Cisco Prime Infrastructure 1.3 - SNMPv3 can´t get CPU, memory info.
Hi,
I have a Cisco Prime Infrastructure 1.3 deployment with Catalyst 2960S switches. Switches are running IOS 15.0(2) SE2. All switches have SNMPv2 configured, and all appears to be fine. I'm migrating one switch to SNMPv3, and PI have reachability to the switch, but PI doesn´t receive traps from the switch, and neither poll CPU and memory information (all displays 0.00%).
Somebody have a sample configuration of SNMPv3 with Cisco Prime (Infrastructure or LMS)? I cannot find a Cisco official (or unofficial) document related to this version, usually all mention SNMPv2.
Thank you.
Eduardo
Hi Eduardo:
SNMPv3 is indeed supported for general administration. There's a bug with SWIM using SNMPv3 (CSCud92758), but you should be fine for just monitoring. Have you deleted the switch, waited until Prime Infrastructure told you it was gone, then readded it as SNMPv3 natively? Bug CSCug78869 keeps things from working well when changing SNMP versions.
If you don't have the new Update-1 patch for Prime Infrastructure 1.3.0.20 installed (filename PI_1.3.0.20_Update_1-12.tar.gz) installed, I'd suggest you get it. While it's not going to specifically address this issue, there are a lot of really good fixes in it.
Release Notes for Update 1 for Cisco Prime Infrastructure 1.3.0.20
Similar Messages
-
Cisco prime infrastructure 1.3 makes every 15 minutes cpu high on cisco 800 routers
I have an issue with cisco prime infrastructure 1.3 and cisco 880 routers, every 15 minutes the cpu goes to 100% on those routers, but I cannot find the job on the prime which is causing this, if I look in the job dashboard I have some jobs like sam_poller_22_15_getvpnpoller_27977292 that runs every 15 minutes (other jobs that I see CDBPoller_dmvpnPoller and CDBPoller_getvpnpoller) , probably is it on of these jobs, but how can I stop it (job type : poller job, owner =system) and what are they doing?
thanks for any assistanceThis is what i expected. I know many platform like 29xx/39xx or ISR's has known issues with Cisco Prime Infrastructure when it polls CISCO-LICENSE-MGMT-MIB, devices go high on CPU.
You have to block clmgmtLicenseInfoEntry by creating a view on your 800 router by configuring snmp view.
Following is the command/example:
Step 1: Configure SNMP View:
snmp-server view iso included
snmp-server view clmgmtLicenseInfoEntry excluded
Link community string to SNMP View:
snmp-server community view ro|rw
Example per your configuration:
snmp-server view PrimeInfra iso included
snmp-server view PrimeInfra clmgmtLicenseInfoEntry excluded
snmp-server community ArgSnmp view PrimeInfra RO ACLSNMP_RO
OR you can try following on your Cisco PI:
Manually update file below,
Open the /opt/CSCOlumos/conf/sam/template.xml, modify the template id=20 (licensePoller)
Update tag for value 600 to 86400 for all attrributes () of
template id =20
Old: 600
New: 86400
Some known bugs on such issues are :
CSCug97914 and CSCuc72024
Please check and let me know the updates.
-Thanks
Vinod
**Rating Encourages contributors, and its really free. ** -
Can't import images in cisco prime infrastructure 1.2
- Any job , trying to import images, in my cisco prime infrastructure fails with :
Jan 14 13:14:53 cisco-prime 01/14/13 13:15:18.040 ERROR [service] [pool-4-thread-19] IFM_SWIM_EXCEPTION: [com.cisco.ifm.swim.service.exception.IfmSwimParserException: Cannot populate software image info object from the image.]
How I can I solve this one ?
Tx,
M.I seem to have the same problem, strangely enough importing a universal image for 2960s worked fine, but I get thos error when trying to import a 3750x image
-
Cisco Prime Infrastructure 1.2 with SNMPv3
Dears,
I am trying to add a router on Cisco Prime Infrastructure 1.2 using snmpv3 (authpriv, sha & aes256). When i go to device work center and add a device, i cannot find the AES-256 in the privacy options. Only None, DES, and AES-128 are available.
Is there any workarround?
Please advise.
