CiscoWorks Network Compliance Manager

Table Of Contents

Release Notes for CiscoWorks Network Compliance Manager 1.5.02

Contents

Introduction

Installing the CiscoWorks NCM 1.5.02 Patch

What's Been Fixed in CiscoWorks NCM 1.5.02

Known Problems in CiscoWorks NCM 1.5.02

Supported Platforms

Supported Databases

Additional CiscoWorks NCM Configurations

Additional Required Applications

Hardware Requirements

Caveats

Accessing the CiscoWorks NCM Documentation Set

Obtaining Documentation and Submitting a Service Request

Notices

OpenSSL/Open SSL Project

License Issues

Release Notes for CiscoWorks Network Compliance Manager 1.5.02

---

May 28, 2010

These release notes are for CiscoWorks Network Compliance Manager (NCM) 1.5.02.

CiscoWorks NCM 1.5.02 is a patch release that you can install on top of CiscoWorks NCM 1.5.01.

---

Note The Docs tab provided in the CiscoWorks NCM user interface might not include links to the latest documents. Therefore, we recommend that you access the CiscoWorks NCM documentation set using the following URL: http://www.cisco.com/en/US/products/ps6923/tsd_products_support_series_home.html

---

Contents

This document contains the following sections:

•Introduction

•Installing the CiscoWorks NCM 1.5.02 Patch

•What's Been Fixed in CiscoWorks NCM 1.5.02

•Known Problems in CiscoWorks NCM 1.5.02

•Supported Platforms

•Supported Databases

•Additional CiscoWorks NCM Configurations

•Additional Required Applications

•Hardware Requirements

•Caveats

•Accessing the CiscoWorks NCM Documentation Set

•Obtaining Documentation and Submitting a Service Request

•Notices

Introduction

CiscoWorks NCM tracks and regulates configuration and software changes in a multivendor network environment. It provides visibility into network changes and tracks compliance with a broad variety of regulatory, IT, corporate governance, and technology requirements. CiscoWorks NCM helps IT staff identify and correct trends that could lead to problems, such as network instability and service interruption.

CiscoWorks NCM is integrated with CiscoWorks and is initially launchable from the CiscoWorks home page. CiscoWorks NCM is interoperable with other CiscoWorks applications, such as the LAN Management Solution (LMS) bundle through the Common Services Device Credential Repository (DCR).

Installing the CiscoWorks NCM 1.5.02 Patch

To install the CiscoWorks NCM 1.5.02 patch:

---

Step 1 Unzip the patch bundle on the CiscoWorks NCM server.

Step 2 Run the patch script.

For Windows, execute the patch.bat script from the command line.

For Linux or Solaris, execute the patch.sh script using the following commands:

% sh patch.sh

or

% ./patch.sh

---

A log file named patch.log is created in the <CWNCM_Install_Directory>/server/log/ directory, when the patch script is executed. The errors that occur during the installation process are logged in the patch.log file.

The patch installer creates a subdirectory named patch_backups in the root of the CiscoWorks NCM installation directory. This subdirectory includes a directory with the patch build number. The files that are changed by the patch installer are backed up in this directory. The backup.log file lists the files that are backed up and the original location of the files.

To remove the patch and roll back to the pre-patch state:

---

Step 1 Stop the NCM Management Engine.

Step 2 Restore the files that are changed by the patch installer to their original locations.

Step 3 Restart the NCM Management Engine.

---

What's Been Fixed in CiscoWorks NCM 1.5.02

Table 1 describes the issues fixed in CiscoWorks NCM 1.5.02.

