Managing Prime Infrastructure 1.2 with MS IAS Radius

Similar Messages

• Can i install Cisco prime infrastructure 1.3 with 1.1 license.

  Can i install Cisco prime infrastructure 1.3 with 1.1 license.To be more precise it will be fresh installation
  but the licenses I have is of 1.1.As per my overview from Cisco prime Infrastructure 1.2 NCS and NCS(WAN)
  has been bundled into one service.But both were seperate entities in Cisco Prime Infrastructure 1.1.

  It doesn't matter if you want to make a new installation or an upgrade. The questions is the license.
  The base license is necessary for network management nodes (devices). But to get updates for your system you need the additional to your Base License the Lifecycle License (which can be ordered for 12, 24 or 36 months).
  The Lifycycle License is also based on the number of managed devices. In your case 50 devices. So you have that License - congratulations!
  Otherwise order the Lifecycle License for 50 devices (L-N-PI12-50-M). This generates CON-PSUU-PI12LF50 for 12 months, list price 414,81$. Then Upgrade from 1.1 to 1.2, patch the system and upgrade to 1.3.
  Have fun,
  Chris

• Prime Infrastructure 2.2 with Nexus 5672UP

  Hi
  I was wondering if anyone have managed to add Nexus 5672UP devices in Prime Infrastructure 2.2?
  I noticed that it is not in the device supported list of 2.2.
  I did however notice that the device is supported with Update Pack 7 in PI 2.1
  Was wondering if one could load Update Pack 7 for PI 2.1 for PI 2.2 or if there is an update pack for PI 2.2 that includes this device?

  Hi ,
  Device Type: Nexus 5672UP
  SYSOID: 1.3.6.1.4.1.9.12.3.1.3.1410
  This device will be supported by first or second week of Feb.
  Thanks-
  Afroz
  ***Ratings Encourages Contributors ****

• Cisco Prime Infrastructure 1.2 with Cisco Prime Network Control System Hardware Appliance

  Hi Team,
  I have  following BOM
  Cisco Prime Infrastructure
  R-PI-1.2-K9
  Cisco Prime Infrastructure 1.2
  1
  R-PI-1.1-500-K9
  Prime Infrastructure 1.2 Software - 500 Device Base Lic
  1
  L-PILMS42-500
  Prime Infrastructure LMS 4.2 - 500 Device Base Lic
  1
  L-PINCS12-500
  Prime Infrastructure NCS 1.2 - 500 Device Base Lic
  1
  PRIME-NCS-APL-K9
  Cisco Prime Network Control System Hardware Appliance
  1
  PI-APL-IMAGE-1.2
  Cisco Prime Infrastructure 1.2 Appliance Software
  1
  Pls let me know if we have both NCS and LMS preinstalled with Cisco Prime Infrastructure 1.2 Appliance Software orwe need seperate appliance or server for LMS 4.2. 
  Regards

  Hi Scott,
  Thanks for the response but I got to know that LMS and NCS are combined in single ISO image from PI 1.2 and can be installed on the same physical NCS appliance.
  Can you pls check this.
  Regards

• Cisco Prime Infrastructure 1.2 with SNMPv3

  Dears,
  I am trying to add a router on Cisco Prime Infrastructure 1.2 using snmpv3 (authpriv, sha & aes256). When i go to device work center and add a device, i cannot find the AES-256 in the privacy options. Only None, DES, and AES-128 are available.
  Is there any workarround?
  Please advise.
  Moustafa

  PI only supports SNMP privacy up through AES-128 at this time. Reference the guide section on adding an new SNMP credential entry.
  Additionally there is a bug with SNMP v3 support in PI 1.2. It should be resolved in PI 1.3.

