Installing and Migrating to CiscoWorks LAN Management Solution 4.0
Chapter 2: Prerequisites
Downloads: This chapterpdf (PDF - 270.0KB) The complete bookPDF (PDF - 2.63MB) | Feedback

Prerequisites

Table Of Contents

Prerequisites

System and Browser Requirements for Server and Client

Disk Space requirements

Operating System Requirements

Storage Area Network Support

Link Aggregation Support in Solaris 10

Server Requirements on Solaris Systems

Server Requirements on Windows Systems

Unified Computing System (UCS) Support

Server Requirements on Virtualization Systems

System Requirements on Client Systems

Terminal Server Support for Windows Server

Solaris Patches

Required and Recommended Solaris Patches

Cluster Patches

LMS 4.0 Port Usage

Important URLs

Required Device Credentials for LMS Functionalities


Prerequisites


This chapter describes the factors that you must consider before installing LMS 4.0 on both Windows and Solaris systems.

LMS 4.0 software can be installed independently and does not depend on the earlier versions of LMS for installation.

Before you install LMS 4.0, ensure that:

The server and client systems have the recommended hardware and software requirements.

You have disabled Terminal Services on the Windows operating system in the Application mode.

If you have enabled Terminal Server in Application mode, disable the Terminal Server, reboot the system, and start the installation again.

However, you can enable Terminal Services in remote Administration mode.

If you have configured Remote Syslog Collector (RSC) on a different server, you must upgrade RSC to RSC 5.0. See Installing the Remote Syslog Collector for further information.

You have disabled the virus scanner on your system during the installation.

You have configured the recommended swap space.


Caution If you want to upgrade the operating system from Windows 2003 or Windows 2008 to Windows 2008 R2, you must first complete upgrading the operating system, and then install the LMS 4.0.x Windows 2008 R2 patch.


NoteYou can install the LMS 4.0.x Windows 2008 R2 patch only on LMS 4.0.x and not on the lower version of LMS.

You cannot install Integration Utility and HP Open View 7.x or 8.x on Windows 2008 or Windows 2008 R2 servers.


This chapter contains:

System and Browser Requirements for Server and Client

Terminal Server Support for Windows Server

Solaris Patches

LMS 4.0 Port Usage

Important URLs

Required Device Credentials for LMS Functionalities

System and Browser Requirements for Server and Client

Before you begin to install LMS software, you must check if your system meets the recommended prerequisites.

The recommended LMS 4.0 server and client requirements on both the Operating Systems are based on the license that you use on a single server or multi-server setup.

This section contains the following:

Disk Space requirements

Operating System Requirements

Server Requirements on Solaris Systems

Server Requirements on Windows Systems

Server Requirements on Virtualization Systems

System Requirements on Client Systems

Disk Space requirements

The disk space required to install LMS 4.0 on both Solaris and Windows is:

60 GB free disk space for LMS 4.0 application and data, in the CiscoWorks installation directory—For LMS 50 (Windows only), LMS 100 (Windows only), LMS 300, LMS 750, LMS 1,500 and LMS 2,500 device license types

120 GB free disk space for LMS 4.0 application and data, in the CiscoWorks installation directory—For LMS 5,000 and LMS 10,000 device license types

The hardware requirements vary based on the type of device restricted license you use.

Table 2-2 lists the server hardware requirements for installing the LMS 4,0 on Solaris systems.

Table 2-3 lists the server hardware requirements for installing the LMS 4.0 on Windows systems.

Table 2-5 lists the client system requirements for all platforms.

If you are running additional Cisco or third-party applications on the servers, the requirements might be higher.


Note LMS 4.0 is not supported on Windows 2000, Solaris 8 and Solaris 9 servers.


Operating System Requirements

The operating system requirements are listed in Table 2-1.

This section contains:

Storage Area Network Support

Link Aggregation Support in Solaris 10

Table 2-1 Operating System Requirements

Operating System
Requirements

Solaris

LMS 4.0 supports the following Solaris 10 releases:

Solaris 10, 10/09 release

Solaris 10, 05/09 release

Solaris 10, 10/08 release

Solaris 10, 05/08 release

Solaris 10, 08/07 release

Solaris 10, 11/06 release

Solaris Zones (Supported from Solaris 10) is a virtualization technology from ORACLE (www.oracle.com). It allows you to create isolated and secure environments called zones for running applications.