Table 1 Issues Fixed in CiscoWorks NCM 1.5.02 

Bug ID	Bug Summary	Fix Description
QCCR1D93250	FYI recipients of workflow process did not receive approval emails.	Approval mails are now sent to the FYI recipients of workflow process.
QCCR1D103534	You cannot import a policy if left square bracket ([) character or other regex characters are included in the condition.	You can now import policies that include left square bracket character or other regex characters in the condition.
QCCR1D104666	ACL was entirely replaced when a command script was executed to insert a line into an ACL using the ACL ID.	ACL is not replaced when a line is inserted into an ACL using the ACL ID.
QCCR1D104808	The nodes were not included in the CiscoWorks NCM and the actions were not included in the Network Node Manager (NNMi), when NNMi was integrated with CiscoWorks NCM 1.5.	Nodes and actions are now included properly when the NNMi is integrated with the CiscoWorks NCM 1.5.
QCCR1D105125	Panda URL action file was not imported when NNMi was integrated with CiscoWorks NCM 1.4.	Panda URL action file is now imported properly when NNMi is integrated with CiscoWorks NCM 1.4.
QCCR1D105936	The Get Snapshot API did not work when a Site was specified.	The Get Snapshot API now works properly.
QCCR1D106258	Malformed query in the Policy Manager caused an exception.	The Policy Manager now works properly.
QCCR1D106688	The version returned by the show version command and the version displayed on the About CiscoWorks Network Compliance Manager page were different.	The current version of CiscoWorks NCM is now properly displayed.
QCCR1D106963	SQL exception error occurred when checkSoftwareLevel type was not specified.	SQL exception error is not generated when checkSoftwareLevel type is not specified.
QCCR1D107119	Inconsistent information was displayed due to API calls.	API calls now function properly.
QCCR1D107297	SQLServerException was generated when "All Changes Made in the Last XX Hours" configuration was selected for System reports.	System reports are now properly generated for all configurations.
QCCR1D107447	The NNMi Connector installers prompt for NNM8-X server information. This leads to confusion when NNMi version 9 is used.	The Connector installers now work properly when NNMi version 9 is used.
QCCR1D107457	After ncm_nnm_coresidency installation, the CiscoWorks NCM menus installed in NNMi referenced incorrect ports in the URL. As a result, cross launching from NNMi to CiscoWorks NCM did not work.	CiscoWorks NCM menus installed in NNMi now use the correct ports in the URL and cross launching from NNMi to CiscoWorks NCM works properly.
QCCR1D107638	Check Policy Compliance task was skipped when Device Selector was used.	Check Policy Compliance task is now executed properly when Device Selector is used.
QCCR1D107658	NNMi/NCM import failed when port 1099 is configured as the JNDI port on the co-residency connector.	NNMi/NCM import functions properly when port 1099 is configured as the JNDI port on the co-residency connector.
QCCR1D107884	ORA-02292: integrity constraint error occurred when a record was deleted from RN_IP.	ORA-02292: integrity constraint error no longer occurs. You can now delete a record from RN_IP.
QCCR1D107889	FK Constraint error occurred when custom scripts were imported.	Custom scripts are now imported properly.
QCCR1D109755	SQL COUNT REGION caching locked up NCM.	Internal caching has been changed to resolve this issue.
QCCR1D109834	Editing the groups resulted in unnecessary cache flushing.	Unnecessary cache flushing does not occur when large number of groups are edited.
QCCR1D110032	Policy Manager did not exit the `while' loop.	Policy Manager now functions properly.
QCCR1D110075	Permission check with new JCS cache code caused the group page rendering to crawl.	This problem has been resolved.
QCCR1D110719	NoSuchMethodException was thrown when CiscoWorksNCM was integrated with NNMi.	This problem has been resolved.

Known Problems in CiscoWorks NCM 1.5.02

Table 2 describes the known problems in CiscoWorks NCM 1.5.02.

Table 2 Known Problems in CiscoWorks NCM 1.5.02 

Problem	Description
CSCsg61978—Licensing not found issue	While logging into CiscoWorks NCM Server, if the server shows the No Valid License found error, check the following: •Make sure that all license files are installed under the CiscoWorks NCM install folder. •Make sure that there are no lingering expired license files, especially Evaluation license in the CiscoWorks NCM install folder. •Make sure that the output of the command <CWNCM_install_Dir>/server/ext/wrapper/bin/lmutil lmhostid output matches the hostid on the license file. Do not modify the license file.
CSCsx38253—SWIM process status is incorrect	1. Enter /etc/init.d/truecontrol status to make sure that all services are running normally. 2. Choose Admin > Start/Stop Services, and stop the Software Image Management Server. The following error message appears: Unable to stop the TrueControl SWIM Server service. Workaround: Ignore the error message. Directly check the TrueControl SWIM server status with the Services application on Windows platforms. Enter /etc/init.d/truecontrol status on Linux or Solaris platforms to check the TrueControl SWIM server status.
CSCsk95754—SNMPv3 Engine ID check is not needed.	This occurs when you: 1. Select a device that has SNMP-V3 configured from the Inventory. 2. Choose View > Device Details > Software Upgrade Recommendation. 3. Select any image to launch the details. The following warning message will be displayed: SWIM1094: SNMP-V3 parameters is incorrect or not available for the device. Check whether the SNMP-V3 password, SNMP-V3 algorithm, and SNMP-V3 engine ID is configured for the device. Ignore the message if the SNMP-V3 password and SNMP-V3 algorithm are configured correctly.
CSCtd63942—!: not found warning message is displayed when CiscoWorks NCM is installed on Solaris platform.	!: not found warning message is displayed when CiscoWorks NCM is installed on Solaris platform. Example: -bash-3.00# ncm/Solaris_5830-111009_setup.bin Preparing to install... ncm/Solaris_5830-111009_setup.bin: !: not found Extracting the JRE from the installer archive... Unpacking the JRE... This message does not indicate a problem and is invalid. No workaround is needed.
CSCtd69969—Device Selector sometimes does not work in Firefox 3.5 or higher.	This occurs when you: 1. Select a device from the Device Selector. 2. Run a task on the selected device. The task will fail and the following error message will be displayed: Missing field: Device Or 1. Select multiple devices from the Device Selector. 2. Select the task that you want to run against the selected devices, from the Actions drop-down list. The selected devices are not displayed in the Device Selector. Workaround: 1. Install the latest Adobe Flash browser plug-in. 2. Clear browser cache and cookies.

