Can Cisco Prime send a peer to peer connectivity report
I'm trying to discover if we have any peer to peer wireless clients (not ad-hoc WLANs) talking to each other. I was asked to turn off peer to peer on the wireless network, so I need to find out if there are any clients talking to one another, and if so, what are they, etc.
I've looked through the reports and didn't see anything there.
We have Cisco Prime 7.2, 5508 WLCs and MSE.
Please check the below link:
http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/user/guide/reports/system_reports.html
Similar Messages
-
Can anyone plz send a simple example of interactive reports
Hi gurus,
Can anyone plz send a simple example of interactive reports using subscreenswhich contains at line-selection, at user-command, pf and other commands.
Thanks in advance.Hi,
* Macro definition
DEFINE m_fieldcat.
add 1 to ls_fieldcat-col_pos.
ls_fieldcat-fieldname = &1.
ls_fieldcat-ref_tabname = &2.
ls_fieldcat-cfieldname = &3.
ls_fieldcat-qfieldname = &4.
append ls_fieldcat to lt_fieldcat.
END-OF-DEFINITION.
TYPE-POOLS: slis. " ALV Global types
TYPES:
BEGIN OF ty_vbak,
vkorg TYPE vbak-vkorg, " Sales organization
kunnr TYPE vbak-kunnr, " Sold-to party
vbeln TYPE vbak-vbeln, " Sales document
netwr TYPE vbak-netwr, " Net Value of the Sales Order
waerk TYPE vbak-waerk, " Currency
END OF ty_vbak,
BEGIN OF ty_vbap,
vbeln TYPE vbap-vbeln, " Sales document
posnr TYPE vbap-posnr, " Sales document item
matnr TYPE vbap-matnr, " Material number
arktx TYPE vbap-arktx, " Short text for sales order item
kwmeng TYPE vbap-kwmeng, " Order quantity
vrkme TYPE vbap-vrkme, " Quantity Unit
netwr TYPE vbap-netwr, " Net value of the order item
waerk TYPE vbap-waerk, " Currency
END OF ty_vbap.
DATA :
gs_vbak TYPE ty_vbak,
* Data displayed in the first list
gt_vbak TYPE TABLE OF ty_vbak,
* Data displayed in the second list
gt_vbap TYPE TABLE OF ty_vbap.
SELECT-OPTIONS :
s_vkorg FOR gs_vbak-vkorg, " Sales organization
s_kunnr FOR gs_vbak-kunnr, " Sold-to party
s_vbeln FOR gs_vbak-vbeln. " Sales document
SELECTION-SCREEN :
SKIP, BEGIN OF LINE,COMMENT 5(27) v_1 FOR FIELD p_max. "#EC NEEDED
PARAMETERS p_max(2) TYPE n DEFAULT '20' OBLIGATORY.
SELECTION-SCREEN END OF LINE.
INITIALIZATION.
v_1 = 'Maximum of records to read'.
START-OF-SELECTION.
PERFORM f_read_data_vbak.
PERFORM f_display_data_vbak.
* Form f_read_data_vbak
FORM f_read_data_vbak.
SELECT vkorg kunnr vbeln netwr waerk
INTO CORRESPONDING FIELDS OF TABLE gt_vbak
UP TO p_max ROWS
FROM vbak
WHERE kunnr IN s_kunnr
AND vbeln IN s_vbeln
AND vkorg IN s_vkorg
and vbtyp = 'C'. " C = Sales Orders.
ENDFORM. " F_READ_DATA_VBAK
* Form f_display_data_vbak
FORM f_display_data_vbak.
DATA:
ls_fieldcat TYPE slis_fieldcat_alv,
lt_fieldcat TYPE slis_t_fieldcat_alv.
* Build the field catalog
m_fieldcat 'VKORG' 'VBAK' '' ''.
m_fieldcat 'KUNNR' 'VBAK' '' ''.
m_fieldcat 'VBELN' 'VBAK' '' ''.
m_fieldcat 'NETWR' 'VBAK' 'WAERK' ''.
m_fieldcat 'WAERK' 'VBAK' '' ''.
* Display the first list
CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'
EXPORTING
i_callback_program = sy-cprog
i_callback_user_command = 'USER_COMMAND'
it_fieldcat = lt_fieldcat
TABLES
t_outtab = gt_vbak.
ENDFORM. " F_DISPLAY_DATA_VBAK
* FORM USER_COMMAND *
FORM user_command USING u_ucomm TYPE syucomm
us_selfield TYPE slis_selfield. "#EC CALLED
CASE u_ucomm.
WHEN '&IC1'.
READ TABLE gt_vbak INDEX us_selfield-tabindex INTO gs_vbak.
CHECK sy-subrc EQ 0.
PERFORM f_read_data_vbap. " Read data from VBAP
PERFORM f_display_data_vbap.