LMS 4.0 is installed on global zone of Solaris 10 Operating System by default.

LMS 4.0 also supports installing LMS in whole-root non-global zone.

Sparse root zone is not supported.

There is no specific hardware or software requirement for zone support. LMS works in the same way in non-global zones, as it works on global zone.

LMS 4.0 also supports Logical domains (LDoms) and ZFS file system.

See Solaris Patches for more information on Solaris patches to be installed on these Operating Systems.

Windows

LMS 4.0 supports the following Windows systems:

Windows 2003 Standard Edition (SP2)

Windows 2003 Enterprise Edition (SP2)

Windows 2003 Standard Edition R2 (SP2)

Windows 2003 Enterprise Edition R2 (SP2)

Windows 2008 Server Standard Edition Release 1 with SP1 and SP2

Windows 2008 Enterprise Edition Release 1 with SP1 and SP2

Note Both 32-bit and 64-bit Operating Systems are supported on the above versions.

Windows Server 2008 R2 Standard Edition

Windows Server 2008 R2 Enterprise Edition

Note Only 64-bit Operating Systems are supported on the above versions.

Note For installing LMS 4.0.x on Windows Server 2008 R2, you have to download and install the Windows 2008 R2 patch also. See Downloading and Installing CiscoWorks LMS 4.0.x Using Windows 2008 R2 Patch for more information.


LMS 4.0 supports the following Virtualization Systems:

VMware ESX server 3.0.x

VMware ESX Server 3.5.x

VMWare ESX Server 4.0.x

VMWare ESX Server 4.1

VMWare ESXi Server 4.0

VMware ESXi Server 4.1

Hyper V Virtualization


Note VMWare and Hyper V virtualization systems are not supported in LMS 5000, and LMS 10000 Devices license in Windows.


Storage Area Network Support

LMS runs on Storage Area Network (SAN) which is connected to the Host server through a Fiber Channel. The server requirements on SAN environment remains the same as the server requirements on Windows and Solaris systems. See Server Requirements on Solaris Systems and Server Requirements on Windows Systems for the recommended server hardware requirements.

Link Aggregation Support in Solaris 10

A link aggregation consists of several interfaces on a system that are configured together as a single, logical unit. Link aggregation is defined in the IEEE 802.3ad Link Aggregation Standard.

Link Aggregation Standard (IEEE 802.3ad) provides a method to combine the capacity of multiple full-duplex Ethernet links into a single logical link. This link aggregation group is then treated as a single link. The server requirements on a link aggregated environment remains the same as the server requirements on Solaris systems. See Server Requirements on Solaris Systems for the recommended server hardware requirements.

This section contains:

Configuring Link Aggregation in a Solaris Environment

Verifying the Link Aggregation

Configuring Link Aggregation in a Solaris Environment

This section explains how to configure link aggregation in a Solaris environment. The example in this procedure aggregates sample interfaces bge0 and bge1.


Step 1 Configure the links (in this example, bge0 and bge1) with two different IP addresses in the same network.

Step 2 Check if both the IP addresses are reachable and you are able to telnet to the IPs. Get one public IP address in the same subnet.

Step 3 Unplumb both the NICs using the command:

Ifconfig bge0 unplumb

Ifconfig bge1 unplumb

Step 4 Create the link aggregation group using the command:

dladm create-aggr -d bge0 -d bge1 2 key

Key is the number that identifies the aggregation. The lowest key number is 1. Zeroes are not allowed as keys. The key can be of any value.

ifconfig aggr2 plumb

ifconfig aggr2 public IP address subnet mask up

For example, ifconfig aggr 2 10.77.210.210 255.255.255.192 up.

Step 5 Add the IP address (Public IP) and hostname in the /etc/host file.

Step 6 If you cannot ping the IP address, you can set aggregation LACP mode active to off.

dladm modify-aggr -t -l off 2 key


Verifying the Link Aggregation

To verify the Link Aggregation:


Step 1 Check the statistics by using the following command in the link aggregated server:

dladm show-aggr

A sample output is:

Key: 2 (0x0002) policy: L4 address: 0:14:4f:90:1e:ba (auto)

Device       address                   speed       duplex link state

bge0 0:14:4f:90:1e:ba 1000Mbps full up     attached

bge1 0:14:4f:90:1e:bb 1000Mbps full up     attached


Note The state of the links should appear as attached in the output, else, the link aggregated server will not work when the NIC fails.


