Network Analysis Module SNMP Spoofing
I had a question about the recent NAM
vulnerability advisory for the Cat 6000,6500s. I am running OS v7.6(5).
Do I have to worry?
Thanks for your help.
-B
I hope the following link will guide you
http://www.cisco.com/en/US/products/sw/custcosw/ps1973/products_feature_guide_chapter09186a00803b7ddb.html
Similar Messages
-
Network Analysis Module - Capture File Download
Hello,
we have
NAM Moduels Network Analysis Module 3 WS-SVC-NAM-3-K9
installed in
6506-E
software version 6.0
We have generated some Capture files, that we now would like to Download at once. Not by clicking each file and make a single download.
There are some 2000 files, thats why :-)
Does anyone have an idea how to do that? Is there any direct access to the internal Hard Drive? I could not find anything in CLI or GUI Guides.
ThanksI attached a file with the 6509 config, sh snmp user and sh snmp result.
When I go to :
Setup > Managed Device > Device Information
I've got :
Access to the managed device failed. This may be due to
1. Incorrect managed device IP address.
2. Incorrect managed SNMP community string.
3. The managed device's SNMP access control list is enabled.
If the managed device's IP address or community string is incorrect, please use the input
fields below to set the correct IP address and SNMP read-write community string.
Otherwise, check if your managed device's SNMP access control list is enabled
and make sure that the NAM's IP address shown in the Test popup
window is included in the access control list.
I've got this result when I test SNMP connectivity on the 2220. I tested snmpv3 with authpriv, authnopriv, noauthnopriv.
Test Connectivity :
SNMP read from managed device: Failed
SNMP write from managed device: Failed
So I was thinking at some small license requirement for SNMPv3 as no packet were transmitted from the 2220. Unlike in SNMPv1 where I could capture the management packet. -
Network Analysis Module (NAM) port-adapter not collect data
Hi,
i have an issue for collect data on adapter 1, that don´t collect data but see that adapter 2 if collect data on module 4.
monitor session 1 source vlan 102 rx
monitor session 1 destination analysis-module 4 data-port 1
monitor session 2 source vlan 106 rx
monitor session 2 destination analysis-module 4 data-port 2
I reconfigured newly monitor and continues with that issue. Always ok by data-port 2.
- show version Cisco 6513
Cisco IOS Software, s72033_rp Software (s72033_rp-ADVENTERPRISEK9_WAN-M), Version 12.2(33)SXH7, RELEASE SOFTWARE (fc3)
. show version NAM
NAM application image version: 3.5(1b)
- sh module
Ports Card Type Model
8 Network Analysis Module WS-SVC-NAM-2
Hw Fw Sw Status
2.0 7.2(1) 3.5(1b) Ok
Any idea or cuestion?Hi,
I see web GUI that is active 2 monitor session with Destination Module 4.
Active SPAN Sessions
Monitor Session
Type
Source - Direction
Dest. Port
Dest. Module
Status
1
vlan
(106) - Rx
4/7
4 (local)
active
2
vlan
(102) - Rx
4/8
4 (local)
active
Select a SPAN session, then take an action
Create
Save
Add Dest. Port 1
Add Dest. Port 2
Edit
Delete
But don´t see data about DATA PORT 1, but if see data about DATA PORT 2
Data Source:
Most Active Applications (bytes/sec) No data available
Most Active Hosts (output bytes/sec)Total hosts 90 (Network) No data available
Protocol Suites No data available
Server Response Times (msec) No data available
Any ideas? -
Cisco Prime Network Analysis Module (NAM) 5.1
Hi I have NAM-2 with software version 4.2 installed in my network and i am making very good use of these module for troublshooting,
I can run multiple captures files at local disk simultaneously and i can decode real time any capture file which is running.
I want to clarify following things,
I upgraded one of my NAM2 from 4.2 to 5.1 but i see following differences,
I cannnot do multiple captures at local disk simultaneously. it is not allowing me to create 2nd capture at localdisk while one is already running while in 4.2 version i can run multiple captures to local disk.
