Messages

1

Discovery / Re: No ARP table data collected from PaloAlto firewalls

« on: June 03, 2024, 06:38:27 pm »

My alternatives for finding a solution for this were not working out so I circuled back to see if I could find a resolution on my own. I think I have figure out part of the problem, not sure if it is the fix for everything yet. In the file /var/nedi/inc/libcli.pm, starting at line 1285, it appears the columns are off by 1. This is what the file has:

Code: [Select]

}elsif( $main::dev{$na}{os} eq 'PANOS' ){                                       # Palo Alto FW
    $ix = 0;
    $mx = 1;
    $px = 2;
}
Looking at the output of the CLI on a Palo Alto, these identifiers are incorrect. They are 1 column off. The correct code should be:

Code: [Select]

}elsif( $main::dev{$na}{os} eq 'PANOS' ){                                       # Palo Alto FW
    $ix = 1;
    $mx = 2;
    $px = 3;
}
Once I changed these variables, when I run the "Discover Now", there is a full arp table discovered on the device. Being this is in a lab environment, I don't have further equipment discovered to see if this fixes everything. I am going to test with a couple more devices and see if this is the full fix.

2

Discovery / Re: No ARP table data collected from PaloAlto firewalls

« on: May 22, 2024, 02:30:52 pm »

I agree. I have seen these pauses as well, primarily with config collection. One change I have made to accommodate for that is up the SNMP timeout to 10 seconds which allows for the collection of data. This appears to be different. When using the "Discover Now" button on the device, there is a couple second pause only at the login section. The CLI commands flow by with no hesitation. It is almost like the output is not matching what is expected therefor resulting in a 0 count table. I have tried to decipher the language in inc/libcli.pm but since coding is not my strong point, I can't for sure determine if that is the issue. My thought was if the CLI output changed at some point and the table is displayed differently than what is expected.

3

Discovery / No ARP table data collected from PaloAlto firewalls

« on: May 20, 2024, 06:26:04 pm »

We have several PaloAlto firewalls that function as the default gateway for protected subnets. When setting up the .def file, I have selected PANOS for the Operating System and CLI for the ARP collection. It appears that it runs without any problem as I am getting this is the output:

Code: [Select]

CMDR:show arp all dns no result is OK
ARPC:0 ARP entries found
I have verified that I can run 'show arp all dns no' on the firewalls with the same account that Nedi is using. When running manually, I get a CLI output like this followed by all the entries:

Code: [Select]

user@pa-firewall> show arp all dns no

maximum of entries supported :      5000
default timeout:                    1800 seconds
total ARP entries in table :        178
total ARP entries shown :           178
I am failing to figure out why the table is not being collected. This is starting to become more critical as this prevents the "Nodes" section of Nedi from identifying where the device is connected. Any help with identifying an issue is appreciated.

4

GUI / Full DNS name in Nodes-List

« on: April 23, 2019, 02:14:45 pm »

I am currently running Nedi 1.7 and am looking for a way to enable the FQDN for hosts on the Nodes-List page? I am wanting it to display something like 'hostname.domain.com' rather that just 'hostname'. I thought there was a way to toggle this on and off but I can't find it anywhere.

The DNS table in the database has the FQDN so I know it is collecting it correctly. If you hover over the hostname on the Nodes-List page, the link will contain the FQDN but I would rather have it displayed in the table as well as allowing it to be exported.

Thanks.

5

GUI / Assets Management CSV Import format

« on: January 28, 2019, 03:22:12 pm »

We are wanting to set the asset management part of Nedi but due to the quantity, we want to import a list. With the docs that I found online (https://nedi.manage.uc.edu/languages/english/Assets-Management.html) the format that was listed did not work. There is also not a field in that format for the asset or inventory number. Does anyone know what the format and required fields are for a CSV import?

6

Discovery / Multiple CDP neighbors on a single port

« on: December 11, 2017, 04:21:20 pm »

We have a single switch port that goes into a 3rd paryt MPLS cloud that then has several remote switches connected to it. Do to this, it will show multiple CDP neighbor devices on that one port since we don't manage the equipment in the middle. What I have noticed is that Nedi will discover one if the devices but then ignore the rest. This is what shows up in the debug:

DIPR:440406016.9371653 on Et9/2
CDP :Switch1,Fa0/0/0 10.10.10.1 on Et9/2
DIPR:440406016.7077895 on Et9/2
CDP :Ignoring duplicate neighbor Switch2 (set MACflood threshold to allow)
DIPR:440406016.6291462 on Et9/2
CDP :Ignoring duplicate neighbor Switch3 (set MACflood threshold to allow)
DIPR:440406016.12320770 on Et9/2
CDP :Ignoring duplicate neighbor Switch4 (set MACflood threshold to allow)
DIPR:440406016.5767172 on Et9/2
CDP :Ignoring duplicate neighbor Switch5 (set MACflood threshold to allow)
DIPR:440406016.720897 on Et9/2
CDP :Ignoring duplicate neighbor Switch6 (set MACflood threshold to allow)
DIPR:440406016.13828099 on Et9/2
CDP :Ignoring duplicate neighbor Switch7 (set MACflood threshold to allow)

I have a MAC flood threshold set but is there something specific that it needs to be set to in order for this to be allowed?

Thanks