Step 2 Reboot the server by using the following command:

reboot-- -rv


Link aggregation is also supported in an HA environment. To configure link aggregation in HA environment please refer Setting Up CiscoWorks LMS in High Availability and Disaster Recovery Environment.

VMware ESX Server 3.0.x

VMware ESX Server 3.5.x

VMware ESXi 3.5 Update 2

VMware ESX Server 4.0

VMware ESXi Server 4.0

Hyper-V

Server Requirements on Solaris Systems

Table 2-2 lists the server requirements for installing LMS 4.0 software on Solaris systems.

To manage LMS 10,000 devices in LMS 4.0, you must set up more than one servers.


Note LMS 50 and LMS 100 devices restricted license types are not supported on Solaris systems.


Table 2-2 Recommended Server Hardware Requirements on Solaris Systems

Component
Recommended Server System Requirement

LMS 300

1 CPU with dual core or 2 CPUs with single core 4 GB RAM and 8 GB swap space, 32/64 dual stack OS

LMS 750

2 CPUs with dual core or 4 CPUs with single core 8 GB RAM and 16 GB swap space, 32/64 dual stack OS

LMS 1,500

2 CPUs with dual core or 4 CPUs with single core 8 GB RAM and 16 GB swap space, 32 / 64 dual stack OS

LMS 2,500

2 CPUs with quad core or 4 CPUs with dual core 16 GB RAM and 32 GB swap space, 32 / 64 dual stack OS

LMS 5,000

Note You can use one or more servers to manage upto 5000 devices.

2 CPUs with 8 core or 4 CPUs with quad core 16 GB RAM and 32 GB swap space, 32 / 64 dual stack OS

LMS 10,000 server:

Configuration Functionality will support up to 10,000 devices

For LMS Server managing Configuration Functionality for upto 10,000 devices only:

2 CPUs with 8 core or 4 CPUs with quad core 16 GB RAM and 32 GB swap space, 64 bit OS


You need more than one servers to manage up to 10,000 devices for all functionalities in your network.

You must manage:

Network Topology, Layer 2 Services and User Tracking, Fault Management, IPSLA Performance Management, and Device Performance management Functionalities for upto 5,000 devices in another server

Configuration and Image Management Functionalities for upto 10,000 devices in one server.


Note You must disable other functionalities in Config Server managing upto 10,000 devices.


The following processors are supported on a Solaris system:

UltraSPARC IIIi processor

UltraSPARC IV processor

UltraSPARC IV+ processor

UltraSPARC T1 processor

UltraSPARC T2 processor

UltraSPARC T2+ processor

SPARC64 VI processor

SPARC64 VII processor


Note Minimum processor speed must be 1.35 Ghz or higher


See Solaris Patches for information on required and recommended server patches on Solaris systems.

Server Requirements on Windows Systems

Table 2-3 lists the server requirements for installing LMS 4.0 software on Windows systems.

To manage LMS 10,000 devices in LMS 4.0, you must set up more than one servers.

For a list of Windows HotFix patches, see the Which Windows HotFix patches are supported for LMS 4.0?

Table 2-3 Recommended Server Hardware Requirements on Windows Systems

Component
Recommended Server System Requirement

LMS 50

1 CPU with dual core or 2 CPUs with single core 4 GB RAM and 8 GB swap space, 32 or 64 bit OS

LMS 100

1 CPU with dual core or 2 CPUs with single core 4 GB RAM and 8 GB swap space, 32 or 64 bit OS

LMS 300

1 CPU with dual core or 2 CPUs with single core 4 GB RAM and 8 GB swap space, 32 or 64 bit OS

LMS 750

2 CPUs with dual core or 4 CPUs with single core, 8 GB RAM and 16 GB swap space, 32 or 64 bit OS

LMS 1,500

2 CPUs with dual core or 4 CPUs with single core, 8 GB RAM and 16 GB swap space, 64 bit OS

LMS 2500

2 CPUs with quad core or 4 CPUs with dual core,16 GB RAM and 32 GB swap space, 64-bit OS

LMS 5,000

Note You can use one or more servers to manage upto 5000 devices.