• Prime Infrastructure SSH password with space

  Hi,
  We have Prime Infrastructure 1.2 installed and now starting to populate the inventory with the devices list.
  However, it seems like the system does not accept password with space character inside.
  Anyone knows the fix / workaround to make this work?
  Thanks.
  Johannes

  Hi ,
  As Per my understanding there is No workaround ,you can try special characters ,however SPACES are Not allowed
  Thanks
  Afroz

• Cisco Prime Infrastructure 2.1 GUI authentication via RADIUS server (Cisco ISE 1.2 integrated with AD)

  Hi,
  I want to access Cisco PI 2.1 GUI using my AD credentials, so on PI I've enabled RADIUS AAA Mode and added RADIUS servers (two ISE nodes in our case). On ISE I added PI as RADIUS client and configured the same keys. Next, on ISE I created authorization profile PRIME_ADMIN_ACCESS with only attribute settings defined:
  My authentication and authorization rules relating that case are as on following screenshots:
  So when I open GUI of PI and enter my AD credentials to log in I have no success and I receive following message:
  Looking in ISE's Authentication section I can see following:
  Time difference between these two authentication/authorizations is just 25 msecs and clicking on each of them reveals following:
  So at first I can authenticate and authorize (authorization profile has necessary attributes defined for PI management access (NCS:role0=Root, NCS:virtual-domain0=ROOT-DOMAIN)) and after 25 msecs I am getting failure. So what could be cause of such things and how I can successfully log in to PI GUI authenticating via ISE using AD credentials?

  Hi,
  -- Please Go to Administration > Logging > set the Message level to TRACE > Click save
  -- Then try to add the ISE.
  -- Once it fails, collect the logs from Administration > Logging > 
  check the "ncs-0-0.log"  & search the file for "ERROR" & paste the results here. This will give us exact reason.
  - Ashok
  Please rate the post or mark as correct answer as it will help others looking for similar information

• Create a user on Cisco Prime Infrastructure 1.3 with a script ?

  Hello, we have a visiting software that does not support Cisco Prime configuration.
  I was thinking that maybe I can write a script or something like that to create a Wireless User Account when a visitor signs in at our reception.
  Grabbing the login information from the database and then creating the account on the Cisco Prime.
  The script will run on another computer so a VBScript or something like that would be best.
  Is this possible ?
  I have googled for hours now and have found the API site but cannot make sense of it.
  I know how to get the information but inserting it in the Cisco Prime is what I am having trouble with.
  Could anyone here help me with an example or steer me in the right direction to learn how to do this ?

  Hi Hansruedi,
  Thanks you for your help and your time.
  I followed your recomandation until the fourth step.
  But after this step,  I lost the web page connection.
  I check nsc status but all is running :
  NMS still stopped. NMS must be running to have an access by web page ?
  I restart Prime (by reload command) but nothing changed.
  Thanks

• Cisco prime infrastructure 1.3 to 2.0

  Hello Guys I have an NCS (cisco prime) 1.3 in appliance model (IBM server) and we are wondering if we could upgrade it to 2.0 (with out virtualization)
  The 1.3 covers the 2.0 requirements.
  The reason for the upgrade is that we are hitting the cscud26027 Bug.
  Regards

  check the following link and also you can see to upgrade path from the diagram given below
  http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-infrastructure/data_sheet_c78-729088.html
  http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/2-0/release/notes/cpi_rn.html

• Prime infrastructure 1.2 licensing

  We have activated a new VM for the cisco PI,
  this substitutes an old NCS VM, so we have prepared for migration as decribedin the cisco documents
  all the procedures have been followed so the situation after installing pointpatch, backup application ncs, destroy NCS VM, deploy new PI VM that has been configured on the same basis of the old NCS and now active.
  before proceding with the restoration of the backup I have some question regarding the licenses
  we do own pak for:
  L-PILMS42-1.5K-U Prime Infrastructure LMS 4.2 - 1.5K Device Maj Upg Lic
  L-PI12-LF-1.5K-LIC Prime Infrastructure 1.2 - Lifecycle - 1.5K Device Lic PAK
  R-PI12-BASE-K9 Prime Infrastructure 1.2 Base License and Software
  and before restoring the ncs backup I'd like to ask some questions
  1) Does the system inheris the old (demo) license that was on the "old" NCS VM? (please consider that the VUDI has changed ad the VMware datastore is now different)
  2) Will the old VUDI be restored?
  3) after restoration of backup the machine will result unlicensed?
  4) Is there the risk of wireless service disruption?
  5) do I need to generate and apply licence before or after the restore?
  6) What licence do I need to register and apply to have PI functional?
  thank you

