At the risk of making myself seem like more of a jack@$$, the issue
ended up being a typo. There are a few spots to enter your communities,
the place that I kept looking at wasn't the right one. I was
concentrating mostly on the v1, v2, v3 page, but the error was on a
different page (hunt around, you'll see it). Two of the letters were
swapped.
Although a more informative error message could have saved lots of
trouble, the problem certainly was not a cca bug - and it certainly was
not that tech support I received throughout this. This experience
helped me find a network issue also, which was a plus.
We all say it, but you guys are invaluable.
Until next time....
Alex
Rajesh Nair (rajnair) wrote:
>Also Alex, can you send us (unicast it to me and Prem if you don't want
>to broadcast it) a "show tech" from the switch? I want to check the
>SNMP config you have on the switch.
>
>-Rajesh.
>
>-----Original Message-----
>From: Perfigo SecureSmart and CleanMachines Discussion List
>[mailto:[log in to unmask]] On Behalf Of Prem Ananthakrishnan
>(prananth)
>Sent: Wednesday, August 23, 2006 3:56 PM
>To: [log in to unmask]
>Subject: Re: Whoops
>
>Hi Alex,
>
>Save run>> Start will be a wr mem ..which should again be a SET. Can't
>see the SET packet here though :( We need to confirm the CAM is sending
>a SET to switch.
>
>Can we get a sniffer trace going between the two when you write to the
>switch? Also on the CAM, If you do
>
> tcpdump -q -a -vvv dst <switch ip>
>
>Are you able to see packets being sent, when you write to it?
>
>-Prem
>
>-----Original Message-----
>From: Perfigo SecureSmart and CleanMachines Discussion List
>[mailto:[log in to unmask]] On Behalf Of Alex Lanstein
>Sent: Wednesday, August 23, 2006 3:41 PM
>To: [log in to unmask]
>Subject: Re: Whoops
>
>Hi Prem,
>
>Nice to hear from you - you guys are assets.
>
>My boss sent you that packet dump, so I am not sure, but here's one I
>just did. I turned on debugging then tried to "save the running config
>to startup config" via the web interface:
>
>If this is against protocol I don't have a problem doing this the
>"normal" way - it's just that students starting coming back any minute
>(literally) and if we can't get this up and running we have to move back
>to in-line. No one wants to do that! I also think these types of
>conversations are useful for the other list members.
>
>http://oak.conncoll.edu/~aclan/terminal_log
>
>Alex
>
>
>Prem Ananthakrishnan (prananth) wrote:
>
>
>
>>Hi Alex,
>>
>>I took a look at the information that was sent. Basically, we are not
>>seeing any SNMP SET packets coming into the switch.
>>
>>We can see GET/GETNEXT information when you are reading the switch
>>config. Don't worry about port 162 on CAM. That is for traps not for
>>SNMP Read/Write
>>
>>Was the
>>
>>debug snmp header
>>Debug snmp packets
>>
>>Captured at the time you were writing to the switch?
>>
>>You are right that it happens through the read write community that has
>>
>>
>
>
>
>>been defined
>>
>>Thanks
>>Prem
>>
>>-----Original Message-----
>>From: Perfigo SecureSmart and CleanMachines Discussion List
>>[mailto:[log in to unmask]] On Behalf Of Alex Lanstein
>>Sent: Wednesday, August 23, 2006 1:56 PM
>>To: [log in to unmask]
>>Subject: Re: Whoops
>>
>>Just the man I was hoping to hear from :-P
>>
>>We do have a TAC case opened on this, waiting to hear back from
>>Jesse/Nate, who are waiting to hear from the engineers (is what what
>>you are?), but it seemed like something that someone on here might have
>>
>>
>
>
>
>>encountered.
>>
>>We used to be inline, just moved out of band a few days ago. When we
>>add the switch, it reads the mac, snmp location and contact
>>information, so it seems like its communicating fine. Also, the switch
>>
>>
>
>
>
>>can ping the manager and vice versa.
