Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - MPell

Pages: [1]
1
Discovery / Re: Parameter for SNMPv3 with SHA256 and AES
« on: March 23, 2023, 11:00:03 pm »
Hi Remo,

you made out the point. Using the patched USM.pm works like a charme. Thanks a lot for the hint!

Best regards, Markus

2
Installation / Re: Radius Login not working 2.2.22
« on: March 17, 2023, 10:10:53 pm »
Hi,

no solution but maybe an explanation: in PHP8 (and possibly also in 7.4) the radius module is missing. I have the same problem after upgrading the NeDi installation from ubuntu server LTS 18.04 to LTS 22.04. I came across that this module obviously is no longer available in the higher PHP versions.

Under PHP 7.2 there were ini-Files with regard to the extension radius.so in the etc/php/7.2/fpm/conf.d directory and in the mods-available path of the PHP version. The ini-files are now missing in these directories.

I did no further investigation on that since.

Unfortunately, at the moment I just don't know if and how the module could be loaded and installed afterwards.

Best regards, Markus

3
Discovery / Parameter for SNMPv3 with SHA256 and AES
« on: March 17, 2023, 06:41:06 pm »
Dear Nedi community,

after a system update, a network device only supports SNMPv3 with SHA256 or SHA512 for authentication and DES, AES or AES256 as privacy protocol. (Before I used MD5 and AES). So I have to change the Authentication Protocol. The test-query via snmpget on the Linux console works (in my examlpe for SHA256 and AES). How can I use the tightened security parameters in NeDi? I tried "sha256" for aprot:
Code: [Select]
comm snmpv3user sha256 authpass aes privpass
The error message on discovery is:
Code: [Select]
MSG=SNMP failed with The authProtocol "sha256" is unknown
Does anyone know the right hint?

I use ubuntu LTS22.04 Server and NeDi 2.2C

Thanks Markus

4
Database / Re: Missing nedi.vendorinfo table following 2.1 upgrade
« on: February 20, 2022, 01:43:35 pm »
Hi,
I can report, that it works as expected (MySQL DB).  ;)

5
Database / Re: Missing nedi.vendorinfo table following 2.1 upgrade
« on: February 20, 2022, 01:09:39 pm »
Hi,
I got the same error. Also on my previous installation (v2.0C updated from 1.8C respectively 1.9C the table vendorinfo doesn't exist. But after DB-Updating trough the Upgrade Process it says (see last line):

Quote
Initialize NeDi DB:'nedi'
------------------------------------------------------------------------

Fetching DB version. If system table doesn't exist, it's probably updated already!

Update from 2.0.120:
Replacing eventmax in monitoring with optstat
0 eventmax entries cleared
0 endwarranty entries cleared
Create polstatus
DB update complete
(You can import vendorinfo now)

I found information on that on nedi-Homepage under "Services" - "Customer Area". There you can download two files, that will generate the vendorinfo table for either MySQL or Postgree DB. That should do the trick (haven't tried yet, but I'm confident by now, that it will work.)

Best regards
MPell

6
GUI / Re: Voice VLAN Column not showing up
« on: May 16, 2021, 12:26:03 pm »
Ok, probably my fault - sorry. The Defed tutorial is of NeDi 2.1. Maybe this is the reason!?

7
GUI / Voice VLAN Column not showing up
« on: May 15, 2021, 02:26:52 pm »
Hello,

I just updated to NeDi 2.0C. The update to NeDi 2.0C ran without any obvious errors. The same goes for the update of the database. In the new "Defed" tutorial on Youtube I noticed that a voice column was visible in the device view for the interfaces. (... | PVID | Voice | Speed | ...) (I assume for showing up a configured voice Vlan on a switchport).

Unfortunately, this column with the voice VLAN information does not appear in the device view, although the voice VLAN is configured on the switchports. The SQL table "interfaces" does not seem to contain this information either.  In the verbose discovery of a switch, I couldn't find any reference to the voice VLAN. Is there a setting I overlooked that is used to collect and display the information?

I tried with Cisco Catalyst 2960S-Series, Catalyst 3560CX-Series and Catalyst 9300-Series.

Thanx in advance

8
Discovery / Re: Config Backup - "show run" error on IOS-XR Devices?!
« on: July 30, 2018, 08:54:34 am »
It works! Thanks a lot!


