Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - ntmark

Pages: [1] 2
1
Discovery / dot1x and node tracking with dynamic vlans
« on: November 10, 2016, 11:52:07 PM »
We have dot1x enabled on wired network with dynamic vlan assignment but the ports are configured with a default vlan.
What I'm having problems with are node tracking/discovery as the nodes will at some point get an IP on the default vlan, but when they boot up and are authenticated they get assigned a new vlan and get a new IP address.
When looking at a switch in nedi and finding nodes in Node List it is matching the nodes with the default vlan and showing that IP address, and not the one they currently have on their new assigned vlan.

Default vlan 10, IP 10.10.10.10
Dynamic vlan 15, IP 10.10.15.40
Nodes List shows 10.10.10.10 but the node has IP 10.10.15.40

Is there anyway to get the correct IP to show up?

Also when looking at the device -> status  it shows the configured vlanid on the switch port and not what it currently is forwarding as.
I'm not to fussed about this bit, but maybe there could be an option to show either the configured vlans on a port or the in use ones, and possibly include voice vlans/native vlans in the future?

Thanks
Mark.

2
Discovery / Looking for Extreme X440-24p def file
« on: September 05, 2016, 05:29:50 AM »
If anyone has a working def file for an Extreme X440-24p or something similar I'll update and re-upload.

EDIT: To clarify this is to detect the config changes on an Extreme, the defs that come with Nedi do not have these values. (1o6)
Apologies for a hasty and non-informative post.

Thanks
Mark.

3
Discovery / DBD:mysql error during nightly backup 1.6p1
« on: June 13, 2016, 01:57:30 AM »
I've been doing backups with options -sS -p -B360 and getting an error in the log when I get to a 6800X with VSS and 25 FEX switches.
It always happens on this switch with the error below
Code: [Select]
10.20.10.1     SWITCH1      v97 i1694    j75   DiDpp1 b23 m173    a4     f1214 c26428DBD::mysql::st execute failed: MySQL server has gone away at /usr/local/nedi/inc/libdb.pm line 913.
DBD::mysql::st execute failed: MySQL server has gone away at /usr/local/nedi/inc/libdb.pm line 913.

Looking this up I found that the connection may be timing out? and that enabling mysql_auto_reconnect or checking connection before performing execute may help.
I'm not sure if this is enabled already, but to enable the option the below was given on the cpan.org doc of DBD-mysql.
Code: [Select]
$dbh->{mysql_auto_reconnect} = 1;OR
Code: [Select]
my $dbh = DBI->connect($dsn, $user, $password, {
 mysql_auto_reconnect => 1,
});

I've already tried with this added to line 37 in libdb.pm where $dbh = DBI->connect(..... is defined like so:
Code: [Select]
$dbh = DBI->connect("DBI:$misc::backend:dbname=$dbname;host=$dbhost", $dbuser, $dbpass, { RaiseError => 1, AutoCommit => $ac, mysql_auto_reconnect=> 1} ) or die $DBI::errstr;
But the same error occurred.
Any tips on what I need to do to fix this error and it looks like backups aren't working correctly.

Thanks in advance.
Apologies for the choppy post.
Mark.

4
Discovery / Fortigate config Backup 1.6 [SOLVED]
« on: May 17, 2016, 01:50:01 AM »
Hi,
 I'm having some problems getting fortigate to do config backups in 1.6
We haven't been doing this in previous versions, so I've been searching through the forums for any config references.
I have finally got the login prompt to work via ssh by changing libcli.pm 'FortiOS' section to this, but there is probably some useless lines in here.
Code: [Select]
$cmd{'FortiOS'}{'ropr'} = '(.+)\s?#$';
$cmd{'FortiOS'}{'enpr'} = '.\s#\s$';
$cmd{'FortiOS'}{'enab'} = 'enable';
$cmd{'FortiOS'}{'shcf'} = 'show full-configuration';
$cmd{'FortiOS'}{'strt'} = '.';
$cmd{'FortiOS'}{'page'} = 'disable clipaging???';
$cmd{'FortiOS'}{'cfst'} = '^config';
$cmd{'FortiOS'}{'more'} = '--More-- ';

This has let me run ./nedi.pl -v -B0 -SAFGgsjmvpadobewitu -a <host IP>
but now I'm getting this error when it's running through the CONF: lines
Code: [Select]
...
CONF:30230 lines read

Configbackup ------------------------------------------------------------------
DBD::mysql::st execute failed: MySQL server has gone away at ./inc/libdb.pm line 900.
DBD::mysql::st execute failed: MySQL server has gone away at ./inc/libdb.pm line 900.