Its mean if i have 40G local disk, it's mean, it become reserved for one capture untill i stop and save there,
Also i cannot decode running capture file real time untill i stop.
I would apprecite if someone can clarify, whether it was enhancement in NAM 5.1?
Configuring Capture Sessions
You can create up to ten capture sessions, and only one capture session per disk (local or external).
http://www.cisco.com/en/US/docs/net_mgmt/network_analysis_module_software/5.0_1_T/user/guide/capting.html#wp1252570NAM 5.x removes the ability to perform multiple captures to a single local disk because that results in unreliable capture behavior (packets may or may not be dropped depending on whether the disk can keep up with the data rate).
You should still be able to decode memory captures while running. For disk captures, the capture file must not be in use (i.e., for a multi-file capture, you can decode any file other than the one currently being written to). -
Install and configure Cisco Network Analysis Module NAM-2
Hi,
Does anyone have a step-by-step document on how to install and configure Cisco NAM-2 module ?
Thanks in advance.
Regards,
LamineHi Lamine,
The official installation guides for NAM software can be found here:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/prod_installation_guides_list.html
Is this what you are looking for?
Cheers,
Shane -
Network Analysis Module (NAM) appliance 2220 version 5.0.1 and SNMPv3
Hello,
Is there some patch requirement for SNMPv3 on the NAM appliance ?
I tried to do SNMPv1 on a 6509 with VSS it works fine and I could capture the packet of the SNMP request.
If I tried to move to SNMPv3, the communication failed and there is no SNMP packets transmitted from the NAM.
I was wondering if there is a patch requirement for the SNMPv3 (as for SSL or HTTPS) ?
Kind regards
CharlesI attached a file with the 6509 config, sh snmp user and sh snmp result.
When I go to :
Setup > Managed Device > Device Information
I've got :
Access to the managed device failed. This may be due to
1. Incorrect managed device IP address.
2. Incorrect managed SNMP community string.
3. The managed device's SNMP access control list is enabled.
If the managed device's IP address or community string is incorrect, please use the input
fields below to set the correct IP address and SNMP read-write community string.
Otherwise, check if your managed device's SNMP access control list is enabled
and make sure that the NAM's IP address shown in the Test popup
window is included in the access control list.
I've got this result when I test SNMP connectivity on the 2220. I tested snmpv3 with authpriv, authnopriv, noauthnopriv.
Test Connectivity :
SNMP read from managed device: Failed
SNMP write from managed device: Failed
So I was thinking at some small license requirement for SNMPv3 as no packet were transmitted from the 2220. Unlike in SNMPv1 where I could capture the management packet. -
I am trying to setup our cisco NAM's to authenticate against our open source tac_plus server. I see traffic on port 49 between the NAM and server but I keep on getting an invalid username/password error. I do not see any invalid logon attemps in our tacacs log.
The tacacs server running and I am able to authenticate against it when I am logging onto our routers and switches. I have created the following group for NAM authentication on the server ("namuser" is able to log onto our routers/switches):
group = nam {
cmd = web { permit capture
permit system
permit collection
permit account
permit alarm
permit view }
user = namuser {
member = nam
login = pam tac_plusswitch config
aaa new-model
aaa authentication username-prompt login:
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization commands 15 default group tacacs+ local
tacacs-server host x.x.x.x
tacacs-server directed-request
tacacs-server key ******** -
NAM(Network Analysis Module) Question
I have NAM-2(3.3.1 with patch 3.3.1)
I just installed NAM in Cat6509. and then monitiring.
I had configured SPAN(both and rx) to redirect whole traffic from cat6500 to NAM.
At this time, I didn't configure about Valns. Because, i know the the NAM(3.3.1 later) can gather whole valn in the Supervisor Engine whthout any configuration about Vlan.
I tried to watch the status of Vlans in the NAM's webpage menu. But i only can see one vlan. i couldn't see rest of them.
the web page told me "No data available".
How can i see rest of vlans?
Thank you...Have you enabled the collections for your span source under Setup->Monitor screen in the NAM Web GUI?