  Have you gone through the below link
  http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-infrastructure/guide_c07-714720.html

• Email Notifications on Prime Infrastructure 2.1

  Hi Everyone,
  I have a Cisco Prime Infrastructure 2.1 with almost 100 switches registered and managed properly. I have configured the Mail Server and alarm notifications are sent with no problems.
  The deal is that I don´t want to recieve alarm mails for every single device that is registered. Is it possible to recieve mails just for a group of devices? I was checking the Cisco documents but could not find something clear about this.
  Thanks for your help,
  Ricardo

  Hi Everyone,
  I have a Cisco Prime Infrastructure 2.1 with almost 100 switches registered and managed properly. I have configured the Mail Server and alarm notifications are sent with no problems.
  The deal is that I don´t want to recieve alarm mails for every single device that is registered. Is it possible to recieve mails just for a group of devices? I was checking the Cisco documents but could not find something clear about this.
  Thanks for your help,
  Ricardo

• Cisco Prime Infrastructure 2.2 UCS support (C24)

  Hi,
  I recently upgraded a CPI 2.1 server to 2.2 hoping that it would support monitoring and managing a customer's C24 server. Unfortunately I hadn't read the Supported Devices list (http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-infrastructure/products-device-support-tables-list.html) where it is stated that UCS C220 M3 and C240 M3 are supported, but none of the other models.
  When can I expect support for C24 M3 (OID:1.3.6.1.4.1.9.1.1685) and the other UCS models?
  Mikael

  Cisco just added the Compute work center and UCS support in PI 2.2. I suspect they used the C220 as a first target since that's the platform for the upcoming hardware appliance refresh.
  While they haven't announced future release plans, typically we see incremental device updates via the update packages - those have been coming out almost monthly with PI 2.1.
  I'd encourage you to submit enhancement requests via your Cisco account team if the feature is important to you. Customer feedback is one of the key elements in deciding what features the developers focus on.

• Migrate from Prime LMS to Prime Infrastructure

  I'm currently running CiscoWorks LMS 4.0.1 on Windows 2003 under VMware and just got upgrade licensing for Prime Infrastructure 1.2.  I am assuming that I will need to upgrade the current server to Prime LMS 4.2 in order to ensure that data migration to Prime Infrastructure goes well.  I am planning to follow Cisco's recommendation to run Prime LMS and Prime Infrastructure in parallel for a time and migrate individual functions.
  My real question is about Syslog handling.  All of the managed devices are currently sending Syslog data to LMS.  As a last step in the migration, is it possible to change the IP address of the Prime Infrastructure server to replace the Prime LMS server so that the Prime Infrastructure server will just start getting all the Syslog data, or do I need to go change hundreds of managed devices to point to a new address?
  Thanks for any help you can provide.

  Putting LMS up against Prime Infrastructure is like comparing Apples to Oranges.
  LMS is a very mature product and Prime Infrastructure is in it infancy stages...
  My suggestion would be to leave the current LMS system up and running; bring a Prime Infrastructure server up with a Demo License; add a few of each type of device to your Prime Infrastructure server; setup a proof of concept scenario to prove you can do everything in Prime as you can do in LMS.

• Prime Infrastructure License types

  I am trying to figure out the licensing with Cisco Prime Infrastructure...We are running 2.2
  I believe that we have just the base device License, I am trying to enable NetFlow on devices in the network, but I don't see anything in PI for NetFlow and I am thinking that I need additional license. There also seems to be all these Prime plugins or modules, whatever you want to call it but how do I look for those online? For example Data Center Network Management Module?