Line 900 of libdb.pm: middle line:
Code: [Select]
$sth = $dbh->prepare("INSERT INTO configs(device,config,changes,time) VALUES ( ?,?,?,? )");
$sth->execute ($dv,$cfg,$chg,$main::now);
misc::WriteCfg($dv) if defined $main::opt{'B'};


Now I'm stuck again.
Does anyone have config backup working in 1.6 with fortigates?

Cheers
Mark.

Edit: removed double post.

5
Definition Files / def for WS-C3560CX-12PC-S - note Unable to test PoE
« on: December 07, 2015, 09:08:59 PM »
I couldn't find def file for WS-C3560CX-12PC-S so here it is.

Was unable to test PoE before it went into production with PoE disabled.
Please update this if changes are needed.
remove .txt

Mark.

6
Discovery / Last configuration change at ....
« on: December 07, 2015, 04:43:25 AM »
Hi forum people!
 I've found in a post in 2012 about adding the config diff to configuration view and emails, but is there a way to exclude specific config lines that contain text?
We log all commands and logins on devices, so every time some monitoring tool(Nedi) logs into them they count as a change and subsequent changes in nedi are noted with the lines below.
Code: [Select]
#--- Sat Mar 14 00:01:02 2015 ---#
 3- ! Last configuration change at 22:00:09 nzdt Thu Mar 12 2015 by username
 3+ ! Last configuration change at 22:00:34 nzdt Fri Mar 13 2015 by username
I'd really like to remove this one line from the device configuration page in Nedi.
Or anything containing the line "Last configuration change at".

Sorry for not putting in much time looking at this yet(work), kind of hoping for a quick fix if available.

Mark.

7
Attached defs for Cisco Nexus 9K:
N9K-C9336PQ
N9K-C9396PX
N9K-C93128TX

Defs are for switches in ACI mode.
Note: Defs will be quite different for non-ACI configured switches.

Mark.

8
I've updated the 6880-X def file with some generic settings and specific ones for VSS and Instant Access.
Other values have been left as they were.

Updated fields;
Typoid
Serial
Dispro
Bimage
Group
Mode
IFalia

Code: [Select]
# Definition for 1.3.6.1.4.1.9.1.1934 created by Defgen 2.0 on 12.Jun 2015 (admin)
 
# Main
SNMPv 2HC
Type C6880-X-LE
Typoid 1.3.6.1.2.1.47.1.1.1.1.13.1000
Sysdes
OS IOS
Icon c3bp
Size 5
Bridge VLX
ArpND oldphy
Dispro CDP|LLDP
Serial 1.3.6.1.2.1.47.1.1.1.1.11.1000
Bimage 1.3.6.1.4.1.9.2.1.73.0
CfgChg 1.3.6.1.4.1.9.9.43.1.1.1.0
CfgWrt 1.3.6.1.4.1.9.9.43.1.1.3.0
VLnams 1.3.6.1.4.1.9.9.46.1.3.1.1.4.1
VLnamx
Group 1.3.6.1.4.1.9.9.46.1.2.1.1.2.1
Mode 1.3.6.1.4.1.9.9.46.1.2.1.1.3.1
 
# Interfaces
StartX
EndX
IFname 1.3.6.1.2.1.31.1.1.1.1
IFaddr oldcie S
IFalia 1.3.6.1.4.1.9.2.2.1.1.28
IFalix
InBcast 1.3.6.1.2.1.31.1.1.1.3
InDisc 1.3.6.1.2.1.2.2.1.13
OutDisc 1.3.6.1.2.1.2.2.1.19
IFvlan 1.3.6.1.4.1.9.9.68.1.2.2.1.2
IFvlix
IFpowr
IFpwix
IFdupl 1.3.6.1.2.1.10.7.2.1.19
IFduix
Halfdp 2
Fulldp 3
 
# Modules
Modesc 1.3.6.1.2.1.47.1.1.1.1.2
Moclas 1.3.6.1.2.1.47.1.1.1.1.5
Movalu 3|6|7|9|10
Moslot 1.3.6.1.2.1.47.1.1.1.1.7
Modhw 1.3.6.1.2.1.47.1.1.1.1.8
Modsw 1.3.6.1.2.1.47.1.1.1.1.9
Modfw 1.3.6.1.2.1.47.1.1.1.1.10
Modser 1.3.6.1.2.1.47.1.1.1.1.11
Momodl 1.3.6.1.2.1.47.1.1.1.1.13
 