Supported Platforms

Table 3 shows the supported platforms for CiscoWorks NCM.

Table 3 Supported Platforms for CiscoWorks NCM

Vendor	OS	Version	Architecture
Microsoft	Windows Server, Enterprise Edition (32-bit and 64-bit)	2003	i386
Sun Microsystems	Solaris (patch 118833-36 or later)	10	Dual UltraSparc IIIi+, 1.3 GHz
Red Hat	RH AS 4 32-bit, and RH AS 5 32-bit and 64-bit	4 and 5	i386
SuSE	Enterprise Linux Server	10.0	i386

---

Note CiscoWorks NCM 1.5.02 is a 32-bit application that runs in 32-bit mode on 64-bit Windows and Linux operating systems. CiscoWorks NCM 1.5.02 runs in 64-bit mode on Solaris platforms.

---

The following operating systems are no longer supported:

•Windows 2000

•Solaris 9

•Red Hat AS3

•SuSE 9

While upgrading to CiscoWorks NCM 1.5, if you are moving from a deprecated operating system to a supported operating system, do the following:

---

Step 1 Back up the CiscoWorks NCM folder.

Step 2 Upgrade the operating system.

Step 3 Upgrade to CiscoWorks NCM 1.5.

---

---

Note For all operating system upgrades, please see the respective vendor documentation or contact your system support personnel. Cisco is not responsible for issues that might arise during third-party product upgrades.

---

Supported Databases

While installing CiscoWorks NCM, the database can be installed on any platform.

Table 4 shows the databases that are supported by CiscoWorks NCM.

Table 4 Supported Databases for CiscoWorks NCM

Database	Notes
Oracle 10g (10.2.0.4) Standard Edition	If you are running CiscoWorks NCM in a Distributed System environment, you will need Oracle Enterprise Edition.
Microsoft SQL Server 2005 Standard and Enterprise Edition
MySQL 5.0.41 or later versions (including 5.0.58)	MySQL 5.0.58 ships with CiscoWorks NCM.

CiscoWorks NCM supports 64-bit Oracle and SQL Server.

The following databases are no longer supported:

•Oracle 9i and Oracle 9.2

•Microsoft SQL Server 2000

•MySQL 3

---

Note Existing MySQL 3.x databases can be upgraded to MySQL 5.0.41 or higher using the MySQL Upgrade Installer. See the Installation and Upgrade Guide for CiscoWorks Network Compliance Manager 1.5 for more information.

---

While upgrading to CiscoWorks NCM 1.5, if you are moving from a deprecated version of the database, to a supported version of the database, do the following:

---

Step 1 Back up the CiscoWorks NCM database.

Step 2 Upgrade the database.

Step 3 Upgrade to CiscoWorks NCM 1.5.

---

---

Note For all database upgrades, please see the respective vendor documentation or contact your database analyst. Cisco is not responsible for issues that might arise during third-party product upgrades.

---

Additional CiscoWorks NCM Configurations

Table 5 shows the database requirements for Oracle and Microsoft SQL server in a High Availability Distributed System environment.

Table 5 Database Requirements for Oracle and Microsoft SQL Server

Database	Restrictions
Oracle Enterprise Edition 10.2.0.2 and 10.2.0.4	Maximum of five CiscoWorks NCM Cores can be configured.
MS-SQL Server Enterprise Edition 2005 SP2 or higher	No more than two CiscoWorks NCM Cores can be configured. The maximum number of devices should not exceed 6,500.

