Prime Infrastructure 2.2 - Wired Clients and Trunk Ports

We have our VMWare ESX hosts connected to our server access switches via trunk ports. Prime doesn't seem to track clients on trunk ports (to avoid showing clients on uplink ports between switches, I'm sure). Since these are not switch-to-switch connections, is there a way to enable Prime to track wired clients on these specific trunk ports so we have MAC/IP client info in Prime for our virtual environment?

Hi,
PI discards all the MAC table entries that are on trunk ports for a switch. This enhancement was added from PI 2.1 & later.
- Ashok
Please rate the useful post or mark as correct answer as it will help others looking for similar information

Similar Messages

  • Cisco Prime Infrastructure 2.1 wired client show Wrong port speed.

    Hi,
    i have odd issue for some reason the port speed in the wired clients shown a wrong speed,
    can some explain how the speed detremained and why i'm getting a wrong speed port of 10mb for a pc/host when my network is at least 100mb,
    thanks

    Hi all,
    after a TAC with cisco they open a new BUG # CSCur33328    
    https://tools.cisco.com/bugsearch/bug/CSCur33328/?reffering_site=dumpcr
    thanks

  • Prime Infrastructure 1.2.0.103 and Virtual MSE 7.3.101

    Hi,
    I cannot integrate Virtual MSE 7.3.101 with my Prime Infrastructure 1.2
    After I setup MSE via its wizard, I make a change on WCS username and password.
    When I try to integrate MSE with Prime Infrastructure, Prime notify me about the mismatch username/password.
    Both systems are fresh install on my UCS C220 M3.
    Does anyone has the same issue as me ?
    Thanks,
    Pongsatorn Maneesud

    Hi Scott,
    I decide to install a new Virtual MSE then after complete setup the initial wizard. This error appears,
    when I check on the CLI of MSE, this message appears,
    Does anyone can solve these issues ?
    Need to resolve this since it gonna be on production soon.
    Thanks,
    Pongsatorn

  • Best practices for configure Rogue Detector AP and trunk port?

    I'm using a 2504 controller.  I dont have WCS.
    My questions are about the best way to configure a Rogue Detector AP.
    In my lab environment I setup the WLC with 2 APs.  One AP was in local mode, and I put the other in Rogue Detector mode.
    The Rogue Detector AP was connected to a trunk port on my switch.  But the AP needed to get its IP address from the DHCP server running on the WLC.  So I set the native vlan of the trunk port to be the vlan on which the WLC management interface resides.  If the trunk port was not configured with a native vlan, the AP couldn't get an address through DHCP, nor could the AP communicate with the WLC.  This makes sense because untagged traffic on the trunk port will be delivered to the native vlan.  So I take it that the AP doesn't know how to tag frames.
    Everything looked like it was working ok.
    So I connected an autonomous AP (to be used as the rogue), and associated a wireless client to it.  Sure enough it showed up on the WLC as a rogue AP, but it didn't say that it was connected on the wire.  From the rogue client I was able to successfully ping the management interface of the WLC.
    But the WLC never actually reported the rogue AP as being connected to the wired network.
    So my questions are:
    1. What is the correct configuration for the trunk port?  Should it not be configured with a native vlan?  If not, then I'm assuming the rogue detector AP will have to have a static IP address defined, and it would have to be told which vlan it's supposed to use to communicate with the WLC.
    2.  Assuming there is a rogue client associated with the rogue AP, how long should it reasonably take before it is determined that the rogue AP is connected to the wired network?  I know this depends on if the rogue client is actually generating traffic, but in my lab environment I had the rogue client pinging the management interface of the WLC and still wasn't being picked up as an on-the-wire rogue.
    Thanks for any input!!

    #what's the autonomous AP's(as Rogue AP) Wired and Wireless MAC address?
    it has to be +1 or -1 difference. If Wired MAC is x.x.x.x.x.05 and the wireless mac should be x.x.x.x.x.04 or 06. It is not going to detect if the difference is more than + 1 or - 1.
    #Does the switch sees the Rogue AP's wired MAC on its MAC table.
    Rogue Detector listens to ARPs to get all the Wired MAC info and forwards to WLC, It compares with Wireless MAC, if there is a +1 or -1 difference then it will be flagged as Rogue on wire. And the client that connected to it is also marked as found on wire.
    Regards to Trunking, Only Native vlan matters per trunk link, just configure the right vlan as native and we're done.
    It is not mandatory to keep the Rogue detector on Management vlan of wlc. It can also be on L3 vlan also as long as it can join the WLC to forward the learnt wired MACs.
    So if we don't have +1, -1 difference on Rogues then you've to use RLDP which will work with your existing setup to find Rogue on wire. there's a performance hit when we use this feature on local mode APs.
    Note: For AP join - AP can't understand Trunk, meaning if AP connected to Trunk it'll only talk to its native vlan irrespective of AP mode, however rogue detector listens to the Trunk port to learn MACs via ARPs from different VLANs and forwards to WLC using native vlan.