# RRD Graphing
CPUutl 1.3.6.1.4.1.9.9.109.1.1.1.1.8.1
Temp 1.3.6.1.4.1.9.9.13.1.3.1.3N
MemCPU 1.3.6.1.4.1.9.9.48.1.1.1.6.1
Custom MemIO;G;Bytes 1.3.6.1.4.1.9.9.48.1.1.1.6.2

9
GUI / Fortigate logo Devices-Status
« on: March 08, 2015, 11:26:45 PM »
Hi,
  Big thanks for the update to 1.4!!!

Now the issue.
I've noticed if you go into Devices Status, and show all, Under the Device-type column the Frotigates show up with HP logo.
Is it possible to have the Foritgate logo or corresponding Fortinet device logo instead of HP?

I've verified the Def files are using the FortiOS as OS type.

Thank you again.
Mark.

10
GUI / Container interfaces on Device Status
« on: August 29, 2014, 01:26:50 AM »
Hi Remo,

Bit of a request for an additional column in the already busy Device status page.

Is it possible to get container objects like SFP, X2, QSFPs etc added to the Device Status page as a selectable option (show or hide)?
I've found often I'm wanting to see what type of interface is installed or not installed in what port container and it would be nice to have the overview of them all in the Device Status page.
It's easier to use than trying to build a filter with only Port class in the Devices Modules page which also doesn't show empty port containers.

It would only need to include the Model of the Interface in the Device Status page alongside the interface container it's inserted into kind of like what you have on Devices Interfaces, but with the model not the IFtype.
Hope you understand what I mean.

Also is it possible to customize what columns are displayed on the Device Status page?
I'd like to remove a lot of those counters but have the option to turn them on when troubleshooting.

Thanks for the great software! :)
Mark.

11
Definition Files / def for: Fortigate800C, Cisco ASR1001
« on: July 22, 2014, 04:11:53 AM »
Definition files for Fortigate 800C and a Cisco ASR1001 created in nedi 1.0.8


Mark.

12
Definition Files / Assortment of Fortigate defs
« on: December 12, 2012, 01:35:15 AM »
Attached file includes def files for Fortigate firewalls and a Fortianalyzer

FGT800
FGT1240B
FGT500A
FGT50B
FGT200A

FAZ800

note:
1.3.6.1.4.1.12356 = fortigate,
.101.1. = fortigate version 4+
.102.1. = fortianalyzer version 4+
without the 101 or 102, they are version 3 OS's.

Feel free to update and repost here.
Mark.

NB: file was created as a .tgz extension if you have issues opening it, try renaming.

13
GUI / Device-list column reset button
« on: December 11, 2012, 02:22:47 AM »
Is it possible to get a reset button on the Device-List page that resets the columns to the default?
I ocasionally forget to hold the [ctrl] button when selecting and have to reload page via F5 or reload button on browser.
Would be nice to have a quick easy button on the page.
Such a small thing, but would make me extremely happy :)

14
Definition Files / cisco WS-C4948E
« on: October 30, 2012, 10:08:01 PM »
Not sure if anyone has posted this one yet but here it is.

Code: [Select]
# Definition for 1.3.6.1.4.1.9.1.1178 created by Defgen 1.8 on 31.Oct 2012 ()

# General
SNMPv 2HC
Type WS-C4948E
Typoid 1.3.6.1.2.1.47.1.1.1.1.13.1000
Sysdes 1.3.6.1.2.1.1.1.0
OS IOS
Icon w2bd
Bridge VLX
Dispro CDP
Serial 1.3.6.1.2.1.47.1.1.1.1.11.1
Bimage 1.3.6.1.2.1.16.19.6.0

# Vlan Specific
VLnams 1.3.6.1.4.1.9.9.46.1.3.1.1.4.1
VLnamx
VTPdom 1.3.6.1.4.1.9.9.46.1.2.1.1.2.1
VTPmod 1.3.6.1.4.1.9.9.46.1.2.1.1.3.1

# Interfaces
IFname 1.3.6.1.2.1.31.1.1.1.1
IFalia 1.3.6.1.2.1.31.1.1.1.18
IFalix 1.3.6.1.2.1.2.2.1.1
InBcast 1.3.6.1.2.1.31.1.1.1.3
InDisc 1.3.6.1.2.1.2.2.1.13
OutDisc 1.3.6.1.2.1.2.2.1.19
IFvlan 1.3.6.1.4.1.9.9.68.1.2.2.1.2
IFvlix
IFpowr
IFpwix
IFdupl 1.3.6.1.2.1.10.7.2.1.19
IFduix
Halfdp 2
Fulldp 3