See the High Availability Distributed System on Oracle Configuration Guide for CiscoWorks Network Compliance Manager or the High Availability Distributed System on Microsoft SQL Configuration Guide for CiscoWorks Network Compliance Manager for information on configuring High Availability Distributed System environment.

Table 6 shows the supported platforms for CiscoWorks NCM in Satellite environment.

Table 6 Supported Platforms for Satellite Environment

Vendor	OS	Version	Architecture
Red Hat	RHEL AS (32-bit)	3 and 4	i386
Novell	SuSE Enterprise Linux Server	9	i386
Sun Microsystems	Solaris (patch 118833-36 or later)	9 and 10	Sun Sparc

---

Note SuSE Linux 9 and Solaris 9 are supported on the Satellite remote gateway, however, these two operating systems are not supported in CiscoWorks NCM 1.5 Core.

---

See the Satellite User's Guide for CiscoWorks Network Compliance Manager for information on configuring Satellite environment.

Table 7 shows the supported platforms for CiscoWorks NCM in a Virtual Environment.

Table 7 Supported Platforms for CiscoWorks NCM in Virtual Environment

Vendor	OS	Version
Sun Microsystems	Solaris Zones	10
VMware ESX 3.5 or 4.0	Windows	2003, SP1

---

Note Troubleshooting and performance issues related to VMware cannot be resolved via Cisco Technical Support.

---

Note the following while running CiscoWorks NCM in Virtual Environment:

•Running CiscoWorks NCM and the database in the same Virtual Environment is not recommended.

•Running the database for CiscoWorks NCM High Availability Core in Virtual Environment is not recommended.

•The maximum number of devices is 3,000.

•The maximum number of concurrent tasks is less than 20.

•The minimum VMware Guest requirements include:

–2.6 GHz CPU

–4 GB dedicated RAM

–40 to 60 GB HD

–100 Mbps or higher dedicated Ethernet port

–Linux RHEL AS 3 and 4

•CiscoWorks NCM is not certified to run with Oracle in a VMware instance.

•CiscoWorks NCM is not certified to run in an environment where VMotion is used with the Virtual Environment.

Additional Required Applications

You need to install the following applications:

•CiscoWorks NCM supports the following browsers:

–Mozilla Firefox 2.0 or 3.0

–Internet Explorer 6.x, 7.0

---

Note Mozilla Firefox 1.x is no longer supported.

---

•Microsoft Excel 2000 or higher, if you are viewing Summary Reports from the CiscoWorks NCM server.

•Adobe® Acrobat Reader™ version 4.0 or higher, if you are viewing CiscoWorks NCM documentation from the CiscoWorks NCM server.

•ActivePerl 5.8.x (for Windows).

•Perl 5.8.x (for Solaris and Linux).

---

Note Third-party products mentioned in this documentation are manufactured by vendors independent of Cisco. Cisco makes no warranty, implied or otherwise, regarding the performance or reliability of these products. We provide third-party contact information to help you find technical support. However, third-party contact information is subject to change without notice and, therefore, Cisco can in no way guarantee the accuracy of this contact information.

---

Hardware Requirements

Table 8 shows the hardware requirements for an application server.

Table 8 Hardware Requirements for Application Server

Component	Requirement
CPU	Intel Xeon or equivalent, 3.0+ GHz (Windows, Linux), Dual UltraSparc IIIi+, 1.3 GHz (Solaris)
Memory	4 GB RAM
Swap Space	4 GB
Disk	40 GB, Fast SCSI
Network	100 Mbps Fast Ethernet, full duplex

Table 9 shows the hardware requirements for a database server.

Table 9 Hardware Requirements for Database Server

Component	Requirement
CPU	Intel Xeon or equivalent, 3.0+ GHz
Memory	4 GB RAM
Swap Space	4 GB
Disk	60 to 100 GB, Single Channel RAID, Fast SCSI
Network	100 Mbps Fast Ethernet, full duplex

Caveats

Please read the following usability issues before using CiscoWorks NCM 1.5.x.

RSA SecurID Support in CiscoWorks NCM 1.5.x

Bug ID: QCCR1D103053

While using RSA SecurID 4.x 128-bit tokens with CiscoWorks NCM 1.5.x for device authentication, you must use the RSA SecurID 3.x software token client with RSA SecurID 4.x 128-bit tokens to import the devices.