  • Service instance and trunk ports

    hi I have the following configuration:
    interface Port-channel1
     description SHN-AX1-1-2-CNRY
     switchport trunk allowed vlan none
     switchport mode trunk
     load-interval 30
     no keepalive
     service instance 1 ethernet
      encapsulation untagged
      l2protocol peer lacp
      bridge-domain 1
     service instance 2 ethernet
      description IDP_VLAN_2
      encapsulation dot1q 2
      bridge-domain 3998
     service instance 3 ethernet
      description BBR_VLAN
      encapsulation dot1q 420
      bridge-domain 3998
     service instance 4 ethernet
      description MGMT_VLAN
      encapsulation dot1q 95
      bridge-domain 3998
     service instance 5 ethernet
      description STATIC_VLAN
      encapsulation dot1q 3641,3644,3777,3291
      bridge-domain 3998
     service instance 6 ethernet
      description SME_VLAN
      encapsulation dot1q 2098,2339
      bridge-domain 3998
    interface Port-channel1
     description SHN-AX1-1-2-CNRY
     switchport trunk allowed vlan none
     switchport mode trunk
     load-interval 30
     no keepalive
     service instance 1 ethernet
      encapsulation untagged
      l2protocol peer lacp
      bridge-domain 1
     service instance 2 ethernet
      description IDP_VLAN_2
      encapsulation dot1q 2
      bridge-domain 3998
     service instance 3 ethernet
      description BBR_VLAN
      encapsulation dot1q 420
      bridge-domain 3998
     service instance 4 ethernet
      description MGMT_VLAN
      encapsulation dot1q 95
      bridge-domain 3998
     service instance 5 ethernet
      description STATIC_VLAN
      encapsulation dot1q 3641,3644,3777,3291
      bridge-domain 3998
     service instance 6 ethernet
      description SME_VLAN
      encapsulation dot1q 2098,2339
      bridge-domain 3998
    interface GigabitEthernet0/1
     switchport trunk allowed vlan none
     switchport mode trunk
     channel-group 1 mode on
    interface GigabitEthernet0/2
     switchport trunk allowed vlan none
     switchport mode trunk
     channel-group 1 mode on
    interface Port-channel12
     description SHN-AGG-BX1
     switchport trunk allowed vlan 34,50,76,3998
     switchport mode trunk
     mtu 9000
    interface GigabitEthernet0/23
     switchport trunk allowed vlan 34,3998
     switchport mode trunk
     mtu 9000
     channel-group 12 mode active
    interface GigabitEthernet0/24
     switchport trunk allowed vlan 34,3998
     switchport mode trunk
     mtu 9000
     channel-group 12 mode active
    the input interfaces are gigEth0/1 and gigEth0/2 and the output interfaces are gigEth0/23 and gigEth0/24.
    the ingress traffic at the input port has a single tag and the ingress traffic at the output port has two tags.
    please explain me, where tags would be pushed/popped and why??
    thank you.

    Hello.
    You might have confused service instance configuration and usual switchport mode trunk.
    Please refer figure 11-10 in the document http://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/12-2_52_ey/configuration/guide/3800x3600xscg/swevc.html
    >But there is a typo - per description it should be "enc doat1q 20" under service instance 9on the picture).
    Also under Figure 11-2 we have following example:
     QinQ is also supported when sending packets between an EFP and a switchport trunk, because the switchport trunk is implicitly defined as rewrite ingress tag pop 1 symmetric. The same external behavior as Method 1 can be achieved with this configuration:
    Switch (config)# interface gigabitethernet0/1 
    Switch (config-if)# service instance 1 Ethernet 
    Switch (config-if-srv)# encapsulation dot1q 1-100 
    Switch (config-if-srv)# bridge-domain 30
    Switch (config)# interface gigabitethernet0/2 
    Switch (config-if)# switchport mode trunk
    Again, service instance 1 on Gigabit Ethernet port 0/1 is configured with the VLAN encapsulations used by the customer: C-VLANs 1-100. These are forwarded on bridge-domain 30. The service provider facing port is configured as a trunk port. The trunk port implicitly pushes a tag matching the bridge-domain that the packet is forwarded on (in this case S-VLAN 30). 