ENDCASE.
ENDFORM. " USER_COMMAND
* Form f_read_data_vbap
FORM f_read_data_vbap.
SELECT vbeln posnr matnr arktx kwmeng vrkme netwr waerk
INTO CORRESPONDING FIELDS OF TABLE gt_vbap
FROM vbap
WHERE vbeln = gs_vbak-vbeln.
ENDFORM. " F_READ_DATA_VBAP
* Form f_display_data_vbap
FORM f_display_data_vbap.
DATA:
ls_fieldcat TYPE slis_fieldcat_alv,
lt_fieldcat TYPE slis_t_fieldcat_alv.
* Build the field catalog
m_fieldcat 'VBELN' 'VBAP' '' ''.
m_fieldcat 'POSNR' 'VBAP' '' ''.
m_fieldcat 'MATNR' 'VBAP' '' ''.
m_fieldcat 'ARKTX' 'VBAP' '' ''.
m_fieldcat 'KWMENG' 'VBAP' '' 'VRKME'.
m_fieldcat 'VRKME' 'VBAP' '' ''.
m_fieldcat 'NETWR' 'VBAP' 'WAERK' ''.
m_fieldcat 'WAERK' 'VBAP' '' ''.
* Display the second list
CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'
EXPORTING
it_fieldcat = lt_fieldcat
TABLES
t_outtab = gt_vbap.
ENDFORM. " F_DISPLAY_DATA_VBAP
2nd example
* Macro definition
DEFINE m_fieldcat.
add 1 to ls_fieldcat-col_pos.
ls_fieldcat-fieldname = &1.
ls_fieldcat-ref_tabname = &2.
append ls_fieldcat to lt_fieldcat.
END-OF-DEFINITION.
TYPE-POOLS: slis. " ALV Global types
SELECTION-SCREEN :
SKIP, BEGIN OF LINE,COMMENT 5(27) v_1 FOR FIELD p_max. "#EC NEEDED
PARAMETERS p_max(2) TYPE n DEFAULT '20' OBLIGATORY.
SELECTION-SCREEN END OF LINE.
TYPES:
* Data displayed in the first list
BEGIN OF ty_kna1,
kunnr TYPE kna1-kunnr, " Customer number
name1 TYPE kna1-name1, " Customer name
ort01 TYPE kna1-ort01, " Customer city
END OF ty_kna1,
* Data displayed in the second list
BEGIN OF ty_vbak,
vkorg TYPE vbak-vkorg, " Sales organization
kunnr TYPE vbak-kunnr, " Sold-to party
vbeln TYPE vbak-vbeln, " Sales document
netwr TYPE vbak-netwr, " Net Value of the Sales Order
END OF ty_vbak,
* Data displayed in the third list
BEGIN OF ty_vbap,
vbeln TYPE vbap-vbeln, " Sales document
posnr TYPE vbap-posnr, " Sales document item
matnr TYPE vbap-matnr, " Material number
arktx TYPE vbap-arktx, " Short text for sales order item
kwmeng TYPE vbap-kwmeng, " Order quantity
netwr TYPE vbap-netwr, " Net value of the order item
END OF ty_vbap.
DATA:
gs_kna1 TYPE ty_kna1,
gt_kna1 TYPE TABLE OF ty_kna1,
gs_vbak TYPE ty_vbak,
gt_vbak TYPE TABLE OF ty_vbak,
gt_vbap TYPE TABLE OF ty_vbap.
INITIALIZATION.
v_1 = 'Maximum of records to read'.
START-OF-SELECTION.
PERFORM f_read_data_kna1.
END-OF-SELECTION.
PERFORM f_display_data_kna1.
* Form f_read_data_kna1
FORM f_read_data_kna1.
* Read customer data with a least one order
SELECT kunnr name1 ort01 INTO TABLE gt_kna1
FROM kna1 AS k
UP TO p_max ROWS
WHERE EXISTS
( SELECT kunnr FROM vbak WHERE kunnr = k~kunnr ).
ENDFORM. " F_READ_DATA_KNA1
* Form f_display_data_kna1
FORM f_display_data_kna1.
DATA:
ls_fieldcat TYPE slis_fieldcat_alv,
lt_fieldcat TYPE slis_t_fieldcat_alv.
* Build the field catalog
m_fieldcat 'KUNNR' 'KNA1'.
m_fieldcat 'NAME1' 'KNA1'.
m_fieldcat 'ORT01' 'KNA1'.
* Display the first list
CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'
EXPORTING
i_callback_program = sy-cprog
i_callback_user_command = 'USER_COMMAND_KNA1'
it_fieldcat = lt_fieldcat
TABLES
t_outtab = gt_kna1.