2 CPUs with 8 core or 4 CPUs with quad core 16 GB RAM and 32 GB swap space, 64 bit OS

LMS 10,000 server:

Configuration Functionality will support up to 10,000 devices

For LMS Server managing Configuration Functionality for upto 10,000 devices only:

2 CPUs with 8 core or 4 CPUs with quad core 16 GB RAM and 32 GB swap space, 64 bit OS


You need more than one server to manage up to 10,000 devices for all functionalities in your network.

You must manage:

Network Topology, Layer 2 Services and User Tracking, Fault Management, IPSLA Performance Management, and Device Performance management Functionalities for upto 5,000 devices in another server

Configuration and Image Management Functionalities for upto 10,000 devices in one server.


Note You must disable other functionalities in Config Server managing upto 10,000 devices.



Note If you want to configure swap space in a 32-bit Windows machine with greater than 4 GB space, create more than one partition and split the swap space across the drives. For example, to archive 8 GB, configure 4GB for C:\ and configure another 4GB for D:\


Table 2-4 lists the server requirements for installing the CiscoWorks LAN Management Solution 3.2 components on Windows systems with HUM.

Table 2-4 Recommended Server Hardware Requirements on Windows Systems  with HUM

Component
Recommended Server System Requirement
LMS Bundle Hardware Configuration

HUM 50 + LMS 300

One CPU with 2 GB RAM memory and 4 GB swap space.

HUM 300 + LMS 1500

2 CPUs with 4 GB RAM memory and 8 GB swap space.

Standalone Hardware Configuration

HUM 50

One CPU with 2 GB RAM memory and 4 GB swap space.

HUM 300

One CPU with 2 GB RAM memory and 4 GB swap space.

HUM 1000

Two CPUs with 4 GB RAM memory and 8 GB swap space.


The following processors are supported on a Windows system:

Intel processors

Intel Xeon processor

Intel Core Duo processor T2600 - T2300

Intel Itanium Processor (32 bit OS only, 1.7 Ghz or higher CPU)

Intel-VT processors (VMware Optimized hardware)

Intel Xeon processor 5400 series

Intel Xeon processor 5300 series

Intel Xeon processor 7300 series

Intel Xeon processor 5500 series

Intel Xeon processor 5600 series

AMD processors

AMD Opteron Processor

AMD Athlon 64 FX Processor

AMD Athlon 64 X2

AMD -V


Note Minimum processor speed must be 2.33 Ghz or higher


Dual-Core AMD Opteron Processor

AMD Opteron Processor

AMD Athlon 64 FX Processor

AMD Athlon™ 64 X2 Dual-Core

Unified Computing System (UCS) Support

LMS 4.0 is supported on the UCS B-series blade servers (B200-M1 or M2 and B250-M1 or M2) and C-series rack mount servers (C200-M1 or M2, C210-M1or M2, C250-M1 or M2, and UCS C460). The server requirements on UCS blade servers and rack mount servers remains the same as the server requirements on Windows systems. Please refer Table 2-3 for the recommended server hardware requirements on windows systems

The supported processor in UCS B-series blade servers is Intel Xeon 5500 or 5600 Series processors. For more information see http://www.cisco.com/en/US/prod/collateral/ps10265/ps10280/data_sheet_c78-524797_ps10279_Products_Data_Sheet.html

The supported processor in UCS C-series rack amount servers is Intel Xeon 5500 or 5600 Series processors with their choices mentioned explicitly. For more information see

http://www.cisco.com/en/US/products/ps10493/products_data_sheets_list.html

Server Requirements on Virtualization Systems

LMS 4.0 runs on VMware systems. See Operating System Requirements for a list of virtualization systems supported.

The server requirements on VMware servers remains the same as the server requirements on Windows systems.