  • Prime Infrastructure: Can you export Alarms and Events?

    Hello
    In Prime 1.4, you had the ability to export the alarms and events you saw being reported, at least according to the PDF manual: http://www.cisco.com/c/en/us/td/docs/wireless/prime_infrastructure/1-4/configuration/guide/pi_14_cg.pdf
    I want to export these events and alarms that can be found in the Monitor section of Prime 2.1, but the export option does not seem to be available.
    Does anyone know if it is possible to export these via a scheduled report or by looking in a particular place on Prime? I would like to import the information into Splunk to see if we can gain an insight into the information that is being collected.
    thanks
    Bryn

    HI,
    Did you ever determine an answer to this question? I really need to export data after a certain date... (I would also like to publish a calendar, after a certain date-- as no one needs to see the "old" events).
    Stu

  • Upgradding Prime Infrastructure version 1.2 and LMS 4.x to Cisco Prime Infrastructure 2.0

    Hello,
    A customer currently have 2,500 Cisco Prime Infrastructure Lifecycle device license using Prime Infrastructure version 1.2 and LMS 4.x. the customer wants to upgrade to Cisco Prime Infrastructure 2.0.
    Does anyone know if it is possible to upgrade to version 2.0 without additional cost? the licenses from
    Cisco Prime Infrastructure 1.2 has to be upgraded or we need only to rehost the VUDI.
    Also could be possible to upgrade LMS 4.x to Cisco Prime Infrastructure 2.0?
    thanks!

    The two features you mention are two big missing ones. Another is full syslog capability. I don't believe CiscoView or day one support via package updates is included either.
    Another is less tangible - the depth of experience and documentation available for LMS vs. Prime Infrastructure (particularly the wired management features). I agree for wireless PI 2.0 looks good. Some new features are coming for wired that look promising but they are new as of PI 2.0 so I'm taking a wait and see on them.
    I hope to get 2.0 up in my lab in the next week or so and will hope to be pleasantly surprised but that's seldom the case with a major new release.

  • LMS 4.0 and Prime Infrastructure..!

    Hi,
    I am using LMS 4.0 and as the licenses got expired I came to know that I need to buy Prime Infrastructure license as LMS 4.0 reached End of life.
    So now if I buy the prime infrastructure licenses, will it work on LMS 4.0 or I need to upgrade? and how can I get the upgrade?
    Thanks..!

    You would need to upgrade.  Prime Infrastructure 1.2 has LMS and WAN buildt in.
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • Migrated to Prime infrastructure and now the login on the server doesn't work

    We have recently migrated from WCS 7.0.230.0 to Prime Infrastructure 1.3.0.20 and now there is a problem with logging in to our accounts. The problem can be broken down into two parts:
    1. We can't logg in using radius (this is still working if we use the WCS or other applications using the same rule)
    2. Unless we delete and recreate our accounts we can't even logg in locally
    We have re-entered the radiusservers (they disappeared during the migration)
    We have tried changing authentication form from pap to chap (in both ends) and then back again
    Our radius servers are running Win2k8 R2
    Any suggestions on how to solve this? We really need to get the domain-loggin working

    mmm, i would say make sure that you have the attributes related to virtual domain appended to the list.
    If you have already done that ,
    may be you need to try the following:
    Step 1)
    Open https://NCSIPADDRESS/webacs/dbUpdateAction.do
    With root username and password
    Step 2)
    Execute the Query as below
    Query (1)
    update WCSDBA.WCSPREFERENCE
    set value='ROOT-DOMAIN'
    where key ='defaultPartition' and username='a_user'
    note-
    username should be changed to whichever user is facing issues while logging in
    Query (2)
    commit work;
    or to remove all entries in WCSDBA.WCSPREFERENCE except for SYSTEM, root or ALL_USERS:
    delete from wcsdba.wcspreference where username <> '[SYSTEM]' and username <> 'root' and username <> 'ALL_USERS';
    commit work;
    Step 3)
    Restart NCS after the commit changes and try logging back with 'a_user'
    Please make sure to rate correct answers