ENDFORM. " F_DISPLAY_DATA_KNA1
* FORM USER_COMMAND_KNA1 *
FORM user_command_kna1 USING u_ucomm TYPE sy-ucomm
us_selfield TYPE slis_selfield."#EC CALLED
CASE u_ucomm.
WHEN '&IC1'.
READ TABLE gt_kna1 INDEX us_selfield-tabindex INTO gs_kna1.
CHECK sy-subrc EQ 0.
PERFORM f_read_data_vbak. " Read data from VBAK
PERFORM f_display_data_vbak. " Display orders
ENDCASE.
ENDFORM. " USER_COMMAND_KNA1
* Form f_read_data_vbak
FORM f_read_data_vbak.
SELECT vkorg kunnr vbeln netwr
INTO TABLE gt_vbak
FROM vbak
UP TO p_max ROWS
WHERE kunnr = gs_kna1-kunnr.
ENDFORM. " F_READ_DATA_VBAK
* Form f_display_data_vbak
FORM f_display_data_vbak.
DATA:
ls_fieldcat TYPE slis_fieldcat_alv,
lt_fieldcat TYPE slis_t_fieldcat_alv.
* Build the field catalog
m_fieldcat 'VKORG' 'VBAK'.
m_fieldcat 'KUNNR' 'VBAK'.
m_fieldcat 'VBELN' 'VBAK'.
m_fieldcat 'NETWR' 'VBAK'.
* Display the second list
CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'
EXPORTING
i_callback_program = sy-cprog
i_callback_user_command = 'USER_COMMAND_VBAK'
it_fieldcat = lt_fieldcat
TABLES
t_outtab = gt_vbak.
ENDFORM. " F_DISPLAY_DATA_VBAK
* FORM USER_COMMAND_VBAK *
FORM user_command_vbak USING u_ucomm TYPE sy-ucomm
us_selfield TYPE slis_selfield."#EC CALLED
CASE u_ucomm.
WHEN '&IC1'.
READ TABLE gt_vbak INDEX us_selfield-tabindex INTO gs_vbak.
CHECK sy-subrc EQ 0.
PERFORM f_read_data_vbap. " Read data from VBAP
PERFORM f_display_data_vbap. " Display items
ENDCASE.
ENDFORM. " USER_COMMAND_VBAK
* Form f_read_data_vbap
FORM f_read_data_vbap.
SELECT vbeln posnr matnr arktx kwmeng netwr
INTO TABLE gt_vbap
FROM vbap
WHERE vbeln = gs_vbak-vbeln.
ENDFORM. " F_READ_DATA_VBAP
* Form f_display_data_vbap
FORM f_display_data_vbap.
DATA:
ls_fieldcat TYPE slis_fieldcat_alv,
lt_fieldcat TYPE slis_t_fieldcat_alv.
* Build the field catalog
m_fieldcat 'VBELN' 'VBAP'.
m_fieldcat 'POSNR' 'VBAP'.
m_fieldcat 'MATNR' 'VBAP'.
m_fieldcat 'ARKTX' 'VBAP'.
m_fieldcat 'KWMENG' 'VBAP'.
m_fieldcat 'NETWR' 'VBAP'.
* Display the third list
CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'
EXPORTING
it_fieldcat = lt_fieldcat
TABLES
t_outtab = gt_vbap.
ENDFORM. " F_DISPLAY_DATA_VBAP
3rd Example
** Macro definition*
*DEFINE m_fieldcat.*
*add 1 to ls_fieldcat-col_pos.*
*ls_fieldcat-fieldname = &1.*
*ls_fieldcat-ref_tabname = &2.*
*append ls_fieldcat to lt_fieldcat.*
*END-OF-DEFINITION.*
*CONSTANTS :*
*c_x VALUE 'X'.*
*TYPE-POOLS: slis. " ALV Global types*
*TYPES:*
** Data displayed in the first list*
*BEGIN OF ty_vbak,*
*vkorg TYPE vbak-vkorg, " Sales organization*
*kunnr TYPE vbak-kunnr, " Sold-to party*
*vbeln TYPE vbak-vbeln, " Sales document*
*netwr TYPE vbak-netwr, " Net Value of the Sales Order*
*END OF ty_vbak,*
** Data displayed in the popup list*
*BEGIN OF ty_vbap,*
*posnr TYPE vbap-posnr, " Sales document item*
*matnr TYPE vbap-matnr, " Material number*
*arktx TYPE vbap-arktx, " Short text for sales order item*
*kwmeng TYPE vbap-kwmeng, " Order quantity*
*netwr TYPE vbap-netwr, " Net value of the order item*
*END OF ty_vbap.*
*DATA :*
*g_vkorg TYPE vbak-vkorg,*
*g_kunnr TYPE vbak-kunnr,*
*g_vbeln TYPE vbak-vbeln,*
*gt_vbak TYPE TABLE OF ty_vbak,*
*gt_vbap TYPE TABLE OF ty_vbap.*
*SELECT-OPTIONS :*
*s_vkorg FOR g_vkorg, " Sales organization*
