Solved: If it is Prime Infrastructure

clarkem73 · ‎11-11-2016

I am able to ping Cisco Prime, but not able to access the Web-interface. A CISCO 5525x was recently installed, but I do not know if anything should be allowed on the Firewall for Prime to be accessible.

Marvin Rhoads · ‎11-15-2016

If it is Prime Infrastructure running on a VM, check the application / web server status via logging into the server via ssh command prompt and then using the command:

ncs status

If the output from that command shows the application server is started then the server is running.

At a minimum you should be able to get to and from the server with icmp (ping), tcp/22 (ssh), tcp/443 (https), udp 161/162 (snmp queries and traps) and udp/514 (syslog). The server should also be able to reach the Internet, resolve addresses using dns (udp/53) and reach any configured ntp servers (udp/123).

View solution in original post

Marvin Rhoads · ‎11-21-2016

That all looks OK as well.

I'd suggest opening a TAC case at this point. They can drill down into some troublsehooting steps in the root shell.

View solution in original post

Marvin Rhoads · ‎11-15-2016

If it is Prime Infrastructure running on a VM, check the application / web server status via logging into the server via ssh command prompt and then using the command:

ncs status

If the output from that command shows the application server is started then the server is running.

At a minimum you should be able to get to and from the server with icmp (ping), tcp/22 (ssh), tcp/443 (https), udp 161/162 (snmp queries and traps) and udp/514 (syslog). The server should also be able to reach the Internet, resolve addresses using dns (udp/53) and reach any configured ntp servers (udp/123).

clarkem73 · ‎11-21-2016

All seem to be running, but still unable to access PI via Webinterface.

Cisco-Prime/admin# ncs status
Health Monitor Server is running.
Reporting Server is running
Ftp Server is running
Database server is running
Tftp Server is running
Matlab Server is running
NMS Server is running.
SAM Daemon is running ...
DA Daemon is running ...
Syslog Daemon is running ...
status
Cisco-Prime/admin#

Cisco-Prime/admin# show run
Generating configuration...
!
hostname Cisco-Prime
!
ip domain-name mhss.local
!
interface GigabitEthernet 0
ip address 172.24.48.24 255.255.254.0
ipv6 address autoconfig
!
ip name-server 172.24.48.4 172.24.48.10
!
ip default-gateway 172.24.48.1
!
clock timezone Africa/Windhoek
!

!
username admin password hash xxx role admin
!
service sshd
!
repository defaultRepo
url disk:/defaultRepo
!
password-policy
lower-case-required
upper-case-required
digit-required
no-username
disable-cisco-passwords
min-password-length 6
!
logging localhost
logging loglevel 6
!

!
cdp timer 60
cdp holdtime 180
cdp run GigabitEthernet 0
!

Marvin Rhoads · ‎11-21-2016

That all looks OK as well.

I'd suggest opening a TAC case at this point. They can drill down into some troublsehooting steps in the root shell.

clarkem73 · ‎11-21-2016

Ok will do, Thanks for your assistance, much appreciated.

avinashraju71 · ‎01-23-2017

Hi Clark - I ran into the same problem , just want to know how did you resolved it.

Thanks

gnijs · ‎07-18-2019

same here, prime is running behind a nat router.

SSH to Prime works, HTTPS does not (?) very strange, both ports have port redirection configured

Prime 3.1

(on the local subnet (without NAT) SSL/443 works)

CISCO PRIME INFRASTRUCTURE