However, the following hardware are optimized to run in virtualized environment:

Intel-VT processors

Intel® vPro™ processor technology

Intel® Xeon® processor 5000 sequence

Intel Xeon processor 7000 sequence

Intel Xeon processor 3000 sequence

Intel® Itanium® Processor 9000 sequence (only 32-bit is supported)

AMD-V

System Requirements on Client Systems

The following table lists the client system requirements for all platforms:

Table 2-5 Recommended Client Hardware and Software Requirements

Component
Recommended Client System Requirement

Disk space

Windows: 4 GB virtual memory

Memory Requirements

2 GB RAM

Hardware and software

At least single CPU@ 2.4 GHZ or higher with one of the following operating systems:

Windows 2003 Standard and Enterprise Editions with Service Pack 2 (32 and 64 bit)

Windows 2003 Standard R2 and Enterprise R2 Editions with Service Pack 2 (32 and 64 bit)

Windows XP with Service Pack 3

Windows 2008 Standard and Enterprise with Service Pack 1 and Service Pack 2 (32 and 64 bit)

Windows 7 (32 and 64 bit)

Browser Requirements

Internet Explorer 7.x (except on Windows 7)

Internet Explorer 8.x

Note LMS 4.0 supports only the IE 8.x Quirks mode and not the IE8 Standards mode.

Firefox 3.6.x for Windows

Note Only 32-bit IE and FF browsers are supported

Java Runtime Environment (JRE) Requirements

To access LMS Topology Services, we recommend that you install Java Plug-in version 1.6.0_19. If the client machine is installed with the JRE Update version equal to or higher than the recommended version, then Topology Services will be launched in the client machine.

If the client machine is installed with more than one JRE Update version equal to or higher than the recommended JRE version (1.6.0_20), the Topology Services will be launched with the higher Update JRE version. To view the JRE versions installed, go to Java Control Panel and click View button under Java tab.

For example, LMS 4.0 requires JRE 1.6.0_19 to launch Topology Services. If the client machine is installed with an Update version higher than JRE 1.6.0_19, say 1.6.0_20, and user selects JRE 1.6.0_20, then Topology Services is launched with JRE 1.6.0_20.


Terminal Server Support for Windows Server

You can install LMS 4.0 software on a system with Terminal Services enabled in Remote Administration mode. However, you cannot install Common Services on a system with Terminal Services enabled in Application mode.

If you have enabled Terminal Server in Application mode, you should disable the Terminal Server, reboot the system, and start the installation again.

Table 2-6 summarizes the Terminal Services features in Windows Server.

.

Table 2-6 Terminal Services on Windows Server

Windows 2003 and 2008 Servers
Features

Terminal Server

Remote access and virtual system. Each client has its own virtual OS environment.

Remote Desktop Administration

Remote access only. All clients use the same (and the only) OS.


Enabling and Disabling Terminal Services on Windows 2003 Server

To enable/ disable Terminal Server, go to Manage Your Server > Add or Remove a Role > Terminal Server.

To enable/ disable Remote Desktop, go to Control Panel > System > Remote.

Enabling and Disabling Terminal Services on Windows 2008 Server

To enable/ disable Terminal Server, use the Terminal Services Manager tool.

To enable/ disable Remote Desktop:


Step 1 Go to Control Panel > System.

Step 2 Click Remote Settings under Tasks > Remote

Step 3 Select the Allow connections from computer running any version if Remote Desktop option.


Enabling and Disabling FIPS on Windows 2003 and Windows 2008 Servers

Sometimes, Federal Information Processing Standard (FIPS) compliant encryption algorithms are enabled for Group security policy on Windows server.

When the FIPS compliance is turned on, the SSL authentication may fail on CiscoWorks Server. You should disable the FIPS compliance for the CiscoWorks to work properly.

To enable/disable FIPS on Windows 2003 and Windows 2008 servers:


Step 1 Go to Start > Settings > Control Panel > Administrative tools > Local Security Policy.

The Local Security Policy window appears.

Step 2 Click Local Polices > Security Options.

Step 3 Select System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.

Step 4 Right-click the selected policy and click Properties.

Step 5 Select Enabled or Disabled to enable or disable FIPS compliant algorithms.

Step 6 Click Apply.

You must reboot the server for the changes to take effect.


Solaris Patches

LMS 4.0 is installed on global zone of Solaris 10 Operating System by default. Installation of LMS 4.0 in whole-root non-global zone in Solaris 10 is supported.

The Solaris system requires the following patches to be installed on the server:

Required and Recommended Solaris Patches

Cluster Patches

Required and Recommended Solaris Patches

Table 2-7 lists the required and recommended patches for Solaris 10.

The required patches are mandatory for all LMS features to function properly. Some of the LMS features may not work if the mandatory patches are not installed on your system.

For more information, see www.oracle.com.