*s_kunnr FOR g_kunnr, " Sold-to party*
*s_vbeln FOR g_vbeln. " Sales document*
*SELECTION-SCREEN :*
*SKIP, BEGIN OF LINE,COMMENT 5(27) v_1 FOR FIELD p_max. "#EC NEEDED*
*PARAMETERS p_max(2) TYPE n DEFAULT '20' OBLIGATORY.*
*SELECTION-SCREEN END OF LINE.*
*INITIALIZATION.*
*v_1 = 'Maximum of records to read'.*
*START-OF-SELECTION.*
*PERFORM f_read_data_vbak.*
*PERFORM f_display_data_vbak.*
** Form f_read_data_vbak*
*FORM f_read_data_vbak.*
*SELECT vkorg kunnr vbeln netwr*
*INTO TABLE gt_vbak*
*FROM vbak*
*UP TO p_max ROWS*
*WHERE kunnr IN s_kunnr*
*AND vbeln IN s_vbeln*
*AND vkorg IN s_vkorg.*
*ENDFORM. " F_READ_DATA_VBAK*
** Form f_display_data_vbak*
*FORM f_display_data_vbak.*
*DATA:*
*ls_fieldcat TYPE slis_fieldcat_alv,*
*lt_fieldcat TYPE slis_t_fieldcat_alv.*
** Build the field catalog*
*m_fieldcat 'VKORG' 'VBAK'.*
*m_fieldcat 'KUNNR' 'VBAK'.*
*m_fieldcat 'VBELN' 'VBAK'.*
*m_fieldcat 'NETWR' 'VBAK'.*
** Display the first list*
*CALL FUNCTION 'REUSE_ALV_GRID_DISPLAY'*
*EXPORTING*
*i_callback_program = sy-cprog*
*i_callback_user_command = 'USER_COMMAND'*
*it_fieldcat = lt_fieldcat*
*TABLES*
*t_outtab = gt_vbak.*
*ENDFORM. " F_DISPLAY_DATA_VBAK*
** FORM USER_COMMAND **
*FORM user_command USING u_ucomm TYPE sy-ucomm*
*us_selfield TYPE slis_selfield. "#EC CALLED*
*DATA:*
*ls_vbak TYPE ty_vbak.*
*CASE u_ucomm.*
*WHEN '&IC1'.*
*READ TABLE gt_vbak INDEX us_selfield-tabindex INTO ls_vbak.*
*CHECK sy-subrc EQ 0.*
*PERFORM f_read_data_vbap " Read data from VBAP*
*USING ls_vbak-vbeln.*
*PERFORM f_display_data_vbap.*
*ENDCASE.*
*ENDFORM. " USER_COMMAND*
** Form f_read_data_vbap*
*FORM f_read_data_vbap USING u_vbeln TYPE vbeln_va.*
*SELECT posnr matnr arktx kwmeng netwr*
*INTO TABLE gt_vbap*
*FROM vbap*
*WHERE vbeln = u_vbeln.*
*ENDFORM. " F_READ_DATA_VBAP*
** Form f_display_data_vbap*
*FORM f_display_data_vbap.*
*DATA:*
*ls_private TYPE slis_data_caller_exit,*
*ls_fieldcat TYPE slis_fieldcat_alv,*
*lt_fieldcat TYPE slis_t_fieldcat_alv.*
** Build the field catalog*
*m_fieldcat 'POSNR' 'VBAP'.*
*m_fieldcat 'MATNR' 'VBAP'.*
*m_fieldcat 'ARKTX' 'VBAP'.*
*m_fieldcat 'KWMENG' 'VBAP'.*
*m_fieldcat 'NETWR' 'VBAP'.*
*ls_private-columnopt = c_x. " Optimize width*
** Display items in a POPUP*
*CALL FUNCTION 'REUSE_ALV_POPUP_TO_SELECT'*
*EXPORTING*
*i_selection = ' '*
*i_tabname = 'GT_VBAP'*
*it_fieldcat = lt_fieldcat*
*is_private = ls_private*
*TABLES*
*t_outtab = gt_vbap.*
*ENDFORM. " F_DISPLAY_DATA_VBAP*
***************** END OF PROGRAM Z_ALV_GRID_AND_POPUP *******************
reward if helpful
raam -
Can Cisco Prime Infra 2.1 work as syslog server
Hello all,
Customer want Cisco Prime Infra 2.1 to work as syslog server. they want to query text in syslog and get raw log file from Cisco Prime Infra. but when i see in user interface. I think that it cannot query and search text in syslog. but i am not sure whether we can get raw log file per devices from Cisco Prime Infra. Can anyone know about this.?
thanks
sompojHi Sompoj,
In the prime infrastructure Syslogs are directly read from udp port 514 and then filtered
, the non SEV1 and SEV2 syslogs will be dropped and will not be entered into db . The
syslog messages will not be saved into log files .