VLAN Data Gathering Diagnostic

Bug ID: QCCR1D102848

If you are running several diagnostics, including the VLAN Data Gathering diagnostic, on a device that does not support the VLAN Data Gathering diagnostic, there is no Session Log available for that task.

Workaround: Remove the VLAN Data Gathering diagnostic from the task.

Stopping the CiscoWorks NCM Management Engine on a Solaris platform

Bug ID: QCCR1D102881

While running CiscoWorks NCM on a Solaris platform, if you select the Start/Stop Services option from the Admin menu, and then select the Stop option for the NCM Management Engine, the NCM Management Engine will not be stopped.

Workaround: Go to the operating system and run the /etc/init.d/truecontrol stop command.

VLAN Searches

Bug ID: QCCR1D102754

Previously saved VLAN searches are not valid in CiscoWorks NCM 1.5.x due to the addition of new VLAN features. If you try to view a saved VLAN search, you could see the following error message:

Error executing query VLAN: PortInVlanName is not a valid field name for this query.

Workaround: Remove the VLAN search and re-create a new VLAN search.

Uploading Large Image Files

Bug ID: QCCR1D99027

Currently, CiscoWorks NCM is limited to uploading device configurations less than 250MB.

Provision Device Task

Bug ID: QCCR1D102620

Although the Provision Device task enables you to select more than one device, the task only works with one device. Attempting to select more than one device or a device group, using the Device Selector will cause an error.

Using Firefox 2.0

Bug ID: QCCR1D102330

For most versions of Firefox 2.0, the browser crashes when you try to expand the Device Selector or Device Group Selector.

Workaround: Upgrade to Firefox 2.0.0.19 or higher.

Device Selector Display

Bug ID: QCCR1D101145

Some of the Device Selector display features might not work properly in Internet Explorer 6 due to browser limitations.

Workaround: Upgrade to Internet Explorer 7.

Security Partitions

Bug ID: QCCR1D102646

While modifying Security Partition details, if you save the Security Partition before the Device Selector loads, you will lose all the devices from that Security Partition.

Canceling Tasks

Bug ID: QCCR1D101509

If you cancel a task that is currently communicating with a device, CiscoWorks NCM will mark subsequent attempts to run the task (or similar tasks) as skipped.

This issue can occur if CiscoWorks NCM is trying to end communication between the task and the device before actually canceling the task. As a result, CiscoWorks NCM will continue to execute the task until that point is reached. Any attempt to rerun the task before it is canceled will appear to CiscoWorks NCM as if the task is already in progress. Therefore, CiscoWorks NCM will mark the new task as skipped.

Using the $tc_device_enable_password$ Variable in Command Scripts

Bug ID: QCCR1D100314

While using the $tc_device_enable_password$ variable in a command script, if the device enable password contains an at sign (@) character, the at sign character will be preceded by a backslash.

Device Managed IP Addresses Page

Bug ID: QCCR1D101755

Changes made to the Device Managed IP Address are not reflected properly in the Device Managed IP Address page.

Workaround: Click the Reset Last Used IP link in the Device Managed IP Addresses page.

Setting Parent Task Priority

Bug ID: QCCR1D98393

If you change the priority of a parent task that is currently running, any existing child tasks that are in the Pending or Waiting state will appropriately change their priority. However, child tasks that have not been created yet or are in other states, such as Running or Paused will retain the parent task's original priority.

If you change the priority of a parent task that is not running, all child tasks take the new priority.

Duplicate VLANs Displayed in Layer 2 Diagrams

Bug ID: QCCR1D100138

While drawing VLANs diagrams, if a VLAN includes an IP address, both the VLAN name and the VLAN ID are included in the VLAN port table. Duplicate VLANs could be displayed in Layer 2 diagrams.

Using LDAP Servers

Bug ID: QCCR1D99663

If you are using a LDAP server for external user authentication, you might need to modify certain LDAP related options in the appserver.rcx file. The default settings will work with the ActiveDirectory server under most situations. However, for other types of LDAP servers (depending on the LDAP schema configurations), you might need to customize the following settings if you are experiencing issues with the default settings:

<!-- Attribute mapping for Generic LDAP server-->

<option name="ldap_server/attr_mapping/Generic/group_search">group,organizationalunit, container,groupOfUniqueNames</option>

<option name="ldap_server/attr_mapping/Generic/group_name">name,cn,commonName</option>

<option name="ldap_server/attr_mapping/Generic/member_search">member,uniqueMember </option>

<option name="ldap_server/attr_mapping/Generic/username_search">samAccountName,uid,cn </option>

You can ignore the following settings:

<!-- Attribute mapping for SunLDAP server-->

<!-- Attribute mapping for OpenLDAP server-->

The group_search option specifies the list of LDAP entries to be searched for LDAP groups. This information is used in Step 3 of LDAP Setup Wizard, where you define the LDAP groups whose members are allowed to login to CiscoWorks NCM.

