Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - sjobergh

Pages: [1] 2
1
GUI / Dot 1.x
« on: August 13, 2016, 12:11:47 AM »
Hi,  I think Nedi will benefit if it can detect dot.1x ports..   
I have handled this need by using the Poe field in def-file,  in the def-field for Poe I have used a oid that detects dot.1x  instead of POE value.

But that isnt a long term solution since I like to have the POE value also,  I propose for a new field in def-file that detects dot.1x

Using a PHP report system called Reportico I produce alot reports every month and one of them is a "dot.1x report"

Device   Interface   Vlan   Alias                                   Cdp Info                       Dot1x   Enabled   Port Status[/b]
Device 1   Gi1/0/1   337   XX accessport                                                  No   Enabled Active
Device 1   Fa0/23   2   XX accessport                                                  Yes   Enabled - Not active
Device 1   Fa0/24   2   XX accessport                                                  Yes   Enabled - Not active
Device 1   Gi0/1   0   Trunk to XX_XX_SW2   CDP:XX-XX-XX,Gi0/2       No   Enabled Active
Device 1   Gi0/2   0   Trunk to XX_XX_SW4   CDP:XX-XX-XX,Gi0/1       No   Enabled Active
                  
Device 2   Gi1/0/1   337   XX accessport                                                  Yes   Enabled Active
Device 2   Fa0/23   2   XX accessport                                                  No   Disabled
Device 2   Fa0/24   2   XX accessport                                                  No   Disabled
Device 2   Gi0/1   0   Trunk to XX_XX_SW2   CDP:XX-XX-XX,Gi0/2       No   Enabled Active
Device 2   Gi0/2   0   Trunk to XX_XX_SW4   CDP:XX-XX-XX,Gi0/1       No   Enabled Active

It looks much better in Reportico :)

2
Database / Re: Changed from MyISAM to InnoDB
« on: May 25, 2016, 01:03:51 AM »
Only useful if you have parallel discovery sessions/tasks

3
Database / Changed from MyISAM to InnoDB
« on: May 25, 2016, 01:02:26 AM »
and it seems to work good,  no table locks anymore and I think I gained about 30%-40% in speed/time when doing discovery

4
News / Re: Test Nedi 1.4 Patch 6
« on: November 14, 2015, 01:35:26 AM »
Yes, I have done that, but still I have the problem with wrong latency

I use Centos 6.7 I386 (fully updated)
I use  Perl v5.10.1 (*) built for i386-linux-thread-multi
I use PHP 5.3.3 (cli) (built: Jul  9 2015 17:24:26)
I use Apache Server version: Apache/2.2.15 (Unix)
I use Mysql version 5.1.73

5
News / Test Nedi 1.4 Patch 6
« on: November 10, 2015, 10:24:15 PM »
the latency measurements,  is this problem fixed ?
On Redhat/Centos I still have the same problem

/swepart

6
News / Re: Suggestion
« on: September 03, 2015, 02:50:25 AM »
I have tested some different switches and IOS version,  this is my result

Switchtype   IOS      1.3.6.1.4.1.9.9.220.1.8.6.1.1   1.0.8802.1.1.1.1.2.1.1.6   1.0.8802.1.1.1.1.2.1.1.5   1.3.6.1.4.1.9.9.220.1.1.1.2
Catalyst-2960-48-TCL   122-52.SE.bin      OK       OK           Not Ok   OK
WS-C2960-48TT-L   122-52.SE.bin      OK       OK           Not Ok   OK
WS-C3750-48PS-S    122-52.SE.bin      OK       Ok                   Not Ok   OK
WS-C2960S-48LPS-L   150-2.SE2.bin      OK       Not Ok           Not Ok   OK
C2960S-24TS-S   150-2.SE2.bin              OK       Not Ok           Not Ok   OK
WS-C2960S-48TS-L   150-2.SE2.bin      OK       Not Ok           Not Ok   OK
WS-C2960G-48TC-L   150-2.SE5.bin      Not Ok   Not Ok           Not Ok   OK



Not easy to read but the best OID (for me) is 1.3.6.1.4.1.9.9.220.1.1.1.2
It gives three results,  1,3,4   Four is tells me that we use 802.1x,   others false

Next opportunity is to find ports that is "Sticky"

7
News / Re: Suggestion
« on: August 31, 2015, 12:21:20 AM »
I will test that,  and others,,  doing that on old 2960 with ver 12 and ver 15,  new 2960S/X and plus series with ver 15, and 3750 series with ver 12 and ver 15
 

8
News / Suggestion
« on: August 28, 2015, 11:56:22 PM »
A new column in interface list that tells you if the port have dotx.1 enabled
I tried with 1.3.6.1.4.1.9.9.220.1.8.6.1.1 and it seems to work

"Cisco Port Access Entity (PAE) module for managing IEEE Std 802.1x. This MIB provides Port Access Entity information that are either excluded by IEEE8021-PAE-MIB or specific to Cisco products."