  Hi Brian, 
  You would need the "Assurance License" to be able to get the netflow data from your devices on Prime Infrastructure (PI).
  PI licensing guide with the part numbers explained:
  http://www.cisco.com/c/dam/en/us/products/collateral/cloud-systems-management/prime-infrastructure/presentation-c97-733532.pdf?mdfid=284422771
  Ram

• Cisco Prime Infrastructure 2.0 and ASA 55xx platform

  Hello,
  We recently upgraded to Prime Infrastructure 2.0 with the hope being able to manage our ASA's from PRIME (and complete an LMS migration).
  When I attempt to add ASA's to prime i get the following collection errors:
  Unable to collect processor and RAM information.          Processor and RAM information.          Unexpected error. See the log file inventory.log for details.
  In the logfile I get the following XML parsing error on the MIB:
  <palError>
    <deviceId>6284310032</deviceId>
    <code>VALIDATION_ERROR</code>
    <message>Failed to validate output XML: cvc-maxInclusive-valid: Value '3484331296' is not facet-valid with respect to maxInclusive '2147483647' for type 'int'.</message>
    <result>
      <result xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="/CISCO-MEMORY-POOL-MIB/xmp-im-file-system-module.xsd">
        <xmp-im-file-system-module>
          <MemoryPoolStatistics>
            <memoryPoolIndex>1</memoryPoolIndex>
            <free>4294967295</free>
            <largestFree>4294967295</largestFree>
            <used>3484331296</used>
          </MemoryPoolStatistics>
  To me it seems that the ASA returns a value that is bigger then int32 and thus causes an overflow? Any clues? Workarounds to add an ASA to Prime without checking these MIB'S?
  Regards,
  Marcel

  The X series (all with 64-bit SMP images) are not currently supported by PI 2.0. We can hope for a device update in the coming months to remedy that situation.
  If you click on the arrow next to the help icon in the top right of your PI and choose "Device Level Support" you will see:
  Cisco ASA-5500 Series Adaptive Security Appliances
  Features :
  Topology
  LLDP Neighbor Discovery
  CDP Neighbor Discovery
  Configuration
  Configuration Archive
  Software Image Management
  Monitoring
  Device Availability
  Reachability
  Inventory
  Physical
  System - Memory Pools
  Interfaces - IP
  Interfaces - Ethernet
  Device Type
  SYSOIDS
  S/W Version
  Software
  Cisco ASA-5510 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.1.669
  OID:1.3.6.1.4.1.9.12.3.1.3.447
  Cisco ASA-5510 Adaptive Security Appliance Security Context
  OID:1.3.6.1.4.1.9.1.773
  Cisco ASA-5520 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.1.670
  OID:1.3.6.1.4.1.9.12.3.1.3.448
  Cisco ASA-5520 Adaptive Security Appliance Security Context
  OID:1.3.6.1.4.1.9.1.671
  Cisco ASA-5540 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.1.672
  OID:1.3.6.1.4.1.9.12.3.1.3.449
  Cisco ASA-5540 Adaptive Security Appliance Security Context
  OID:1.3.6.1.4.1.9.1.673
  Cisco ASA-5560 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.12.3.1.3.454
  Cisco ASA-5550 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.1.753
  Cisco ASA-5550 Adaptive Security Appliance Security Context
  OID:1.3.6.1.4.1.9.1.763
  Cisco ASA-5505 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.1.745
  OID:1.3.6.1.4.1.9.12.3.1.3.560
  Cisco ASA-5580 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.1.914
  Cisco ASA-5585 Adaptive Security Appliance
  OID:1.3.6.1.4.1.9.1.1194
  OID:1.3.6.1.4.1.9.1.1195
  OID:1.3.6.1.4.1.9.1.1196
  OID:1.3.6.1.4.1.9.1.1197
  Cisco ASA-5585 Adaptive Security Appliance Security Context
  OID:1.3.6.1.4.1.9.1.1198
  OID:1.3.6.1.4.1.9.1.1199
  OID:1.3.6.1.4.1.9.1.1200
  OID:1.3.6.1.4.1.9.1.1201
  Cisco ASA-5585 Adaptive Security Appliance System Context
  OID:1.3.6.1.4.1.9.1.1202
  OID:1.3.6.1.4.1.9.1.1203
  OID:1.3.6.1.4.1.9.1.1204
  OID:1.3.6.1.4.1.9.1.1205
  Cisco ASA-5580 Adaptive Security Appliance Security Context
  OID:1.3.6.1.4.1.9.1.915
  Cisco ASA-5580 Adaptive Security Appliance System Context
  OID:1.3.6.1.4.1.9.1.916