Table 2-7 Solaris Patches

Operating System
Required and Recommended Solaris Patches
Solaris 10

Required Server Patches are 122032-05 and 127127-11

Minimum system level must be 11/06 release or higher.

To find out the current operating system level, enter the following command:

# more /etc/release

For example, the system displays the following information:

Solaris 10 11/06 s10s_u2wos_09a SPARC

Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.

Use is subject to license terms.

Assembled 11 November 2006


Use showrev -p command to verify that these patches have been applied.


Note LMS was tested only with these patches. Later versions of these patches have not been tested since they were not released when LMS was tested.


The table below lists the messages that appear during installation if you do not have the recommended and required Solaris patches on the system.

If you do not have...
Message

Required Server patches

Error message appears with a prompt to continue or quit the installation.

This system does not have the following required Server patches

Installation can proceed without the required Server patches.However, you must install the required patches listed above before running CiscoWorks.

Do you want to continue the installation? (y/n) [y]:

Required Client patches

Error message appears with a prompt to continue or quit the installation.

This system does not have the following required Client patches.

These patches are required if only this system is used as a CiscoWorks client.


We recommend you download and install the latest required and recommended patches from www.oracle.com before you run LMS 4.0.

Cluster Patches

You should also install the cluster patches recommended by ORACLE on Solaris 10 servers.

You can download the cluster patches from www.oracle.com. See the same website for the installation instructions of Cluster patches.

The minimum recommended cluster patch levels on Solaris Systems are Solaris 10 — Cluster patches released on Apr/17/07 and Sep/16/09.

If you have not installed the cluster patches on Solaris 10 system, the following warning messages appear to ensure you install the Cluster Patches required for Solaris 10:

WARNING: Ensure that you have installed the recommended Solaris 10 cluster patches released on Apr/17/07, in this server.

WARNING: If these cluster patches are not installed, please download and install them from http://www.sun.com/.

WARNING: Otherwise, some features of the CiscoWorks applications will not function properly.
Do you want to continue the installation ? (y/n) [y]:

LMS 4.0 Port Usage

Table 2-8 lists the ports used by the various LMS components.

If you have enabled firewall in your CiscoWorks Server, you must open or free up the following ports:

HTTP or HTTPS port

All ports mentioned in Table 2-8 whose direction of establishment of connection is Client to Server.

Only then, the communication across servers or between the server and client can happen.


Note In LMS 4.0, UDP packets sent by the database server in response to client broadcasts do not contain any sensitive information. The data in these packets is limited to:

Database server name

Port number

Database server version

Names of databases running on the database server

If you want to disable the UDP listeners completely, you must upgrade to LMS 4.1.


Table 2-8 LMS 4.0 Port Usage 

Protocol
Port Number
Service Name
Functionality
Direction
(of Establishment) of Connection

TCP

49

TACACS+ and ACS

Common Services

Configuration and Software Image Management

Network Topology, Layer 2 Services and User Tracking

Fault Management

Server to ACS

TCP

25

Simple Mail Transfer Protocol (SMTP)

Common Services (PSU)

Inventory, Config and Image Management

Server to SMTP Server

TCP

22

Secure Shell (SSH)

Common Services,

Network Topology, Layer 2 Services and User Tracking

Inventory, Config and Image Management

Server to Device

TCP

23

Telnet

Common Services

Network Topology, Layer 2 Services and User Tracking

Inventory, Config and Image Management

Server to Device

UDP

69

Trivial File Transfer Protocol (TFTP)

Common Services

Inventory, Config and Image Management

Server to Device

Device to Server

UDP

161

Simple Network Management Protocol (SNMP)

Common Services

CiscoView

Inventory, Config and Image Management

Network Topology, Layer 2 Services and User Tracking

Fault Management

IPSLA Performance Management

Device Performance Management

Server to Device

Device to Server

TCP

514

Remote Copy Protocol

Common Services

Server to Device

UDP

162

SNMP Traps (Standard Port)

Network Topology, Layer 2 Services and User Tracking

Fault Management

Device to Server

UDP

514

Syslog

Common Services

Inventory, Config & Image Management

Device to Server

UDP

14311

Trap Listener to MAC Notification Traps

Network Topology, Layer 2 Services and User Tracking

Device to Server

UDP

9000

Trap receiving (if port 162 is occupied)