# Modules
Modesc 1.3.6.1.2.1.47.1.1.1.1.2
Moclas 1.3.6.1.2.1.47.1.1.1.1.5
Movalu 1|3|6|7|9|10
Moslot 1.3.6.1.2.1.47.1.1.1.1.7
Modhw 1.3.6.1.2.1.47.1.1.1.1.8
Modsw 1.3.6.1.2.1.47.1.1.1.1.9
Modfw 1.3.6.1.2.1.47.1.1.1.1.10
Modser 1.3.6.1.2.1.47.1.1.1.1.11
Momodl 1.3.6.1.2.1.47.1.1.1.1.13

# RRD Graphing
CPUutl 1.3.6.1.4.1.9.9.109.1.1.1.1.5.1
Temp 1.3.6.1.4.1.9.9.13.1.3.1.3.1
MemCPU 1.3.6.1.4.1.9.9.48.1.1.1.6.1
Custom MemIO 1.3.6.1.4.1.9.9.48.1.1.1.6.2

15
Discovery / Cron and discovery.
« on: February 13, 2012, 09:18:57 PM »
We have been using 1o6 with an hourly cron job with options -p -o
Since the upgrade to 1o7 I've noticed that this process is now taking 61 mintues where it used to be ~20mins.

Is there a faster/better way for me to do this as it was nice having it run every hour.

I'm not that keen to split it up into separate jobs as most of the gear is located in one site with similar names.

The amount of time it takes to run for each switch/router seems to increase each time a switch/router is completed.

Any ideas?
Cheers
Code: [Select]
10.16.2.1    PETRO6CORE1  v16St i72  Jv p3/0 b3    Fp1002Fx1002Fp1Fp1004Fx1004Fp1005Fx1005Fp95Fp1003Fx1003Fp980Fx980Fp224Fx224f78  105/4-9s
10.90.6.10   DNSW1        v7IxIx i29 Jv p0/0 b1    Fp1002Fx1002Fp1Fp1005Fx1005Fp1004Fx1004Fp1003Fx1003Fp980Fx980f6  104/5-3s
10.21.1.10   HMSW1        v8IxIx i29  p0/0 b1   Fp1002Fx1002Fp1Fp1005Fx1005Fp1004Fx1004Fp1003Fx1003Fp980Fx980f12  103/6-1s
10.16.7.10   PGSW1        v9 i13      p1/0    Fp1002Fx1002Fp1005Fx1005Fp1003Fx1003Fp1Fx1Fp1004Fx1004Fp980Fx980f20  103/7-2s
10.18.1.10  AKDXTS1   v12 i52     p2/1   Fp1002Fx1002Fp1005Fx1005Fp999Fp1003Fx1003Fp1Fx1Fp1004Fx1004Fp980Fx980f36  104/8-4s
...
...
10.19.1.19   AV1COGL1   v12 i12     p0/1    Fp1002Fx1002Fp1005Fx1005Fp1003Fx1003Fp208Fx208Fp1Fx1Fp1004Fx1004Fp980Fx980f28   22/163-3s
10.59.1.38   AV1POST2     v8St i55   Jv p0/2    Fp1002Fx1002Fp1Fp1005Fx1005Fp1004Fx1004Fp1003Fx1003Fp980Fx980f33   21/164-2s
10.19.1.46   AV1RBS1      v8St i55   Jv p0/2    Fp1002Fx1002Fp1005Fx1005Fp1003Fx1003Fp1Fp1004Fx1004Fp980Fx980f24   20/165-2s
10.26.8.5    AV1ASYNC1    SuIb i3 Jv p0/1       19/166-4s
10.19.1.49   AV1ARC5      v9IxIx i29 Jv p0/2    Fp1002Fx1002Fp1005Fx1005Fp1003Fx1003Fp1Fp1004Fx1004Fp980Fx980f45   18/167-2s
10.59.1.43   AV1CINE2     v8St i55   Jv p0/2    Fp1002Fx1002Fp1Fp1005Fx1005Fp1004Fx1004Fp1003Fx1003Fp980Fx980f31   17/168-2s
10.19.1.34   AV1PABX2     v9St i55   Jv p0/2    Fp1002Fx1002Fp1005Fx1005Fp1003Fx1003Fp1Fp1004Fx1004Fp980Fx980f18   16/169-2s

Pages: [1] 2