Make sure that the list contains all necessary group attributes. For example, it might be necessary to add groupOfName to the list for the LDAP group search to work properly.

The same concept applies to username_search and member_search options. Both of these options are used during the CiscoWorks NCM login process to identify the user and to determine the user's group memberships. If the default LDAP attribute names do not match your LDAP schema configuration, change them accordingly.

Testing OpenLDAP User Authentication

Bug ID: QCCR1D100201

While configuring OpenLDAP for CiscoWorks NCM user authentication, the Test function might not work. In this case, save all the options before testing if they work.

Device Relationships

Bug ID: QCCR1D100298

Scripting to a vSwitch is done via direct API calls to the containing ESX server. As a result, the scripts modify the ESX server settings that are not related to the vSwitch. This occurs even if the MSP permissions are granted only to the vSwitch.

Running CiscoWorks NCM on a Solaris Platform

Bug ID: QCCR1D99873

While starting the CiscoWorks NCM server on a Solaris platform, there is a possibility that the CiscoWorks NCM server will crash due to an error in the native frame_sparc.cpp file. This is due to a bug in the Solaris JVM Biased Locking feature.

Workaround: Add the following VM argument to the jboss_wrapper.conf file located in NCM_INSTALLED_DIR/server/ext/wrapper/conf:

wrapper.java.additional.#=-XX:-UseBiasedLocking

Where # is the next number in sequential order of all parameters. For example, if the jboss_wrapper.conf file has the following arguments, the workaround VM argument would be number 6.

wrapper.java.additional.1=-DTCMgmtEngine=1 wrapper.java.additional.2=-Duser.dir=C:\NA\server\ext\jboss\bin wrapper.java.additional.3=-Xmn170m

wrapper.java.additional.4=-Djava.awt.headless=true wrapper.java.additional.5=-Dfile.encoding=UTF8 wrapper.java.additional.6=-XX:-UseBiasedLocking

Viewing VLAN Information for a Port/Interface

Bug ID: QCCR1D98139

While viewing device MAC address details on the MAC Address Details page, the VLAN field is not populated.

Workaround: To display VLAN information for a port or interface, click the Port Name link for that port on the MAC Address Details page. The Interface Details page will appear. Scroll down to the Member VLANs field to view the VLAN information.

Using Active Directory

Bug ID: QCCR199633

If you are using Active Directory, you must modify the corresponding options in the appserver.rcx file to include the correct attributes in the search mapping session. To do this:

---

Step 1 Locate <!-- Attribute mapping for Generic LDAP server--> session in the appserver.rcx file.

Step 2 Make sure that:

–groupOfName is included in the group_search

–uid is included in the username_search

–member is included in the member_search

Step 3 Save the changes to the appserver.rcx file.

Step 4 Restart the CiscoWorks NCM server.

---

Using ActiveState ActivePerl on Windows

Bug ID: QCCR1D92850

Due to limitations of ActiveState ActivePerl on Windows, if you use this environment you will not be able to use SSH connections with the CiscoWorks NCM Perl API.

Workaround: Install the CiscoWorks NCM client on a supported Linux or Solaris system and run the CiscoWorks NCM Perl API from that system.

Including URLs in Policies

Bug ID: QCCR1D98621

When you create a policy and include a vendor solution URL or a vendor advisory URL, the URL must start with http:// prefix. Otherwise, the link might not be correctly interpreted by the browser.

Java Plug-in Version

Bug ID: QCCR1D88659

If the Connect function fails and the CiscoWorks NCM server hangs, check the Java version that you are currently running on your Windows system. This might be an issue with the Java Plug-in of your Web browser.

To check the Java version that you are currently running on your system:

1. Choose Start > Control Panel.

2. Double-click Java.

3. In the General tab, click the About button.

This issue will not occur in Version 6 Update 10 and earlier.