-
Cisco Network Analysis Module (NAM) data monitoring port
Hi, need some insight on this please. Your comments are appreciated.
My Cisco NAM 2220 comes with 10G data monitoring port, can I configure an IP address on this port for data monitoring?
or this data port can only support monitirong span, rspan, ersapn, vacl only (not for IP routing) and needs to be functioning in a promiscuous mode only?
Many thanks
JoeHi Lamine,
The official installation guides for NAM software can be found here:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/prod_installation_guides_list.html
Is this what you are looking for?
Cheers,
Shane -
How to store the data coming from network analyser into a text or excel file
Hii everyone
I'm using Agilent 8719ET network analyser and wish to store the data coming from netowrk analyser into a text file/ excel file.
Presently I'm able to get the data on Labview graph using GPIB . Can anyone suggest how to go ahead after collect data sub vi. How can the data be stored into a file apart from showing on the graph?
Attached is the vi for kind consideration...
Looking for help
Regards
Rohit
Attachments:
Agilent 87XX Series Exceed Max Meas.vi 43 KBFirst let me say that your code really looks pretty good. The data handling could be made more efficient by calculating the number of datapoints that are going to be in the completed dataset and preallocating the entire array -- but depending upon your answer to my questions, the logic in the lower shift register may be going away - so we won't worry about that right now.
The thing I need to know before addressing the data storage question is: Each time you call "Collect and Display Data.vi", how many element are in the array? Are you reading single data points, or a group of data? (BTW: if the answer to that question is obvious based on the way the other VIs are setup, I don't have the drivers so I can't tell what the setup values are.) Second, how fast does the loop iterate? Are we talking msec per loop?, seconds? fortnights?
The issues here are two-fold: how much data? and how fast is it coming? The answer to these will tell you how to save the data.
Mike...
Certified Professional Instructor
Certified LabVIEW Architect
LabVIEW Champion
"... after all, He's not a tame lion..."
Be thinking ahead and mark your dance card for NI Week 2015 now: TS 6139 - Object Oriented First Steps -
Daisy Chain cFP-1808 Network interface module
Hello,
I am trying to find some documententaion that explains how to Daisy Chain 2 NI cFP-1808, which is Network interface modules for the Compact Fieldpoint platform. http://sine.ni.com/nips/cds/view/p/lang/en/nid/202210
I am also trying to find out what are the performance hits when adding 1 or more cFP-1808 to a system.
Also has anybody had experience doing this and what did you observe?
Thanks
DanUse an ethernet switch to connect as much as you want.
The filedpoint system is low-speed I/O with 10Mbit ethernet you should see no performance hit imho.
André
Regards,
André
Using whatever version of LV the customer requires. (LV5.1-LV2012) (www.carya.nl) -
Anyconnect Secure Mobility Client, Network Access Module, wired PEAP
Hello there,
I am testing AnyConnect Secure Mobility Client, Network Access Module as supplicant with PEAP authentication for wired network users. With default configuration it is working well. With default configuration it is Trusting any Root CA certificates installed on the OS. Do you know how to configure NAM that it will validate ACS certificate with specific Root CA Certificate ?
In Network Access Module profile editor it has two options about Certificates:
One is Certificate Trusted Authority which has two options by its self first is too trust any Root CA certificate that is installed on OS, and second is to import Root CA certificate in Profile. Potentially Second option can help in my case, I can manually import Root CA certificates in each profile. But I think it will be hard to update Root CA certificates in future in that way.
Second is Certificate Trusted Server Rules, this option have matching capability by certificate Common Name. For what can be used this option ?Normally the way it works is that you set up your Enterprise Root CA, and then have it issue a certifcate for the AAA server (ie ACS, ISE, etc). You then install this certificate on the AAA server and (in an Active Directory environment) add the Root CA certificate to the client systems local certificate store. What that means is that any certificates (such as the one installed on the AAA server) that are presented to the client that are signed by the root are automatically trusted.