MoustafaPI only supports SNMP privacy up through AES-128 at this time. Reference the guide section on adding an new SNMP credential entry.
Additionally there is a bug with SNMP v3 support in PI 1.2. It should be resolved in PI 1.3. -
My Cisco Prime Infrastructure ver. 1.2.1.12
Cisco Prime Infrastructure - I can't see the hardware virtual image when I selected a device managed by Prime Infrastructure. See attached picture.
Please let me know how to access or enable the feature.
Thanks,
TekThis is by no means a full solution, but deleting and re-adding only takes a few minutes if you use the "Export Device" and "Bulk Import" features from the Device Work Center. You can export the desired devices to a CSV file, delete them, then import from the CSV.
Of course, you might lose historical data when deleting the devices, but I'm guessing that's not as relevant since the devices themselves have been replaced by different hardware. -
Can i install Cisco prime infrastructure 1.3 with 1.1 license.
Can i install Cisco prime infrastructure 1.3 with 1.1 license.To be more precise it will be fresh installation
but the licenses I have is of 1.1.As per my overview from Cisco prime Infrastructure 1.2 NCS and NCS(WAN)
has been bundled into one service.But both were seperate entities in Cisco Prime Infrastructure 1.1.It doesn't matter if you want to make a new installation or an upgrade. The questions is the license.
The base license is necessary for network management nodes (devices). But to get updates for your system you need the additional to your Base License the Lifecycle License (which can be ordered for 12, 24 or 36 months).
The Lifycycle License is also based on the number of managed devices. In your case 50 devices. So you have that License - congratulations!
Otherwise order the Lifecycle License for 50 devices (L-N-PI12-50-M). This generates CON-PSUU-PI12LF50 for 12 months, list price 414,81$. Then Upgrade from 1.1 to 1.2, patch the system and upgrade to 1.3.
Have fun,
Chris -
Is cisco prime infrastructure support / can be run as syslog server?
Dear All,
is cisco prime infrastructure support / can be run as syslog server?
and,
where i can see network topology diagram, using cisco prime infrastructure?
many thanks,
JerriHello. Cisco Prime LMS will be replaced by Cisco Prime Infrastructure in the near future.
In the current release of Cisco Prime Infrastructure you can't use topology diagrams. This feature is in roadmap.
About syslog, you can send syslogs to Cisco Prime Infrastructure, but I don't recommend using it as syslog server. Please see this link for more information https://supportforums.cisco.com/thread/2179520
Please rate if this helps -
When is Cisco Prime Infrastructure 2.0 released, and what does 2.0 offer?
We are running Prime Infrastructure 1.3 primarily for wireless management at this point. We have enough licenses to add all our switches, routers, and firewalls, but we're hesitant to do so until 2.0 comes out. While there are some features for backing up and configuring switches and routers, 1.3 still seems pretty limited in regards to non-wireless features. For example, nearly every report in 1.3 is for wireless controllers or AP's, there are no reports I've found relevent for switches and routers. I've read a lot of blogs, cisco posts, and white papers talking about how Cisco Prime Infrastrucure 2.0 will finally consolidate Prime into a truly all-in-one network management suite that can manage the entire Cisco environment. Does anyone know when it's officially being released? Does anyone have an tech sheets on what's new in 2.0, or what its capabilities are? I want to better understand what 2.0 has to offer, when it's coming out, how to upgrade, so I can start planning for the upgrade and eventually importing all our network devices to Cisco Prime for centralized management. Any useful information or links would be appreciated.
Thanks,
ChristianPI 2.0 is in Beta mode for testing in closed group already. However it may still take some time to get released on CCO for FCS.
I think it is expected to be released between aug-sep. BU has also started working on CPI 2.1, which you can see test uploads on CCO.
For what does it have for customers?
> As Cisco have a vision of one network Management software for both wired and wireless infrastructure, which started getting real partially with Cisco PI.
As WCS got evolved to NCS and eventually to Cisco Prime Infrastructure, but it doesnt yet have full Management capability for wired infra., which is there with LMS.
With CPI 2.x Cisco plans to blend entire LMS and WCS features together.
-Thanks -
Cisco Prime Infrastructure 2.0 and Cisco ASA
Hello,
We've recently installed trial version of Cisco Prime Infrastructure 2.0 Express. We hoped that it already supports Cisco ASA 55xx series (especially 5505, we have pretty amount of them). But we had some problems with PI and asa durind the exploitation process.