  • Prime infrastructure 1.2 licensing

    We have activated a new VM for the cisco PI,
    this substitutes an old NCS VM, so we have prepared for migration as decribedin the cisco documents
    all the procedures have been followed so the situation after installing pointpatch, backup application ncs, destroy NCS VM, deploy new PI VM that has been configured on the same basis of the old NCS and now active.
    before proceding with the restoration of the backup I have some question regarding the licenses
    we do own pak for:
    L-PILMS42-1.5K-U Prime Infrastructure LMS 4.2 - 1.5K Device Maj Upg Lic
    L-PI12-LF-1.5K-LIC Prime Infrastructure 1.2 - Lifecycle - 1.5K Device Lic PAK
    R-PI12-BASE-K9 Prime Infrastructure 1.2 Base License and Software
    and before restoring the ncs backup I'd like to ask some questions
    1) Does the system inheris the old (demo) license that was on the "old" NCS VM? (please consider that the VUDI has changed ad the VMware datastore is now different)
    2) Will the old VUDI be restored?
    3) after restoration of backup the machine will result unlicensed?
    4) Is there the risk of wireless service disruption?
    5) do I need to generate and apply licence before or after the restore?
    6) What licence do I need to register and apply to have PI functional?
    thank you

    Have you gone through the below link
    http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-infrastructure/guide_c07-714720.html

  • Prime LMS 4.2 to Prime Infrastructure 2.0 license migration

    A couple of months ago I upgraded WCS to Prime Infrastructure (WCS via NCS to PI 1.2 at that time). Meanwhile PI is running version 2.0. For some reason, when purchasing the upgrade licenses, I also got a 500 device LMS4.2 upgrade license.
    The exact part numbers were:
    R-W-PI12-M-K9 WCS 7.0 to Cisco Prime Infrastructure 1.2 Migration
    R-PI12-BASE-K9 Prime Infrastructure 1.2 Base License and Software
    L-PI12-LF-500-LIC Prime Infrastructure 1.2 - Lifecycle - 500 Device Lic PAK
    L-PILMS42-500-M Prime Infrastructure LMS 4.2 - 500 Device Upgrade Lic
    I have a virtual LMS appliance running where I installed the 500 device license I mentioned. I've actually never used LMS but that's a different story...
    As I'm running low on PI device licenses (lifecycle licenses to be precise), the question is:
    Is there an officially supported scenario to migrate these 500 LMS 4.2 licenses (that are already the result of a license upgrade) to PI 2.0?
    If so: what part numbers do I need to purchase? I suppose I need
    R-L-PI2X-U-K9 LMS to Cisco Prime Infrastructure 2.x Upgrade
    plus
    (L-L-PI2X-500-U LMS to Cisco Prime Infrastructure 2.x Lifecycle Upgrade 500 Device)
    XOR
    (L-L-PI2X-500-UP LMS to Cisco Prime Infrastructure 2.x Lifecycle Upgrade with PASS 500 Device)
    Maybe someone can comment on that... thanks in advance.

    In case anyone is facing the same issue:
    Meanwhile, I finished the upgrade process using the following part numbers:

  • Cisco Prime Infrastructure MESH LINK ISSUE

    Hi,
    a Customer of us has a trouble with cisco Prime Infrastructure 1.2.0.12 and AP mesh link.
    There is an huge database ( i suppose the issue can be here ) and when we display some map ( each floor has about 6 RAP and 24 MAP ) we cannot see the MESH information and link draw.
    The only way to dipley them is to disable "refresh from network": this way I'm able to show these link..... until a click before.
    What i noticied when all was working fine, after i click to some floor:
    1) the software started to show the map with normal color and no mesh info displayed ( just ap and coverage cloud )
    2) after few time ( less than 1 second ) the map was becoming a little bit lighter and the mesh info was merged to the map
    We are missini the second step
    Anyone had the same issue ?
    best regards
    Luigi
    PS: I opened a case with WCS version 6.0 ( same issue ) but, after some months, no risult. The last version working fine was WCS 5.2

    Just to add some more informations:
    - disabling "refreshj from network" ( building properties ) the link and mesh info are showed
    - while I'm on a floor, after some refresh, i loose the mesh link draw and, if i click on an AP, i loose also mesh info in the popup. It' s like, after some refresh, the AP are no more recognized as Mesh ( !?!? )
    regards
    Luigi

  • Cisco Prime Infrastructure 2.0 cannot establish connectiont with WLC5508 7.4.110

    I have two wlc 5508 in HA with image version 7.4.110. These two WLC are connected on two 6509 Catalyst Switch VSS system. On the WLC the LAG are enabled for the connection to the VSS. When i am trying to add the WLC to PI 2  once is succsessful. The connection continew working for a wile and after 3 hours or 5 hours or 1 day lost the connection between these two (WLC 5508 & PI.2) . After this trying again to add the WLC to PI.2 with no success . It became unreachable but the ping between the WLC & PI.2 its working fine.
    It realy importand for me to add the WLC to PI.2 becouse it is the eyes for the APs for me.
    Also the image of WLC 7.4.110 is compatible for PI.2 . I check it at cisco matrix files. Cisco also sugest 7.4.110 image for PI.2
    any idea........?

