R2 Standard Edition.

LMS 4.0.1 can connect to the Internet through a web proxy. This proxy does not require authentication. I need to configure proxy in LMS in order to quickly update LMS (by doing Device Updates for CiscoView and Inventory Config)

As soon as I configure proxy settings for CCO connection (i.e, under Admin -> Cisco.com settings -> Proxy Server Setup), LMS stops working properly. In particlar, ANI database breaks down (this is actually still running, but connection to ANI is impossible).

After doing packets capture, I noticed that LMS server (which is called SRVLMS01) tries to connect to itself *through the proxy* when configured. Of course, this does not work (the proxy refuses such connection) - see below (especially packet #8):

4 0.002564 <LMS IP address> <Proxy IP address> HTTP POST http://SRVLMS01:1741/CSCOnm/servlet/com.cisco.nm.cmf.servlet.LwmsMainServlet?fromCLI=true HTTP/1.1
5 0.002585 <LMS IP address> <Proxy IP address> HTTP Continuation or non-HTTP traffic
6 0.003617 <Proxy IP address> <LMS IP address> TCP http-alt > 34514 [ACK] Seq=1 Ack=763 Win=64938 Len=0
7 0.007023 <Proxy IP address> <LMS IP address> TCP [TCP segment of a reassembled PDU]
8 0.007025 <Proxy IP address> <LMS IP address> HTTP HTTP/1.1 403 Forbidden  (text/html)

Everything recovers when removing proxy settings and restarting LMS processes (that is, ANI server comes back online).


FYI, Internet Explorer on LMS server is configured so that proxy settings are bypassed when connecting to http://srvlms01 or to http://<LMS server IP address>. Using IE on the server itself to connect to LMS works just fine.

Of course, I could remove LMS proxy settings and download all CiscoView packages manually, but that would be really painful.

Kind regards

Pierre-Loic

1 Accepted Solution

Accepted Solutions

Michel Hegeraat
Level 7
Level 7

Bonjour Pierre-Loic,

Can you try on the server to use the resolver.pl in /opt/CSCOpx/bin to resolve the hostname of the server and it's IP address.

Do they resolve to what  you think they should?

Meanwhile, download the device package updates can be done quite quickly, installing them can take longer I noticed.

Cheers,

Michel

View solution in original post

2 Replies 2

Michel Hegeraat
Level 7
Level 7

Bonjour Pierre-Loic,

Can you try on the server to use the resolver.pl in /opt/CSCOpx/bin to resolve the hostname of the server and it's IP address.

Do they resolve to what  you think they should?

Meanwhile, download the device package updates can be done quite quickly, installing them can take longer I noticed.

Cheers,

Michel

Bonjour Michel,

resolver.pl returns the right value. Meanwhile, I talked to a coleague who gave the the solution: installing CSCto46927-0m patch solved the problem. I am now able to connect to cisco.com through proxy with ANI server running smoothly.

Thanks for you suggestion anyway !