Thanks-
Afroz
****Ratings Encourages Contributors **** -
Cisco Prime 4.2, Inventory group management and reports group
Hi
I have created some groups under Inventory > Group Management > Device. This works fine.
Then I want to create a monthly report for Reports > Performance > Device > Availability. Here I guessed I would find my groups created under inventory.
But I can se the groups, one group is duplicated, but all groups are empty. Under all devices, I can only see 6 og th devices but it should have been 122. Under the different subnet groups, there's no devices.
Should'nt I've seen the groups created under inventory when I want to make a report? Under the device list for quick report.
Br
GeirHm.... strange I've been looking around under Report, and looked at Inventory and Performance reports.
Inventory > Detailed Device shows all the devices and my groups.
Performance > Device > Availability show just 6 out of my 122 devices.
Under Inventory > Group Managment > Device I have a group called Datasenter.
Under Performance > Device > Availability I can see 2 of these groups, but their both empty.
When i delete this group, one of them dissapeer from Under performance. WHen I create it again, it comes back but empty.
Something must be corrupt.
Geir -
Cisco Prime Rogue AP Report - No Rogues from 3702 Series AP's
I am running Cisco Prime Infrastructure (2.1) that manages a Cisco 5508 WLC (7.6). We have multiple version of AP's managed by this WLC to include 1142, 2602, 3702, etc...In Cisco prime when we run a Rogue AP Report. None of the Rogue AP's discovered by 3702's are displayed in the report. The Rogues show on the WLC though from all AP's. Cannot find a reason for this. Any ideas?
The Rogue alarm state always stays on "removed" once deleted
CSCuo91446
Description
Symptom:
Once one of the alarm of rogue AP is deleted the newer rogue AP alarm changed to removed state even for different mac address.
Because of the removed state the detecting AP which detected the rogue is not displayed
Conditions:
1) Auto SPT is turned on
2) Prime 2.0 or 2.1
Workaround:
Click on refresh from network for each alarm in removed state or disable auto spt
Last Modified:
Jun 30,2014
Status:
Fixed
Severity:
3 Moderate
Product:
Cisco Prime Network Control System Series Appliances
Known Affected Releases:
(1)
2.1(0.0.1) -
Cisco Prime Infrastructure - Is there a report of unused switch ports?
Hello,
Is there a report in Cisco Prime Infrastructure 1.4 showing the unused switch ports?
There used to be one in Cisco Prime LMS (Reclaim Unused Up/Down Ports Report).
Thank you,
LukeHello,
I now have Cisco Prime Infrastructure 2.0 running, and I don't see a report like the "Reclaim Unused Up/Down Ports" report that existed in LMS.
I found one called "Interface Capacity", but it only shows the number of ports that are "connected", "notconnect" or "disabled".
Does anyone know if a report of Unused ports exists in Prime Infrastructure 2.0 or if it will be available later on?
Thank you,
Luke -
Hi can anybody suggest me how to do classical interactive report
<<These are not training forums and there is plenty of material available. Try google ).
hi guys
i am new to oops
i want to do classical interactive report in oops with all events
can anybody suggest me how to do that
can if possible send one program on classical interactive report
thanks & regards
kals.
Edited by: Matt on Jan 18, 2010 9:46 AM203 (188 unresolved)
Outstanding numbers!!! With this statistic I would rather afraid of my next posts being locked by moderator.
Regards
Marcin -
Cisco 5505 VPN assistance - Resending P1 and Peer to Peer List No match
Hello and thanks in advance to anyone that can help me with the IPSec connection. the VPN were working when i first created them but now they wont connect. Here is the error on the primary (local) firewall: (yes i know the time isnt set yet on the firewall)
4|May 17 2007|13:51:55|713903|||||IP = X.X.X.X, Error: Unable to remove PeerTblEntry
3|May 17 2007|13:51:55|713902|||||IP = X.X.X.X, Removing peer from peer table failed, no match!
6|May 17 2007|13:51:55|713905|||||IP = X.X.X.X, P1 Retransmit msg dispatched to MM FSM
5|May 17 2007|13:51:55|713201|||||IP = X.X.X.X, Duplicate Phase 1 packet detected. Retransmitting last packet.
6|May 17 2007|13:51:47|713905|||||IP = X.X.X.X, P1 Retransmit msg dispatched to MM FSM
5|May 17 2007|13:51:47|713201|||||IP = X.X.X.X, Duplicate Phase 1 packet detected. Retransmitting last packet.
