Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
813
Views
0
Helpful
2
Replies

shutting interfaces with LMS3.2

randomjoe1
Level 1
Level 1

‎10-08-2010 10:25 AM

Hi,

We are looking for an easy way for our security department to shut end user interfaces (mostly fa, some gi).  previously we've done this with home-grown scripts and I've been asked if LMS could do this easily.

so ideally, the security department would have to select the "shut interface" job, select the device, and tell it what port to shut.  I'd rather create a template that only works on end user switches (3750-g-e-x, 2950,3560 etc.  NOT 6500, blade switches, routers, etc.)

From what I've tried, I could only hard set (int fa1/0/1 ->shut) the interface in the job.  is there a way I could create a basic shut template that prompts the user what port to shut (or put on a black-hole vlan)?

Or, is there another way to do this aside from a netconfig job?

==requirements==

*various credentials (already created different credential sets so this is OK)

*security department should not have permission to shut trunks

*we would like to restrict access to the security team from the rest of LMS

==system/network configuration==

*lms 3.2 patched up to date

*switches running snmp2 RO only

*lms could telnet/ssh to devices

*dev stage of deploying snmpv3

*local authorization (non-ACS), TACACS authentication with local fallback

Thanks much in advance!

Labels:
0 Helpful
2 Replies 2

randomjoe1
Level 1
Level 1

‎10-08-2010 10:48 AM

I've tried VLAN port assignment, but get an SNMP operation error.  I'm assuming

it needs RW access which we don't have enabled.

would that be resolved if we were to migrate to SNMPv3 with writable permission?

0 Helpful

ANDAFBCCO
Level 1
Level 1
In response to randomjoe1

‎10-13-2010 04:15 AM

I have been working on this exact issue on another thread: https://supportforums.cisco.com/message/3200456#3200456 . I also have LMS and haven't found a way to do this through ciscoworks but I am currently trying to the the EEM route. The script I am trying to run monitors ports that show not connected due to users turning off their machines, unplugging their machines etc and shuts down after a period of time that you prefer. The guy I'm working with is very helpful, I don't know if this is a route you wan't to take but it might be worth taking a look at.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card