9
Discovery / Config Backup - "show run" error on IOS-XR Devices?!
« on: July 24, 2018, 01:04:45 pm »
Dear NeDi Community,

I've got a problem on backing the config of some devices (maybe IOS-XR devices only). SSH-Account is working correct. But one device throws an "EVNT:" and in the verbose output I can see, that the "show run" output stays in "WAIT:" Mode, while on the working device the output shows the prefix "CONF:" beginning with the line with "version xx.x" in it.

Both Backups were done over the WebGui and executed the following command:

Code: [Select]
/var/nedi/nedi.pl -v -B0 -SAFGgsjmvpadobewitu -a <Device-IP>
Here the excerpt of the "Not working IOS-XR device" output

Code: [Select]
Config (CLI)   ----------------------------------------------------------------
SSH :NeDi-System@<My-Device-IP-1>:22 Tout:2s OS:IOS-xr EN:[\w+().-]+#\s?$
PTY :Forking ssh -o 'StrictHostKeyChecking no' -l NeDi-System <My-Device-IP-1>
CLI2:Matched 'password: ' sending password
CLI3:Password sent
CLI8:Matched enable prompt, OK
CMDR:terminal length 0 result is OK
EVNT:MOD=C/1 L=150 CL=nede TGT=<My-Device-Name-1> MSG=Command "show run" returned snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
WAIT:show run
WAIT:Building configuration...
WAIT:
WAIT:Current configuration : 11108 bytes
WAIT:!
WAIT:! Last configuration change at 09:55:39 CET Thu Nov 30 2017 by NetAdmin
WAIT:! NVRAM config last updated at 09:55:41 CET Thu Nov 30 2017 by NetAdmin
WAIT:!
WAIT:version 15.5
WAIT:service timestamps debug datetime msec localtime show-timezone
WAIT:service timestamps log datetime msec localtime show-timezone
WAIT:service password-encryption
[...]
WAIT:end
ERR :No config ()

And here the excerpt of the Output from the working IOS device:

Code: [Select]
Config (CLI)   ----------------------------------------------------------------
SSH :NeDi-System@<My-Device-IP-2>:22 Tout:2s OS:IOS EN:[\w+().-]+#\s?$
PTY :Forking ssh -o 'StrictHostKeyChecking no' -l NeDi-System <My-Device-IP-2>
CLI2:Matched 'password: ' sending password
CLI3:Password sent
CLI8:Matched enable prompt, OK
CMDR:terminal length 0 result is OK
CMDR:show run result is OK
WAIT:show run
WAIT:Building configuration...
WAIT:
WAIT:Current configuration : 14177 bytes
WAIT:!
WAIT:! Last configuration change at 17:00:38 CEST Tue Jul 17 2018 by NetAdmin
WAIT:! NVRAM config last updated at 17:41:17 CEST Tue Jul 17 2018 by NetAdmin
WAIT:!
CONF:version 12.2
CONF:no service pad
CONF:service timestamps debug datetime msec localtime show-timezone
CONF:service timestamps log datetime msec localtime show-timezone
CONF:service password-encryption
CONF:service sequence-numbers


Do you have some hints what to do or where to look to get it working?!

Thanks

M. Pell

10
Discovery / Re: Problem getting correct PoE Infos of Cisco Switches
« on: April 24, 2018, 03:46:10 pm »
That would be the OID that shows the value from commandline "show power inline", that's right.

But OID .7 gives only the allocated amount of power of the PD-Device.
With OID .9 you get the actual Power consumption.

You can have a look at CISCO-POWER-ETHERNET-EXT -MIB for further infos.

I think you can use the CLI "show power inline <interface> detail" for that. Here's an example output:

Code: [Select]
SWITCH#show power inline gi0/1 detail
 Interface: Gi0/1
 Inline Power Mode: auto
 Operational status: on
 Device Detected: yes
 Device Type: Ieee PD
 IEEE Class: 2
 Discovery mechanism used/configured: Unknown
 Police: off

 Power Allocated
 Admin Value: 30.0
 Power drawn from the source: 7.0
 Power available to the device: 7.0

 Actual consumption
 Measured at the port: 4.5
 Maximum Power drawn by the device since powered on: 4.7

 Absent Counter: 0
 Over Current Counter: 0
 Short Current Counter: 0
 Invalid Signature Counter: 0
 Power Denied Counter: 0

 Power Negotiation Used: None
 LLDP Power Negotiation --Sent to PD--      --Rcvd from PD--
   Power Type:          -                    -
   Power Source:        -                    -
   Power Priority:      -                    -
   Requested Power(W):  -                    -
   Allocated Power(W):  -                    -

Four-Pair PoE Supported: No
Spare Pair Power Enabled: No
Four-Pair PD Architecture: N/A

So it depends on what value you like to get.