The local firewall has one VPN configured and the remote has 2 (1 working and the other not): Local Firewall is Base licensing with 3DES. As far as I can tell they have the same VPN parameters but maybe the remote has pfs1 turned on? Ive played with various settings and cant seem to get it to work. The cryptomap has the same firewall rules in it (obviously reversed on remote). Any help much appreciated! I Have a third site doing exactly the same thing (once again also works on another site to site but not this one). It's weird because I used the IPSec wizard and got it to work and rebooted the ASA and tunnel came up yet again but now my debug log is just full of this info and tunnels never come up.....the only time it was up was for a few hours then wont come up anymore...odd..
Local Fire Wall:
hostname ciscoasa
names
name 172.25.42.0 MASALan
name 172.25.7.0 FHR
name 172.25.43.0 MR
interface Vlan1
nameif inside
security-level 100
ip address 172.25.6.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 10.10.10.30 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
switchport access vlan 2
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
boot system disk0:/asa821-k8.bin
ftp mode passive
dns server-group DefaultDNS
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network inside-network
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object ip
protocol-object icmp
protocol-object igmp
protocol-object gre
object-group protocol DM_INLINE_PROTOCOL_2
protocol-object ip
protocol-object icmp
protocol-object igmp
protocol-object gre
object-group network DM_INLINE_NETWORK_4
network-object MASALan 255.255.255.0
network-object MR 255.255.255.0
object-group network DM_INLINE_NETWORK_6
network-object 172.25.6.0 255.255.255.0
network-object FHR 255.255.255.0
object-group protocol DM_INLINE_PROTOCOL_3
protocol-object ip
protocol-object icmp
protocol-object igmp
protocol-object gre
object-group network DM_INLINE_NETWORK_3
network-object 172.25.6.0 255.255.255.0
network-object FHR 255.255.255.0
object-group network DM_INLINE_NETWORK_5
network-object MASALan 255.255.255.0
network-object MR 255.255.255.0
access-list outside_2_cryptomap extended permit ip 172.25.6.0 255.255.255.0 MASALan 255.255.255.0
access-list NONAT extended permit ip any 172.25.4.0 255.255.255.0
access-list NONAT extended permit ip 172.25.6.0 255.255.255.0 MASALan 255.255.255.0
access-list NONAT extended permit ip FHR 255.255.255.0 MR 255.255.255.0
access-list NONAT extended permit ip object-group DM_INLINE_NETWORK_3 object-group DM_INLINE_NETWORK_5
access-list outside_access_in extended permit object-group DM_INLINE_PROTOCOL_3 object-group DM_INLINE_NETWORK_4 object-group DM_INLINE_NETWORK_6
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool RemotePool 172.25.4.1-172.25.4.2 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-621.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list NONAT
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 10.10.10.1 1
route inside 172.25.1.0 255.255.255.0 172.25.6.2 1
route inside 172.25.2.0 255.255.255.0 172.25.6.2 1
route inside 172.25.8.0 255.255.255.0 172.25.6.4 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 172.25.0.0 255.255.0.0 outside
http 172.25.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map outside_map 2 match address outside_2_cryptomap
crypto map outside_map 2 set peer 216.183.157.158
crypto map outside_map 2 set transform-set ESP-AES-128-SHA
crypto map outside_map 2 set security-association lifetime kilobytes 4608000
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
no crypto isakmp nat-traversal
telnet timeout 5
ssh 172.25.0.0 255.255.0.0 inside
ssh 172.25.6.0 255.255.255.0 inside
ssh 172.25.0.0 255.255.0.0 outside
ssh timeout 60
console timeout 0
management-access inside
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol IPSec
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
vpn-filter none
vpn-tunnel-protocol IPSec
tunnel-group osfdremote ipsec-attributes
pre-shared-key *
tunnel-group X.X.X.X type ipsec-l2l
tunnel-group X.X.X.X general-attributes
default-group-policy GroupPolicy1
tunnel-group X.X.X.X ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname context
REMOTE FIREWALL
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group CHN
ip address pppoe setroute
ftp mode passive
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network DM_INLINE_NETWORK_1
network-object 172.25.42.0 255.255.255.0
network-object RFN 255.255.255.0
object-group network DM_INLINE_NETWORK_2
network-object RHQASAnet 255.255.255.0
network-object RHQNet 255.255.255.0
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object ip
protocol-object gre
protocol-object tcp
object-group network DM_INLINE_NETWORK_3
network-object 172.25.42.0 255.255.255.0
network-object RFN 255.255.255.0
object-group network DM_INLINE_NETWORK_4
network-object FHData 255.255.255.0
network-object FHR 255.255.255.0
object-group protocol DM_INLINE_PROTOCOL_2
protocol-object ip