Using the Device Group Selector

Bug ID: QCCR1D98865

Some of the Chinese characters are not displayed in the Device Group Selector.

Using CiscoWorks NCM with NNMi

Bug ID: QCCR1D71332

When you add a device manually to CiscoWorks NCM integrated with NNMi, and navigate from NNMi to the device in CiscoWorks NCM, an error message (indicating that the NNMi UUID is unknown) is displayed.

Workarounds:

1. Remove the device from CiscoWorks NCM and then add the device to NNMi. Run the Import task to import the device into CiscoWorks NCM.

2. Choose Administrative Settings > Server > Device Import and set the Overwrite Existing Devices option to yes and then run the NNMi Import task.

Creating Advanced Perl Scripts

Bug ID: QCCR1D97574

While creating an advanced Perl script, remember that CiscoWorks NCM treats variables that do not have space in between them as reserved variables. If you use $-pairs in the script for non CiscoWorks NCM variables, separate them with a space.

For example:

Incorrect: my($host,$port,$user,$pass) = ('localhost','$tc_proxy_telnet_port$', '$tc_user_username$','$tc_user_password$');

Correct: my($host, $port, $user, $pass) = ('localhost','$tc_proxy_telnet_port$', '$tc_user_username$','$tc_user_password$');

Error When Viewing Results for Diagnostics with Single Quotes in their Name

Bug ID: QCCR1D95437

When a diagnostic is created with single quotes in its name (for example, `Ana's Diagnostic'), the diagnostic results are not displayed for that device, .

Workaround: Do not use single quotes in diagnostic names.

Diagnostic Name Limit

Bug ID: QCCR1D96090

CiscoWorks NCM allows you to enter up to 100 characters while naming a diagnostic. However, CiscoWorks NCM allows only 50 characters for the diagnostic name, while running the diagnostics.

Workaround: Limit diagnostic names to 50 or less characters.

Using SCP with Devices in Remote Realms

Bug ID: QCCR1D87003

Devices in remote Realms cannot use the Secure Copy (SCP) Transfer Protocol because the remote Gateway Satellite Agent cannot use SSH/SCP port 22. The Gateway OS uses the SSH/SCP port 22.

Workaround: Disable SCP for devices in remote Realms.

MySQL Install and Upgrade

Bug ID: QCCR1D87961

If you are using a MySQL database and MySQL is installed or upgraded on a CiscoWorks NCM build generated prior to February 5, 2009, do the following:

---

Step 1 Stop CiscoWorks NCM services.

Step 2 On Windows, open the my.ini file (under the MySQL Install folder).

On Solaris or Linux, open the /etc/my.cnf file.

Step 3 Search for max_allowed_packet.

If not found, append max_allowed_packet=16776192 to the bottom of the file. If found, change its value to 16776192.

Step 4 Restart MySQL.

Step 5 Restart CiscoWorks NCM services.

---

Solaris and SecurID

Bug ID: QCCR1D86370

Configuring CiscoWorks NCM to use SecurID as the authentication method can cause the management service to crash. The SecurID libraries provided by RSA cause this problem. Currently, this problem occurs on Solaris 10 with a version string, SunOS 5.10 Generic_118833-22. However, SunOS 5.10 Generic_120011-14 version works fine.

Workaround: Update your OS to SunOS 5.10 Generic_120011-14 version, if you are experiencing problems with SecurID on Solaris.

Using SCP on Linux and Solaris

Bug ID: QCCR1D82379

While using SCP on a Linux platform, you need to modify your system's SSH daemon (SSHD) to run on an alternate port and restart the SSHD service. Port 8022 is recommended.

After reconfiguring the system's SSHD, restart the CiscoWorks NCM to bind it to Port 22. Use the following command to login via the system's SSHD:

ssh -p 8022 username@host

---

Note Use ssh username@host for a direct connection to the CiscoWorks NCM proxy.

---

After logging into CiscoWorks NCM, navigate to the Device Access page. Enter the SSH Username and SSH Password in the SSH Device Access field. The device driver will use this information while copying the files to the CiscoWorks NCM server.

The device specific settings must be configured to enable SCP and SSH to function properly.

The SCP connection must be made to the managing CiscoWorks NCM server to use SCP with remote Realms. A SCP connection to the CiscoWorks NCM Gateway will not succeed if the CiscoWorks NCM Gateway runs the Linux and Solaris system SSHD. See the User Guide for CiscoWorks Network Compliance Manager 1.5 for detailed information.