Greets

11
Discovery / Re: Problem getting correct PoE Infos of Cisco Switches
« on: April 23, 2018, 01:00:34 pm »
Hi swepart,

I use the folowing settings in nedi.conf

Code: [Select]
# Set policy how poe delivery should be tracked per device type,
# or default for all (comment to ignore PoE completely):
# disprot use the discovery protocol
# ifmib get real value from the interfaces
usepoe default ifmib

I think after the "usepoe" you have to define what method NeDi should use for gathering PoE Infos. Here you can say: as "default" use "ifmib" (or "disprot").
I defined it as default, because I had the problem with all of my Cisco-PoE capabel Switches. To define the ifmib-method only for several Switchdevices (by Type), it may work for you, if you define a special Line for your Cisco-Switchtype (as I understand for now):

Code: [Select]
usepoe default disprot
usepoe WS-C3560CX-12PC-S ifmib

Good luck.


PS: My switch is on IOS c3560cx-universalk9-mz.152-4.E2.bin as yours

12
Discovery / Re: Problem getting correct PoE Infos of Cisco Switches
« on: April 20, 2018, 09:38:26 am »
Thank you for your response. I thougt i've tried already with ifmib and disprot option... but it must have been a Newbie-mistake. Tried again and now it works wiht the ifmib option (must have done something wrong I can't reproduce). Also to show up the PoE-Values of the Cisco WS-C3560CX-12PC-S Switches I finally changed the POWER-ETHERNET-MIB Option in the def file to "IF-Name2Index" and the column and the PoE values show up now.

Thx

My DEF-File for Cisco Switchtype WS-C3560CX-12PC-S now looks like:

Code: [Select]
# Definition for 1.3.6.1.4.1.9.1.2134 created by Defgen 2.0 on 20.Apr 2018 (admin)
 
# Main
SNMPv 2HC
Type WS-C3560CX-12PC-S
Typoid
Sysdes
OS IOS
Icon w3bp
Size 1
TempAlert
Bridge VLX
ArpND phy
Dispro CDP|LLDP
Serial 1.3.6.1.4.1.9.5.1.2.19.0
Bimage 1.3.6.1.4.1.9.2.1.73.0
CfgChg 1.3.6.1.4.1.9.9.43.1.1.1.0
CfgWrt 1.3.6.1.4.1.9.9.43.1.1.3.0
FTPConf
VLnams 1.3.6.1.4.1.9.9.46.1.3.1.1.4.1
VLnamx
Group 1.3.6.1.4.1.9.9.46.1.2.1.1.2.1
Mode 1.3.6.1.4.1.9.9.46.1.2.1.1.3.1
 
# Interfaces
StartX
EndX
IFname 1.3.6.1.2.1.31.1.1.1.1
IFaddr old
IFalia 1.3.6.1.2.1.31.1.1.1.18
IFalix
InBcast 1.3.6.1.2.1.31.1.1.1.3
InDisc 1.3.6.1.2.1.2.2.1.13
OutDisc 1.3.6.1.2.1.2.2.1.19
IFvlan 1.3.6.1.4.1.9.9.68.1.2.2.1.2
IFvlix
IFpowr 1.3.6.1.4.1.9.9.402.1.2.1.9 N
IFpwix 1.3.6.1.4.1.9.5.1.4.1.1.11
IFdupl 1.3.6.1.2.1.10.7.2.1.19
IFduix
Halfdp 2
Fulldp 3
 
# Modules
Modesc 1.3.6.1.2.1.47.1.1.1.1.2
Moclas 1.3.6.1.2.1.47.1.1.1.1.5
Movalu 3|10
Moslot 1.3.6.1.2.1.47.1.1.1.1.7
Modhw 1.3.6.1.2.1.47.1.1.1.1.8
Modsw 1.3.6.1.2.1.47.1.1.1.1.10
Modfw 1.3.6.1.2.1.47.1.1.1.1.9
Modser 1.3.6.1.2.1.47.1.1.1.1.11
Momodl 1.3.6.1.2.1.47.1.1.1.1.13
Modloc 1.3.6.1.4.1.9.9.402.1.2.1.9
Mostat
Mostok
 