protocol-object gre
protocol-object tcp
access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit tcp any any eq www
access-list outside_cryptomap extended permit ip object-group DM_INLINE_NETWORK_1 RHQASAnet 255.255.255.0
access-list inside_nat0_outbound extended permit ip RFN 255.255.255.0 RHQNet 255.255.255.0
access-list inside_nat0_outbound extended permit ip 172.25.42.0 255.255.255.0 RHQASAnet 255.255.255.0
access-list inside_nat0_outbound extended permit ip any 192.168.5.0 255.255.255.240
access-list inside_nat0_outbound extended permit ip 172.25.42.0 255.255.255.0 FHData 255.255.255.0
access-list inside_nat0_outbound extended permit ip RFN 255.255.255.0 FHR 255.255.255.0
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any object-group DM_INLINE_NETWORK_2
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_2 any object-group DM_INLINE_NETWORK_4
access-list outside_cryptomap_1 extended permit ip object-group DM_INLINE_NETWORK_3 FHData 255.255.255.0
no pager
logging enable
logging asdm debugging
mtu inside 1500
mtu outside 1500
ip local pool 192.168.5.1 192.168.5.1-192.168.5.10 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 101 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 101 0.0.0.0 0.0.0.0
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 10.110.10.1 1
route inside RFN 255.255.255.0 172.25.42.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 172.25.0.0 255.255.0.0 inside
http 10.7.72.0 255.255.255.0 inside
http 192.168.5.0 255.255.255.0 inside
http 192.168.5.0 255.255.255.0 outside
http RHQNet 255.255.255.0 inside
http RHQASAnet 255.255.255.0 inside
http RHQASAnet 255.255.255.0 outside
http RHQNet 255.255.255.0 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map0 2 match address outside_cryptomap_1
crypto map outside_map0 2 set peer Y.Y.Y.Y
crypto map outside_map0 2 set transform-set ESP-AES-128-SHA
crypto map outside_map0 2 set security-association lifetime seconds 28800
crypto map outside_map0 2 set security-association lifetime kilobytes 4608000
crypto map outside_map0 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map0 interface outside
crypto isakmp enable outside
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 0.0.0.0 0.0.255.255 inside
telnet 172.25.0.0 255.255.0.0 inside
telnet 192.168.5.0 255.255.255.0 inside
telnet 192.168.5.0 255.255.255.0 outside
telnet timeout 5
ssh 192.168.5.0 255.255.255.0 inside
ssh 192.168.5.0 255.255.255.0 outside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
vpn-tunnel-protocol IPSec
group-policy remotevpn internal
group-policy remotevpn attributes
vpn-tunnel-protocol IPSec
vpn-group-policy remotevpn
tunnel-group Y.Y.Y.Y type ipsec-l2l
tunnel-group Y.Y.Y.Y general-attributes
default-group-policy GroupPolicy1
tunnel-group Y.Y.Y.Y ipsec-attributes
pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
policy-map global-policy
class inspection_default
inspect pptp
service-policy global_policy global
prompt hostname contextMay 18 08:13:03 [IKEv1 DEBUG]: IP = X.X.X.X, IKE MM Responder FSM error hi story (struct &0xd578cda0) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_RESEND_MSG-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2 , EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_RESEND_MSG-->MM_W AIT_MSG3, NullEvent
May 18 08:13:03 [IKEv1 DEBUG]: IP = X.X.X.X, IKE SA MM:8e338e16 terminatin g: flags 0x01000002, refcnt 0, tuncnt 0
May 18 08:13:03 [IKEv1 DEBUG]: IP = X.X.X.X, sending delete/delete with re ason message
May 18 08:13:03 [IKEv1]: IP = X.X.X.X, Removing peer from peer table faile d, no match!
May 18 08:13:03 [IKEv1]: IP = X.X.X.X, Error: Unable to remove PeerTblEntr
Is the result and then it repeats =) -
Is cisco prime infrastructure support / can be run as syslog server?
Dear All,
is cisco prime infrastructure support / can be run as syslog server?
and,
where i can see network topology diagram, using cisco prime infrastructure?
many thanks,
JerriHello. Cisco Prime LMS will be replaced by Cisco Prime Infrastructure in the near future.
In the current release of Cisco Prime Infrastructure you can't use topology diagrams. This feature is in roadmap.
About syslog, you can send syslogs to Cisco Prime Infrastructure, but I don't recommend using it as syslog server. Please see this link for more information https://supportforums.cisco.com/thread/2179520
Please rate if this helps -
How can I get CDP neighbor information from access point reports in Cisco Prime 2.0
How can I get CDP neighbor information from access point reports in Cisco Prime 2.0? I have looked through all the reports and I cannot find a report that gives me the CDP neighbor information of an access point. I thought that information was in there, however I cannot seem to find it.
Thanks in advance!Hi
You can get this from an inventory report in PI (Select Report Type AP). Here is an example of PI 2.1 works for me. Once you export this into excel you can sort based on controllers & filter the single controller connected AP you want.