    The subject of the posting shows Prime Infrastructure 2.0 but in the body of the message you've got Prime Infrastructure 1.2
    If it's in fact Prime Infrastructure 1.2 ::: 1.2 and 7.4.110.0 code isn't compatible
    http://www.cisco.com/en/US/partner/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html#wp92761
    1.2.1.12
    7.3.112.0
    7.3.101.0
    7.2.115.2
    7.2.111.3
    7.2.110.0
    7.2.103.0
    7.0.240.0
    7.0.235.3
    7.0.235.0
    7.0.230.0
    7.1.91.0
    7.0.220.0
    7.0.116.0
    7.0.98.218
    7.0.98.0
    7.3.101.0
    7.2.110.0
    7.2.103.0
    7.0.240.0
    7.0.230.0
    7.0.220.0
    7.0.201.204
    7.0.112.0
    7.0.105.0
    ISE 1.0
    ISE 1.1
    IOS12.2(50)SE
    IOS12.2(50)SG
    IOS12.2(33)SXI
    If deploying Prime Infrastructure as a virtual appliance on a customer-supplied server, one of the following versions of VMware ESX or ESXi can be used:
    •VMware ESX or VMware ESXi Version 4.0
    •VMware ESX or VMware ESXi Version 4.1
    •VMware ESXi Version 5.0
    Note VMware Tools Version 4.1 is preinstalled in the Prime Infrastructure virtual appliance.

  • Cisco Prime infrastructure 1.2.1.012 -- HA issue

    Hi All
    I will explain the background before, our customer using Cisco Prime Infrastructure 1.2.1.012 and do HA. However I got error message wcss1 (in attaced file) from HA configuration. (First I had done HA configuration before and it worked. But I get error message wcss1 after i tested failover on cisco prime). I found bug case CSCud12229 that is same error message. But i still confuse with work around "Workaround:Change the database mode to Read-Write by executing query ?alter database open? or execute the shell script - /opt/CSCOlumos/bin/recover_HADeadLock.sh" anyone understand please help.
    And another option I tried to upgrade with version 1.3 also but it have a bug no CSCud80157. It is the problem with HA registration fial so, i would like to ask you all that if i need to do HA on Cisco Prime infrastructure which version i should to install ? coz  I saw 1.2 or 1.3 also have a bug with HA
    Thanks
    V

    Hi rajeeshp,
    Currently I am not allowed to upgrade it because of internal procedures involved in upgrading a specific piece of software (obtaining permissions from various departments). Is it free to upgrade from 1.2 to 1.3 or there is a specific charge for that.
    Predrag Petrovic

  • WLC 5508 Discovery in Prime Infrastructure

    I have newly deployed a Prime Infrastructure (PI) in my network, and i want to add my wirless controller in it.
    I get an error SNMP time out whenever i add my controller to PI through SNMP.
    There are default SNMP configurations in the controller and i am simply adding them in PI with their private/public SNMP string.
    Is there something i am missing?
    WLC 5508 is connected to my core switch and PI is connected to another switch which is directly connected to core switch via Layer 3.
    Is there any configuration required to be done on the switch side.?                  

    Hello,
    Please go through the below link, it may help you to add WLC in Prime Infrastructure (PI)
    https://supportforums.cisco.com/docs/DOC-29006

Maybe you are looking for

  • PS CS5 messes up menu bar; dialog boxes distort during drag; etc

    I'm having weird problems with Photoshop CS5.  I'd love help, or even tips for how to frame the question when searching for help. Here are the symptoms: - After starting PS, if I open any dialog box and then close it, after closing the PS menu bar is

  • Page shift due to vertical scroll bar issue

    I'm working through a vertical scroll bar issue in my design, using a ProjectSeven CSS page template. When testing the site in my browsers (FF/Safari/IE/Opera), and IF the scroll bar is not present, the entire page shifts to the left (the width of th

  • Does Oracle intent to maintain the Pro*Cobol in the market?

    With the new power languages like java, the Pro*Cobol segment will survive in news releases?

  • Dynamic groups in Portal?

    Hi, Is it possible to use the OID dynamic groups in Portal? It seems that the users of a dynamic group can't been seen in Portal: could someone tell me more about that? When will the dynamic groups be implemented in Portal? Thanks, Magali

  • Error in FI posting- J2IUN

    Dear All, In J2IUN simulation is working fine and and when i try to save system showing message ' ERROR IN FI POSTING'. We tried to utilize for the month of May 2009. Is the error beacuse of FI period closed? Please suggest how to overcome this error