First, I've added ASA to PI, and Inventory Collection Status is Completed, but I can't see CPU and RAM utilization graphs. Inventory.logs are non-informative.
Also, config backup is success, but when I try to watch the backuped configuration at Configuration Archive PI says "Failed to fetch raw configuration". And so on.
ASA version is 5505, image is 9.1(2).
So, I have a question: is it possible to manage ASAs with PI 2.0?
UPD: I've just tried to upgrade asa to 9.1(4), and behavior of the equipment is quite the same. Seems we shall wait for 9.2 to be released.Have you downloaded and applied the latest Device Pack updates?
PI enhanced ASA support after the initial 2.0 release and the Device Packs incorporate that change.
The README file for Device Packs explains how to install them. (A bug currently does not allow the direct download in PI so you need to follow the method for installation from local storage after you manually download. Here is a link to the download location. -
Cisco Prime Infrastructure 2.0 - no traps/info are pushed from devices
Good evening,
I have setup Cisco Prime Infrastructure 2.0 and, though I have added manually my 4 network cores as devices without any problem, I can't get a single trap or a single SNMP information to be pushed into my Cisco Prime Infra.
Here is my SNMP config on my core :
snmp-server user *edited* *edited* v3
snmp-server group *edited* v3 noauth notify *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF0F
snmp-server community *edited* RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps flowmon
snmp-server enable traps transceiver all
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps rf
snmp-server enable traps memory
snmp-server enable traps cpu_threshold
snmp-server enable traps eigrp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps flex-links status
snmp-server enable traps fru-ctrl
snmp-server enable traps entity
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps ether-oam
snmp-server enable traps aaa_server
snmp-server enable traps flash insertion removal
snmp-server enable traps l2tc threshold sys-threshold
snmp-server enable traps power-ethernet police
snmp-server enable traps rep
snmp-server enable traps vswitch dual-active vsl
snmp-server enable traps udld link-fail-rpt status-change
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps entity-diag boot-up-fail hm-test-recover hm-thresh-reached scheduled-test-fail
snmp-server enable traps port-security
snmp-server enable traps ethernet evc status create delete
snmp-server enable traps energywise
snmp-server enable traps ipsla
snmp-server enable traps vstack
snmp-server enable traps bfd
snmp-server enable traps bgp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps isis
snmp-server enable traps msdp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps errdisable
snmp-server enable traps ethernet cfm alarm
snmp-server enable traps vlan-membership
snmp-server enable traps mac-notification change move threshold
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
snmp-server host *ip-address-edited* version 3 noauth *edited*
Basically all traps are enabled but absolutely nothing is showing up in my Prime Infra except that my 4 devices are "Reachable".
Here is a show snmp on the same device :
sh snmp
Chassis: *S/N Edited*
38554534 SNMP packets input
0 Bad SNMP version errors
14 Unknown community name
0 Illegal operation for community name supplied
0 Encoding errors
38453185 Number of requested variables
0 Number of altered variables
17790703 Get-request PDUs
20583581 Get-next PDUs
0 Set-request PDUs
0 Input queue packet drops (Maximum queue size 1000)
38490708 SNMP packets output
0 Too big errors (Maximum packet size 1500)
0 No such name errors
0 Bad values errors
0 General errors
38371069 Response PDUs
13 Trap PDUs
SNMP global trap: enabled
SNMP agent enabled
SNMP logging: enabled
Logging to *edited*, 0/10, 13 sent, 0 dropped.
Can anyone point out what is wrong or missing in my configuration? I can't seem to single it out myself.
Thanks
JeremyHi Jeremy,
SNMP traps are shown in the events and alerts section of PI.
SNMP config looks fine. Can you run the SNMP debug (debug snmp packets ) .check the logs and see if the device is actually sending the TRAPS to the PI server.
Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors **** -
Ciscoworks LMS 3.0 to Cisco Prime Infrastructure LMS 4.2
In order to complete the upgrade the LMS 3.x runs over a physical server that ends with the upgrade(server its gona be retired), the think is that the Cisco Prime comes with an UCS and its gona run over a VM. The question here is the "Cisco Prime Infrastructure 1.1 - Maj Upg from LMS 2.x/3.x" media could be runs as clean install, I mean with no LMS 3.x intalled before? an the "Prime Infrastructure LMS 4.2 - 1.5K Device Maj Upg Lic" could be registered with no license installed of LMS 3.x?
There are a couple of things to distinguish:
1. The product SKU you need to order to migrate from LMS 3 to LMS 4.2.
2. The license file that is installed on that new LMS server.
#1 is based on Cisco agreeing, usually through the partner or reseller you are working with, that you are entitled to order the upgrade SKU (vs. buy a complete new product). The upgrade SKUs are all listed in the ordering guide here.
L-PI12-1.5K-UP (note - NOT the 1.1 product description you noted in the original post) would be the SKU for a major upgrade from LMS 2.x/3.x to the current Prime Infrastructure 1.2 release at the 1500 device license level. That upgrade includes licenses for both PI 1.2 and Prime LMS 4.2. You may choose which to install - most LMS customers stick with LMS for now as PI 1.2 does not yet have full feature parity. Your managed devices should not exceed 1500 combined (in this case) but that combined number is not enforced technically by the product's license daemon.
Once you have purchased the product and have the media you can install it on any host that meets the installation prerequisites as far as OS, memory, disk etc. A clean installation of LMS does not check for or require a previous installation as far as technical checks.
#2 - Once you have installed the new LMS server (and optionally a step near the end of installation, you need to add in the license file (*.lic file). That is obtained through the Cisco licensing portal (or via the TAC if you prefer) using the Product Activation Key (PAK) received with your product. -
UPS monitoring support with Cisco Prime Infrastructure 1.2
Dear Members,
Good day,
I am having a project implemented wherein i have the UPS power redudancy solution for our network devices.
Now can anyone gide that is it possible for below :-
UPS units installed with SNMP cards be monitored via Cisco Prime Infrastructure 1.2 as our monitoring & management solution is Cisco Prime Infrastructure 1.2 ?
if yes
Can you guide if following action would be possible to export the below logs from UPS unit to our Cisco Prime Infrastructure 1.2
a) UPS fault status information
b) UPS operational status(input power available Y/N)
c) Battery fault status
d) Battery charging current
e) Battery charge level
f) Output current
Conclusion is we need to confirm that would it be posible to achieve remote monitoring of these UPS units via our CPI 1.2
Thanks in Advance for your support & replies to this query.
Regards,
Muzammil N.Prime Infrastructure 1.2 can manage non-Cisco devices in a limited fashion via SNMP query and trap processing. It cannot import logs and does not have a generic syslog server,
So if your devices have snmp read only support and can generate SNMP traps for the above you can add them to PI. Follow the manual add device procedure here. -
Cisco Prime Infrastructure patch 2.1.1 - HA issue
Hello,
I have a problem with the Cisco Prime Infrastructure patched to version 2.1.1. I did exactly what Installation Guidelines say:
http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-1-1/release/notes/cpi_rn.html
– Install the Prime Infrastructure 2.1.1 patch by using the Administration > Software Updates page on the primary server.
– Restart the primary server.
– Verify that the patch installation is complete. If you find the installation complete, decommission and reinstall the secondary server and add it back to the primary server.
I reinstalled HA server and I'm trying to add it to HA but I get "Failed to authenticate - Primary(xx.xx.xx.xx) and Secondary(xx.xx.xx.xy) PI version does not match"
Can you help me with that? What I'm doing wrong? or maybe this patch is not prepared to work in HA mode?
RegardsSymptom:
The installation instructions of PI 2.1.1 patch in a High Availability environment are not accurate and following these steps will result in the inability to re-pair the Primary and Secondary servers.
Conditions:
If the instructions are followed, then when the user attempts to re-pair the servers, an error will be encountered:
"High Availability Registration Failed - Failed to authenticate - Primary (x.x.x.1) and Secondary (x.x.x.2) PI version does not match".
Instead, the following steps have proved to work correctly:
1. Upload and install patch on primary.
2. Upload and install patch on secondary.
3. Stop NCS services on secondary
4. Stop NCS services on primary
5. Start services on secondary
6. Start services on primary
7. Re-pair HA servers from primary
Workaround:
Workaround 1:
On the secondary, go under root and issue:
# cd /opt/CSCOlumos/bin/
# ./hamode.sh primary
Answer 'yes' when prompted.