Regards
Rasika
**** Pls rate all useful responses **** -
Can't import images in cisco prime infrastructure 1.2
- Any job , trying to import images, in my cisco prime infrastructure fails with :
Jan 14 13:14:53 cisco-prime 01/14/13 13:15:18.040 ERROR [service] [pool-4-thread-19] IFM_SWIM_EXCEPTION: [com.cisco.ifm.swim.service.exception.IfmSwimParserException: Cannot populate software image info object from the image.]
How I can I solve this one ?
Tx,
M.I seem to have the same problem, strangely enough importing a universal image for 2960s worked fine, but I get thos error when trying to import a 3750x image
-
My Cisco Prime Infrastructure ver. 1.2.1.12
Cisco Prime Infrastructure - I can't see the hardware virtual image when I selected a device managed by Prime Infrastructure. See attached picture.
Please let me know how to access or enable the feature.
Thanks,
TekThis is by no means a full solution, but deleting and re-adding only takes a few minutes if you use the "Export Device" and "Bulk Import" features from the Device Work Center. You can export the desired devices to a CSV file, delete them, then import from the CSV.
Of course, you might lose historical data when deleting the devices, but I'm guessing that's not as relevant since the devices themselves have been replaced by different hardware. -
Cisco Prime Infrastructure 2.2 - can we load PI2.2 on UCS-E140S-M2/K9 -
I am busy with an iWAN design and part of the solution is to have Cisco Prime deployed as a management tool.
The customer does not have VM and do not want an appliance.
The design caters for the new ISR4400 series routers.
We can add a UCS-E single wide server to the Core Router - UCS-E140S-M2/K9- can I load PI2.2?
The site will have 45 routers, 10 AP's - so will go with 50 lifecycle and assurance licencesI'm afraid this is supported officially. There are only two options :
> Installing as a virtual appliance - on an ESXi server.
> Using Cisco Physical Appliance
Installing directly on another hardware, be it UCS or other physical boxes is not supported. I am not sure if anyone would have tried to install and if there is a procedure to do so.
I can you want to try to burn the image as iso on DVD and install on your UCS box, it may have support issues from TAC whenever you'll reach out.
-Thanks
Vinod
**Encourage Contributors. RATE Them** -
Can i install Cisco prime infrastructure 1.3 with 1.1 license.
Can i install Cisco prime infrastructure 1.3 with 1.1 license.To be more precise it will be fresh installation
but the licenses I have is of 1.1.As per my overview from Cisco prime Infrastructure 1.2 NCS and NCS(WAN)
has been bundled into one service.But both were seperate entities in Cisco Prime Infrastructure 1.1.It doesn't matter if you want to make a new installation or an upgrade. The questions is the license.
The base license is necessary for network management nodes (devices). But to get updates for your system you need the additional to your Base License the Lifecycle License (which can be ordered for 12, 24 or 36 months).
The Lifycycle License is also based on the number of managed devices. In your case 50 devices. So you have that License - congratulations!
Otherwise order the Lifecycle License for 50 devices (L-N-PI12-50-M). This generates CON-PSUU-PI12LF50 for 12 months, list price 414,81$. Then Upgrade from 1.1 to 1.2, patch the system and upgrade to 1.3.
Have fun,
Chris -
Can we upgrade IOS in WLC 5508 through CISCO prime?
I have CISCO prime 2.0 and CISCO WLC 5508 HA SSO pair.
I would like to upgrade the software code for the WLC HA pair.
Can I do through the CISCO prime ......
As per the link :http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-43571
1. After the WLCs are configured in the HA setup, the Standby WLC cannot be upgraded directly from the TFTP/FTP server.
Prime do the upgrade through FTP server , so will it be ok if we do the upgrade through it, for HA WLC.Please check this link to upgrade wLC software in HA setup.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html
Once the Primary WLC complete the upgrade , it will transfer the entire image to the Standby WLC via the Redundant Port.
Regards
Dont forget to rate helpful posts
Maybe you are looking for
-
How do I get back my missing Personal Hotspot on My ipad mini?
I had t before and I don't know what I did but its missing. I tried resetting Network settings, restoring but nothing works.
-
Reinstalling Acrobat Printer?
How do I reinstall the Adobe Acrobat PDF 9.0 printer? Thanks!
-
How do I add an Hebrew keyboard?
How do I add an Hebrew keyboard?
-
TCP Syslog output for routers and switches
I am installing a Log Correlation Server at a Customer site whom is very heavy Cisco. I have a 3825 at their Border, ASA boxes on both sides of the DMZ, and 40 + cisco Switches in the Infrastructure routing between Production VLAN's. One of the featu
-
Callers can barely hear me when making a phone call
Hello! For the last 3 days, whenever I am talking on the phone the other person says they can barely hear me, that my voice is too low. My volume during calls is at the maximum and I haven't changed any settings. Can someone please help? I have no id