# RRD Graphing
CPUutl 1.3.6.1.4.1.9.9.109.1.1.1.1.8.1
Temp 1.3.6.1.4.1.9.9.13.1.3.1.3.1004
MemCPU 1.3.6.1.4.1.9.9.48.1.1.1.6.1
Custom Mem IO;G;Bytes free 1.3.6.1.4.1.9.9.48.1.1.1.6.2

13
Installation / Use location string in seedlist as a Prefix?
« on: April 17, 2018, 03:59:07 pm »
Hi,

I'm playing around with NeDi an the possiblity to use the snmp location string to create maps and rack views. I assume that the location string in seedlist overrides the snmp location string of the switch. Now Im wondering if I could use the location string in the seedlist as a "prefix location" entry for the IP-Ranges. So for example the seedlist looks like

# DNS/IP      cmty   name   location      contact
;192.168.1.2      peblic   -   Switzerland;Zurich;Home Office;   lanadmin


Now the idea is, that on discovery NeDi would merge that location Prefix from seedlist with the configured SNMP-String of a switch, e.g. "floor 5;DC;Rack 17;7", so that the resulting location string for the switch would be

Switzerland;Zurich;Home Office;floor 5;DC;Rack 17;7

This would be an advantage, where the snmp-location strings on the switch are kept simple (e.g. only for location infos in one building). Also for discovery with seedlists, one could use different "location prefix strings" for different areas:

# DNS/IP      cmty   name   location      contact
;192.168.1.1-254      peblic   -   Switzerland;Zurich;Home Office;   lanadmin
;172.16.15.1-254      poblic   -   Germany;Cologne;Mobile Office;   lanadmin


Or is it already possible and I didn't found the right topic in the forum?!

Thx MPell

14
Discovery / Problem getting correct PoE Infos of Cisco Switches
« on: April 13, 2018, 09:31:36 am »
Dear NeDi-Community,

first of all "thank you" for this awesome Monitoring Tool. It fits the raltion between nedds, complexity and speed in a impressive way.

I've scanned some Cisco-Switches and most of it looks fine, except the PoE Infos. Although I can see PoE Consumption Values through the Test in the def-files they are not collected while scanning with nedi.pl. I've looked trough the Forum but can't get the right hint, so I hope you can help me though.

I have for example a Cisco Switch Type WS-C2960S-24PS-L and WS-C3560CX-12PC-S. The corresponding interface part in the def-file is the same. Only the POWER-ETHERNET-MIB Option is "PEM->" for the C3560 and "Cisco Stack-MIB" for the S2960S.

# Interfaces
StartX   
EndX   
IFname   1.3.6.1.2.1.31.1.1.1.1
IFaddr   old   
IFalia     1.3.6.1.2.1.31.1.1.1.18
IFalix   
InBcast   1.3.6.1.2.1.31.1.1.1.3
InDisc   1.3.6.1.2.1.2.2.1.13
OutDisc   1.3.6.1.2.1.2.2.1.19
IFvlan   1.3.6.1.4.1.9.9.68.1.2.2.1.2
IFvlix   
IFpowr   1.3.6.1.4.1.9.9.402.1.2.1.9   
IFpwix   1.3.6.1.4.1.9.5.1.4.1.1.11
IFdupl   1.3.6.1.2.1.10.7.2.1.19
IFduix   
Halfdp   2
Fulldp   3



If I tested the OID through the defgen Page and it looks fine; I can see PoE Consumption Values (chekced through ssh-session on the switch). But a scan with nedi.pl -v -a <IP-Address> shows in the interface section no PoE Values. So there are no PoE Values to show up in the interface column of the device-status page of the C2960S-Switch. The C3560CX Switch doesn't even have a PoE Column for the interfaces in device status page.

I've lso tried both mentioned options (disprot and ifmib) in nedi.conf for tracking of PoE Infos. Now I have nomore idea where too look after. Can you help me in this matter?

thanks in advance

Pages: [1]