Go to admin user and execute
# ncs stop
After the services are stopped:
# ncs start
When the services are back up, login to the secondary GUI as you would login to a primary server
Go under Administration > Software update, upload the patch and install it.
Go to admin user and execute
# ncs stop
After the services are stopped:
# ncs start
When the services are up, go under root and issue:
# cd /opt/CSCOlumos/bin/
# ./hamode.sh secondary
Answer 'yes' when prompted.
Go to admin user and execute
# ncs stop
After the services are stopped:
# ncs start
After the message that services started successfully on the secondary, initiate a new High Availability configuration from the primary. Now the synchronization between the two servers should succeed.
Workaround 2:
Redeploy or reinstall the Primary server, restore the backup which was taken prior to applying the patch, reconfigure the High Availability and continue with the steps described in the Conditions section.
Further Problem Description:
Release Notes have been updated with more precise instructions.
Known Affected Releases:
(1)
2.1(0.0.85) -
CISCO PRIME INFRASTRUCTURE 1.2 NCS ERROR
Hi everyone,
can anyone put through on this, i'm having issue starting the ncs server on cisco prime infrastructure 1.2 .below is the message i get when i do show ncs status:
NGPHC-CPR001/admin# ncs status
Health Monitor is running, with an error.
failed to start NCS on startup Health Monitor
Reporting Server is running
Ftp Server is running
Database server is running
Tftp Server is running
Matlab Server is running
NMS Server is stopped.
SAM Daemon is not running ...
DA Daemon is not running ...
Syslog Daemon is not running ...
status
thanks.Hi Marvin,
Its has never worked. This is the first time i am installing it.
I haved done as you adviced but still getting the same error as stated above.
Please is there another way out.
thanks. -
Cisco Prime Infrastructure 1.2 with Cisco Prime Network Control System Hardware Appliance
Hi Team,
I have following BOM
Cisco Prime Infrastructure
R-PI-1.2-K9
Cisco Prime Infrastructure 1.2
1
R-PI-1.1-500-K9
Prime Infrastructure 1.2 Software - 500 Device Base Lic
1
L-PILMS42-500
Prime Infrastructure LMS 4.2 - 500 Device Base Lic
1
L-PINCS12-500
Prime Infrastructure NCS 1.2 - 500 Device Base Lic
1
PRIME-NCS-APL-K9
Cisco Prime Network Control System Hardware Appliance
1
PI-APL-IMAGE-1.2
Cisco Prime Infrastructure 1.2 Appliance Software
1
Pls let me know if we have both NCS and LMS preinstalled with Cisco Prime Infrastructure 1.2 Appliance Software orwe need seperate appliance or server for LMS 4.2.
RegardsHi Scott,
Thanks for the response but I got to know that LMS and NCS are combined in single ISO image from PI 1.2 and can be installed on the same physical NCS appliance.
Can you pls check this.
Regards
Maybe you are looking for
-
Hello, pls help me...wht is third party payment report and wht are tables are used for ths report .....pls explain brifly....urgent.. Thanks, srinivas..
-
HT204370 How do I download a purchased movie from the cloud to my iPad I?
How do I download a purchased movie from the cloud to my iPad I?
-
Binding parameter value pass to VO's query which contain IN clause
Dear All, This based on "IN" clause of VO's query ex: Following query contain in a VO SELECT DISTINCT d.dep_id, d.dep_name, e.emp_name from Department d, Employee e where d.dep_id = e.dep_id and e.emp_type IN (:param) In here query consist with IN cl
-
Hi everyone. I gifted an album (Beyonce) to someone as a Christmas present, I bought it last Dec 23 and scheduled it to be delivered on the 25th. But still she haven't receive any redeem code or email from itunes until now. Tried to resend it many ti
-
HP Pavilion dv6 Notebook PC Battery Adapter Message
I have an HP Pavilion dv6 Notebook (product # A5F76AV) and recently every time I plug it in with the adapter that was provided with it, a message in a box appears on the bottom right hand corner of my screen saying that I need a higher power adapter