>>
>>We are running 4.0.2 and 12.2(25)FX on a C2960-LANBASE-M. System image
>>
>>
>
>
>
>>file is
>>"flash:c2960-lanbase-mz.122-25.FX/c2960-lanbase-mz.122-25.FX.bin". The
>>
>>
>
>
>
>>image is stock from the vendor, we didnt upgrade it.
>>
>>When we add the switch, it brings us to the page where it shows the
>>port status, and it does read the vlan and whether or not the port is
>>linked properly. I know it sounds like I'm saying "read" alot, which
>>could mean an issue with the RW community, but I swear I have it right.
>>
>>As per your suggestion, i tried swapping it to "link notification".
>>When I add the switch, it doesnt throw an error with that mib anymore,
>>
>>
>
>
>
>>but when I hit "save configuration", it says "failed to save the
>>running configuration."
>>
>>The error it spits back is:
>>[Failure] Error:"No SNMP respone [1.3.6.1.4.1.9.9.215.1.1.5.0]."
>>
>>I looked that up, and it looks like the mac-notification, but i dont
>>see the MIB on my cam. I tried snagging it from cisco and dropping it
>>into the dir and restarting snmpd, but no luck.
>>
>>Here are our SNMP settings for the switch:
>>
>>snmp-server community rwcommunity RW
>>snmp-server community rocommunity RO
>>snmp-server location BillHall
>>snmp-server contact my_boss
>>snmp-server enable traps snmp authentication linkdown linkup coldstart
>>warmstart snmp-server enable traps tty snmp-server enable traps cluster
>>
>>
>
>
>
>>snmp-server enable traps entity snmp-server enable traps cpu threshold
>>snmp-server enable traps rtr snmp-server enable traps vtp snmp-server
>>enable traps vlancreate snmp-server enable traps vlandelete snmp-server
>>
>>
>
>
>
>>enable traps flash insertion removal snmp-server enable traps
>>port-security snmp-server enable traps envmon snmp-server enable traps
>>MAC-Notification snmp-server enable traps copy-config snmp-server
>>enable traps config snmp-server enable traps bridge newroot
>>topologychange snmp-server enable traps stpx inconsistency
>>root-inconsistency loop-inconsistency snmp-server enable traps syslog
>>snmp-server enable traps vlan-membership snmp-server host CAM_IP
>>version 2c rwcommunity cluster vtp vlancreate vlandelete port-security
>>MAC-Notification copy-config config vlan-membership snmp !
>>
>>Certainly not ruling out the possibility that its a RW issue. OK, so
>>question - in the profiles view there is snmp v1, 2, and 3. How do I
>>know which one it's going to try? I tried putting my password in v1
>>then hitting "save config" to copy ru st, that failed. Tried the same
>>thing with v2, and that failed also.
>>
>>I get that a trap sends from the switch to the server, and that what
>>we're trying to do is have the server talk to the switch. I'd assume
>>that just happens through the RW community. Also, 162 on the CAM is
>>closed, not open, but I don't know if thats expected behavior or not.
>>
>>Any thoughts?
>>
>>Alex
>>
>>
>>Rajesh Nair (rajnair) wrote:
>>
>>
>>
>>
>>
>>>Alex,
>>>
>>>Is this happening with one switch or several? If its only happening
>>>with one switch, does everything work okay with Link-up instead?
>>>Also,
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>>>what is the switch model and the IOS/CatOS version?
>>>
>>>-Rajesh.
>>>
>>>-----Original Message-----
>>>From: Perfigo SecureSmart and CleanMachines Discussion List
>>>[mailto:[log in to unmask]] On Behalf Of Lanstein, Alex C
>>>Sent: Wednesday, August 23, 2006 11:42 AM
>>>To: [log in to unmask]
>>>Subject: Whoops
>>>
>>>Sorry, ignore my previous message's subject line, i hit reply and
>>>forgot to change it
>>>
>>>Regards,
>>>
>>>Alex Lanstein
>>>Senior Software Engineer, Transitional Data Services Help Desk/Network
>>>
>>>
>
>
>
>>>Junkie, Connecticut College Chief Coffee Drinker, LBCCHosting
>>>860-625-4277
>>>[log in to unmask]
>>>
>>>
>>>
>>>
>>>
>>>
>>>
|