 To easily see and do a report for all switches is worth a lot when you are doing security compliance reports

9
News / Re: Test NeDi 1.4 Patch5
« on: August 12, 2015, 11:40:00 PM »
When using Nodes,List,  adding column "user" in the scrollbox I dont get the username,  I get numerical value in return.
Looking in the database I can see the user in alpha

10
Discovery / Force to do backup
« on: May 08, 2015, 01:04:42 AM »
Are there anyway to force Nedi to do a backup,  as it is now Nedi looks at snmp parameters if any change is done in config, if not,, no backup
since I can see that if OIDs for backup doesnt work for whatever reason I dont get any bckups on some 2960S models,  I havnt found what OID to use yet but I need to have a working backup


11
Discovery / Re: Bug in 1.4 patch 3 ? (SOLVED, not a Nedi problem)
« on: March 18, 2015, 08:15:57 PM »
I found the problem,  it wasnt a Nedi problem,  the MTU had been adjusted at the server and was set to low for SNMP V2 packets.
Probably it is the WLCes that cant adjust to low MTU sizes and answers with higher value than the MTU in the server.

 

12
Discovery / Re: Bug in 1.4 patch 3 ? (SOLVED, not a Nedi problem)
« on: March 17, 2015, 01:00:00 AM »
I installed patch 3 and found that when discovering  Wlan controllers
the problem I see is that discovery doesnt find any APs as it did before

Equipment   
Cisco 5508 WLCs with ver 8.0.110.0 and ver 7.6.130.0, needs to be v1 now
Cisco 4400 with ver 7.0.250.0 still works with v2
Cisco 2504 with ver 7.4.110.0 still works with v2
Cisco Wism with ver 7.0.250.0 doesnt work with v1 or v2

Aruba 6000 ctrl with version  6.1.3.2, needs to be v1 now
Aruba 3000 ctrl with version  6.1.3.2, needs to be v1 now
 
Little more details from the discovery process using v2

WLC AP
 ------------------------------------------------------------------------
SNMP:
Connect 111.1.1.1 mycommunity v2 Tout:5s MaxMS:2048 Retry:2 NB:0 WLC :
Walking AP name ERR
:No response from remote host '111.1.1.1'

when forcing  v1

WLC AP ------------------------------------------------------------------------ SNMP
:SNMP
:Connect 111.1.1.1 mycommunity v1 Tout:5s MaxMS:2048 Retry:2 NB:0 WLC
:Walking AP name WLC
:Walking AP location WLC
:Walking AP type WLC
:Walking AP SN WLC
:Walking AP group WLC
:Walking AP bootimage WLC
:Walking AP IP WLC
:Walking IF channel WLC
:Walking IF oper status WLC
:Walking IF admin status WLC
:Walking client user WLC
:Walking client AP WLC
:Walking client radio WLC
:Walking client SSID index WLC
:Walking client SNR WLC
:Walking client IP
AP+ :XXX-YY-ZZZ-APP5-01 (6886a7cac1e0) 192.168.165.40 FGL1706Z0UR AIR-CAP1602I-E-K9 plan5
WDEV:XXX-YY-ZZZ-APP5-01 written to nedi.devices
AP+ :XXX-YY-ZZZ-APP6-01 (04dad28bb420) 192.168.165.42 FGL1706Z0GF AIR-CAP1602I-E-K9 plan6
WDEV:XXX-YY-ZZZ-APP6-01 written to nedi.devices

Any ideas :)

13
Patch 1.4p3  whats new ?
btw, the url is wrong, file extension is tar, not tgz

14
GUI / Re: configure line with device-write
« on: November 26, 2014, 09:57:31 AM »
in  libcli-iopty.pm



                        }
                        foreach my $line (@out){
                                $line =~ s/\x1b\[(24;1H|2K|1;24r)//g;                   # ProCurve clensing...
                                print LOG $line;
                                &misc::Prt("RES :$line");
                                $err = $line if $line =~ /^(\s?% )?(Invalid|Unknown|Failed|cannot)/;    # Catch errors, but ignore "% Warnings" (doesn't seem to work on ProCurv$
                        }
                        if($err){
                                print "X";
                                last;
                        }else{
                                print ".";
                        }
##############
# wait for next line  #
##############
                        select(undef, undef, undef, 0.75);
############
                }
                $session->close;
                close (LOG);
        }
        return $err;
}


=head2 FUNCTION Spawn()

Spawns a pty.

B<Options> command

B<Globals> -

B<Returns> pty

=cut
sub Spawn{

15
GUI / Re: configure line with device-write
« on: November 20, 2014, 10:21:11 PM »
do you have TACACS+ with authorization in your devices,   we found that if we pushed alot of rows to alot of devices at the same time TACACS couldnt keep up and verify every line. We did a workaround in dev-write and added 0,75 sec wait-time before sending next row.

/swepart

Pages: [1] 2