Server validation is an extra step in terms of proving the identity of the AAA server to the authenticating client. As such, when you build the policy in the NAM editor, it would look similar to the image below:
I like to use the CN (Common Name) as the match criteria and build my CA issuance policy to always include the FQDN in the certificate for identity purposes.
Hope this helps! -
Premiere Pro CC - Content analysis modules (French)
Hi,
from the moment I updated to Premiere pro CC (on windows 7 64 bit), the content analysis module for French has been unavailable. I have downloaded it again for the latest version (which mentions compatibility for both CS6 and CC versions) and reinstalled it, but no change. I can't select this option. I have tried several things and found the folder in common files, but it is called CS6, maybe that's a clue to why it is broken.
Anyway I urgently need this option for a very talky group of videos I have to edit and am desperate to have it working. And by the way it is broken in Prelude too, of course.
Thank you for your feedback.
DavidI did the same and it worked. There are three folders under CS6, fr_CA, fr_FR, and support. I copied the two fr folders to the 4.0 folder because there is already a support folder there and i didnt want to mess it up. It looks like the 4.0 is for the US speech engine. I guess even the big boys can sometimes dodo.
-
Network Analysis withinCost & "traction zone" or isochrones
Hello
The Pro Oracle Spatial book mentions in Chapter 10 the use of "traction zone" polygon and/or isochrones, based on the results (Nodes/endpoints) of the withinCost network analysis.
My questions:
1. How should these polygons be created (based on voronoi?)?
2. Has anybody implemented the creation of isochrones already in Oracle spatial( java/ pl-sql)?
3. Is this planned in later releases?
Any info would be appreciated?
tx
LucEither this is a little weird or I'm looking at the wrong place. If I do a show statistics virtual-sensor I seem to be getting some hits on different sigs:
Per-Signature SigEvent count since reset
Sig 6403.1 = 6
Sig 6409.1 = 17
Sig 6409.2 = 2
Sig 20059.1 = 1453
Sig 21619.1 = 2
Sig 23782.2 = 2
Sig 30260.1 = 3
However If I go to the IDM, Monitoring, Events, Event Viewer all I see is health messages from the sensor itself, not signatures.
Any ideas? Thanks. -
I am developing an application in VB6 for measurements with Agilent (HP)8510C network Analyser using NI-488.2 and National Instrument PCI-GPIB card. I want to take data for the whole 51 points. In HPBASIC which used to be employed for this purpose it is done using OUTPDATA command and the data is in a 2-dimensional array. How can I do this in VB6 with the hardware above.
kapilHi Kapil:
Please refer to a previous post on the same topic:
http://forums.ni.com/ni/board/message?board.id=140&message.id=7758#M7758
Although this is for C++, the basic functionality should be the same. Since OUTPDATA is from a specific instrument driver, your best bet will be comparing it to the instrument drivers mentioned in the previous post.
Thank you,
Emilie S.
National Instruments
Applications Engineer
Maybe you are looking for
-
Error after Deploying a .ear File
Hi, I have deployed an .ear file on the SAP J2EE engine 6.20 on EP6.0 sp2. When I access one of the JSP's, I am getting a NoClassDefFound exception even though the particular jar (xml-apis.jar) file containing the class is in the additional-lib direc
-
Chinese Character in PDF format for Oracle Reports 11g
Hello Everyone, Currently we have a Report that need to be display chinese character in PDF format. We followed the steps specified in the "Oralce Fusion Middleware Publishing Reports to the Web with Oracle Reports Services" documentation but things
-
HI EXperts, I have a problem in Samrt forms. Can anyone tell me what's the answer of that loop at lt_price1 to ls_price1 """"Table that contains material no... like 8646,8647,8648,8646,8646 loop at lt_price1 to ls_
-
HT204150 I updated my iPhone with the new iOS6 & ALL my contacts were deleted! WTH?
I recently updated my iPhone with the iOS6 update & all of my CONTACTS have been deleted? What gives?
-
Power button not responding, can't login
I have a late model 15" macbook pro with Retina display. Periodically the computer will lock up when I open the cover. It is displaying the login screen and will allow me to type in my password but then nothing happens. The main issue however is that