Hi Prem,

Nice to hear from you - you guys are assets. 

My boss sent you that packet dump, so I am not sure, but here's one I 
just did.  I turned on debugging then tried to "save the running config 
to startup config" via the web interface:

If this is against protocol I don't have a problem doing this the 
"normal" way - it's just that students starting coming back any minute 
(literally) and if we can't get this up and running we have to move back 
to in-line.  No one wants to do that!  I also think these types of 
conversations are useful for the other list members.

http://oak.conncoll.edu/~aclan/terminal_log

Alex


Prem Ananthakrishnan (prananth) wrote:

>Hi Alex,
>
>I took a look at the information that was sent. Basically, we are not
>seeing any SNMP SET packets coming into the switch.
>
>We can see GET/GETNEXT information when you are reading the switch
>config. Don't worry about port 162 on CAM. That is for traps not for
>SNMP Read/Write
>
>Was the 
>
>debug snmp header
>Debug snmp packets
>
>Captured at the time you were writing to the switch?
>
>You are right that it happens through the read write community that has
>been defined
>
>Thanks
>Prem
>
>-----Original Message-----
>From: Perfigo SecureSmart and CleanMachines Discussion List
>[mailto:[log in to unmask]] On Behalf Of Alex Lanstein
>Sent: Wednesday, August 23, 2006 1:56 PM
>To: [log in to unmask]
>Subject: Re: Whoops
>
>Just the man I was hoping to hear from :-P
>
>We do have a TAC case opened on this, waiting to hear back from
>Jesse/Nate, who are waiting to hear from the engineers (is what what you
>are?), but it seemed like something that someone on here might have
>encountered. 
>
>We used to be inline, just moved out of band a few days ago.   When we 
>add the switch, it reads the mac, snmp location and contact information,
>so it seems like its communicating fine.  Also, the switch can ping the
>manager and vice versa.
>
>We are running 4.0.2 and 12.2(25)FX on a C2960-LANBASE-M.  System image
>file is
>"flash:c2960-lanbase-mz.122-25.FX/c2960-lanbase-mz.122-25.FX.bin".  The
>image is stock from the vendor, we didnt upgrade it.
>
>When we add the switch, it brings us to the page where it shows the port
>status, and it does read the vlan and whether or not the port is linked
>properly.  I know it sounds like I'm saying "read" alot, which could
>mean an issue with the RW community, but I swear I have it right. 
>
>As per your suggestion, i tried swapping it to "link notification".  
>When I  add the switch, it doesnt throw an error with that mib anymore,
>but when I hit "save configuration", it says "failed to save the running
>configuration."
>
>The error it spits back is:
>[Failure] Error:"No SNMP respone [1.3.6.1.4.1.9.9.215.1.1.5.0]."
>
>I looked that up, and it looks like the mac-notification, but i dont see
>the MIB on my cam.  I tried snagging it from cisco and dropping it into
>the dir and restarting snmpd, but no luck.  
>
>Here are our SNMP settings for the switch:
>
>snmp-server community rwcommunity RW
>snmp-server community rocommunity RO
>snmp-server location BillHall
>snmp-server contact my_boss
>snmp-server enable traps snmp authentication linkdown linkup coldstart
>warmstart snmp-server enable traps tty snmp-server enable traps cluster
>snmp-server enable traps entity snmp-server enable traps cpu threshold
>snmp-server enable traps rtr snmp-server enable traps vtp snmp-server
>enable traps vlancreate snmp-server enable traps vlandelete snmp-server
>enable traps flash insertion removal snmp-server enable traps
>port-security snmp-server enable traps envmon snmp-server enable traps
>MAC-Notification snmp-server enable traps copy-config snmp-server enable
>traps config snmp-server enable traps bridge newroot topologychange
>snmp-server enable traps stpx inconsistency root-inconsistency
>loop-inconsistency snmp-server enable traps syslog snmp-server enable
>traps vlan-membership snmp-server host CAM_IP version 2c rwcommunity
>cluster vtp vlancreate vlandelete port-security MAC-Notification
>copy-config config vlan-membership snmp !
>
>Certainly not ruling out the possibility that its a RW issue.  OK, so
>question - in the profiles view there is snmp v1, 2, and 3.  How do I
>know which one it's going to try?  I tried putting my password in v1
>then hitting "save config" to copy ru st, that failed.  Tried the same
>thing with v2, and that failed also. 
>
>I get that a trap sends from the switch to the server, and that what
>we're trying to do is have the server talk to the switch.  I'd assume
>that just happens through the RW community.  Also, 162 on the CAM is
>closed, not open, but I don't know if thats expected behavior or not.
>
>Any thoughts? 
>
>Alex
>
>
>Rajesh Nair (rajnair) wrote:
>
>  
>
>>Alex,
>>
>>Is this happening with one switch or several?  If its only happening 
>>with one switch, does everything work okay with Link-up instead?  Also,
>>    
>>
>
>  
>
>>what is the switch model and the IOS/CatOS version?
>>
>>-Rajesh. 
>>
>>-----Original Message-----
>>From: Perfigo SecureSmart and CleanMachines Discussion List 
>>[mailto:[log in to unmask]] On Behalf Of Lanstein, Alex C
>>Sent: Wednesday, August 23, 2006 11:42 AM
>>To: [log in to unmask]
>>Subject: Whoops
>>
>>Sorry, ignore my previous message's subject line, i hit reply and 
>>forgot to change it
>>
>>Regards,
>>
>>Alex Lanstein
>>Senior Software Engineer, Transitional Data Services Help Desk/Network 
>>Junkie, Connecticut College Chief Coffee Drinker, LBCCHosting
>>860-625-4277
>>[log in to unmask]
>>
>> 
>>
>>    
>>