Fault Management

Device to Server

UDP

162362

UT Host acquisition

Network Topology, Layer 2 Services and User Tracking

End host to Server

TCP

443

CiscoWorks HTTP server in SSL mode

Common Services

Client to Server

Server Internal

TCP

1741

CiscoWorks HTTP Protocol

Common Services

CiscoView

Network Topology, Layer 2 Services and User Tracking

Inventory, Config & Image Management

Fault Management

IPSLA Performance Management

Client to Server

TCP

42342

OSAGENT

Common Services

Client to Server

TCP

42352

ESS HTTP
(Alternate port is 44352/tcp)

Common Services

Client to Server

TCP

1099

ESS (used for Java Management Extensions)

Common Services

Server Internal

TCP

8898

Log Server

Fault Management

Server Internal

TCP

9002

DynamID authentication (DFM Broker)

Fault Management

Server Internal

TCP

9007

Tomcat shutdown

Common Services

Server Internal

TCP

9009

Ajp13 connector used by Tomcat

Common Services

Server Internal

UDP

9020

Trap Receiving

Fault Management

Server Internal

UDP

14004

Lock port for ANI Server singlet on check

Network Topology, Layer 2 Services and User Tracking

Server Internal

TCP

15000

Log server

Fault Management

Server Internal

TCP

40050-
40070

CSTM ports used by CS applications, such as Grouping Services, Device and Credential Repository (DCR)

Common Services

Server Internal

TCP

40401

LicenseServer

Common Services

Server Internal

TCP

43242

ANIServer

Network Topology, Layer 2 Services and User Tracking

Client to Server

TCP

42340

CiscoWorks Daemon Manager - Tool for Server Processes

Common Services

Server Internal

TCP

42344

ANI HTTP Server

Common Services

Server Internal

UDP

42350

Event Services Software (ESS)
(Alternate port is 44350/udp)

Common Services

Server Internal

TCP

42351

Event Services Software (ESS) Listening
(Alternate port is 44351/tcp)

Common Services

Server Internal

TCP

42353

ESS Routing
(Alternate port is 44352/tcp)

Common Services

Server Internal

TCP

43441

Common Services Database

Common Services

Server Internal

TCP

43455

Inventory, Config and Image Management Database

Inventory, Config and Image Management

Server Internal

TCP

43443

ANIDbEngine

Network Topology, Layer 2 Services and User Tracking

Server Internal

TCP

43445

Fault History Database

Fault Management

Server Internal

TCP

43446

Inventory Service Database

Fault Management

Server Internal

TCP

43800

Device Performance Management Database

Device Performance Management

Server Internal

TCP

43820

IPSLA Performance Management Database

IPSLA Performance Management

Server Internal

TCP

43447

Event Promulgation Module Database

Fault Management

Server Internal

TCP

44400-
44420

CSTM Ports

Fault Management

Device Performance Management

Server Internal

TCP

47010-
47040

CSTM Port

Inventory, Config and Image Management

Server Internal

TCP

49000-49040

CSTM Port

Inventory, Config and Image Management

Server Internal

TCP

50001

SOAPMonitor

Inventory, Config and Image Management

Server Internal

TCP

55000-
55020

CSTM Port

Network Topology, Layer 2 Services and User Tracking

Server Internal

TCP

56000-
56040

CSTM Port

VRF Lite

Server Internal

1 Windows Firewall blocks the port 1431 (for SNMP Traps), by default. You should free up this port for the SNMP traps to be allowed to the server from the device.

2 Windows Firewall blocks the port 16236 (for UTLite Updates), by default. You should free up this port for the UTLite scripts to run.



Note In the Windows Firewall, ICMP inbound and outbound needs to be open. If you have ICMP inbound open and outbound closed, then all the Fault Management devices will stay in questioned state.

While configuring your Windows Firewall, enable the ICMP options to allow ICMP traffic through Firewall. See http://technet.microsoft.com/en-us/library/cc779521%28WS.10%29.aspx for more details on administering Windows Firewall and on configuring ICMP settings in Windows Firewall.

You need to allow ICMP traffic in any Firewall that is operating between CiscoWorks Server and devices to avoid Fault Management devices staying in questioned state.


Important URLs

The following URLs are most commonly used in LMS and should be added in the proxy server:

General

http://www.cisco.com

Device update/Software update/Point Patch update

http://tools.cisco.com/software/catalog/swcs/softwaremetadata

http://tools.cisco.com/software/catalog/swcs/image

http://www.cco.cisco.com

IOS image download

http://www.cisco.com/cgi-bin/smarts/swim/crmiosbridge.pl

http://www.cisco.com/techsupport

Smart Services

SASI_SERVER—https://wsgx.cisco.com

RSR_SERVER— https://wsgx.cisco.com

CSC_SERVER—https://supportforums.cisco.com

CCOLOGINURL—https://sso.cisco.com/autho/apps/nmtgSSapp/index.html

CCOLOGOUTURL— https://sso.cisco.com/autho/logout.html

CASE_QUERY_URL—https://tools.cisco.com/ServiceRequestTool/query/QueryCaseSearchAction.do?caseType=ciscoServiceRequest

LOGIN_REDIRECT_URL—https://fed.cisco.com/idp/startSSO.ping?PartnerSpId=csc.jivesoftware.com

CSC_REDIRECT_URL—https://supportforums.cisco.com

PSIRT

EoS/EoL Hardware Report—http://www.cisco.com/cisco/software/release.html?mdfid=282253606&flowid=5144&softwareid=280775123&os=Windows&release=4.1.1&relind=AVAILABLE&rellifecycle=&reltype=latest#

EoS/EoL Software Report—http://www.cisco.com/cisco/software/release.html?mdfid=282253606&flowid=5144&softwareid=280775123&os=Windows&release=4.1.1&relind=AVAILABLE&rellifecycle=&reltype=latest#

Bug Toolkit

http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl

http://tools.cisco.com/Support/BTKNotifications/getBugDetails.do??method=getAllBugs

http://tools.cisco.com/Support/BTKNotifications/getBugDetails.do?method=getAffectedBugdata&bugid=

http://tools.cisco.com/Support/BTKNotifications/getBugDetails.do?method=getBugsReport

Contract Connection

http://www.cisco.com/pcgi-bin/front.x/cconx/conx_userinfo.pl

https://www.cisco.com/cgi-bin/front.x/cconx/conx_recv_data.pl

https://www.cisco.com/cgi-bin/front.x/cconx/conx_sortdetail_js.pl

Compliance and Audit Management

Download Contracts—https://apps.cisco.com/CustAdv/ServiceSales/contract/viewContractMgr.do?method=viewContractMgr

Download Compliance Policy Updates—http://www.cisco.com/cisco/software/release.html?mdfid=284259296&flowid=31102&softwareid=284270571&release=1.0.0&relind=AVAILABLE&rellifecycle=&reltype=latest

Required Device Credentials for LMS Functionalities

You must configure several important device credentials correctly on every Cisco device that will be managed and monitored through LMS. You must also enter the correct device credentials in the Device and Credential Repository (Inventory > Device Administration > Add / Import / Manage Devices).

Table 2-9 lists all the functionalities and the device credentials required.

.

Table 2-9 LMS Functionalities and Device Credentials 

Functionalities
Telnet/SSH Password
Enable Password
SNMP Read Only
SNMP Read / Write

Common Services

Not required

Not required

Required

Required

Network Topology, Layer 2 Services and User Tracking

Not required

Not required

Required

Required

CiscoView

Not required

Not required

Required

Required

Fault Management

Not required

Not required

Required

Not required

IPSLA Performance Management

Not required

Not required

Required

Required

Device Performance Management

Not required

Not required

Required

Not required

Inventory

Not required

Not required

Required

Not required

Configuration Management (Telnet)

Required

Required

Required

Not required

Configuration Management1 (TFTP) 2

Not required

Not required

Required

Required

NetConfig

Required

Required

Required

Required

Config Editor

Required

Required

Required

Required

NetShow

Required

Required

Required

Not required

Software Management

Required3

Required3

Required

Required

Port and Module Configuration

Required

Required

Required

Required

EnergyWise

Required

Required

Required

Required

Identity Services

Required

Required

Required

Required

Auto Smartports

Required

Required

Required

Required

Smart Install

Required

Required

Required

Required

1 Configuration download also uses TFTP. Hence, SNMP Read/Write credentials are required.

2 The file vlan.dat can be fetched only if the Telnet password and Enable password are supplied.

3 Required in the case of a few devices like PIX devices, Cisco 2950 series switches.