Using SCP

Bug ID: QCCR1D80180

The SSH protocol runs on port 22. By default, Linux and Solaris installs run on port 8022. Windows installs run on port 22.

For Windows installs, if the port is switched to 8022, there could be connectivity issues. This issue is uncommon because most devices do not allow for the specification of an alternate port.

SCP will not work if the device is in a remote Realm and access to the device is managed via a CiscoWorks NCM Satellite. You must run the CiscoWorks NCM SSHD proxy on port 22.

If you use port 8022 on any platform, SCP copies from a device to CiscoWorks NCM will not work. Refer to the Satellite User's Guide for CiscoWorks Network Compliance Manager for information on configuring CiscoWorks NCM Satellites.

Using a Non-English Operating System

Bug ID: QCCR1D86705

When you run the CiscoWorks NCM on a non-English operating system, unreadable text will be displayed in the Password Information section of the Edit Device page, if you select a Partition from the drop-down menu.

Auto-remediation Scripts

Bug ID: QCCR1D86831

While creating an Auto-remediation script on the New Policy Rule page, if you input extended characters in the Rule Conditions field, it will produce unreadable text.

Proxy Interface

Bug ID: QCCR1D86391

If you login to CiscoWorks NCM as a limited access user and attempt to connect to a device via the proxy interface, your session will be disconnected.

Searching for Diagnostics

Bug ID: QCCR1D79575

CiscoWorks NCM Topology Data Gathering diagnostic has two options: CiscoWorks NCM Topology Data Gathering and Topology. Selecting either of these options will only search for the CiscoWorks NCM Topology Data Gathering diagnostic.

SNMP Timeouts

Bug ID: QCCR1D75228

Using SNMP device discovery over networks with latency can cause SNMP timeouts. To resolve this issue:

---

Step 1 Login to CiscoWorks NCM.

Step 2 Choose Admin > Administrative Settings > Device Access.

The Device Access page appears.

Step 3 Scroll down to the Detect Network Devices Task Settings section and set the SNMP Timeout to a higher value (for example, 2500 milliseconds).

---

-sync Option

Bug ID: QCCR1D79600

When you enable the Workflow and run a CLI or API task with -sync option, the task will fail and the following error message will be displayed:

No such directory

Database Passwords

Bug ID: QCCR1D61595

CiscoWorks NCM does not accept multiple dollar signs ($$). If the password that you use to connect to the database contains multiple dollar signs, you must modify the password before installing CiscoWorks NCM.

Installation Address

Bug ID: QCCR1D78975

The IPv4 address range 169.254.0.0/16 is reserved for link-local usage (referred to as Automatic Private Internet Protocol Addressing (APIPA) by Microsoft) and is not an applicable address range for CiscoWorks NCM. For more information, refer to http://www.ietf.org/ (rfc3330 and rfc3927).

SSH Communication

Bug ID: QCCR1D78861

CiscoWorks NCM 1.5.x uses a new set of keys for SSH communication. In previous releases, CiscoWorks NCM used only one Digital Signature Algorithm (DSA) key for all installations.

When you install CiscoWorks NCM 1.5.x, it creates two new 1024-bit keys. The first key uses the DSA algorithm. The second key uses the RSA algorithm. These keys are used when you connect to CiscoWorks NCM via SSH.

Custom Data Setup

Bug ID: QCCR1D77153

The Custom data field in the Custom Data Setup page accepts alphanumerics and underscores. Though you can use dashes, custom data field names with dashes cannot be used for the tc_device_custom device variables in custom scripts.

Advanced ACL Scripts

Bug ID: QCCR1D74295

If you click the Update Script button while specifying an advanced ACL script, the values are locked. As a result, running (or re-running) the script could result in variables not being updated properly.

Workaround: Avoid using the Update Script button with advanced ACL scripts.

Use of Dollar Signs ($) in Scripts

Bug ID: QCCR1D69342

If the script generated from a Telnet/SSH session log, contains dollar signs ($) in the executed commands, the script will fail or will not work properly.

OS Analysis Task

Bug ID: QCCR1D67566

When CiscoWorks NCM is used in an environment with overlapping IP addresses, the OS Analysis task is not supported for devices behind the remote Realm gateways.

OS Analysis tasks run on the devices that are located in the locally reachable network. As a result, there is a possibility of error in the image recommendation generated for the devices behind the gateway.

CiscoWorks NCM will report OS recommendations for a device in the default Realm instead of a remote Realm if they share an IP address.

Device Tasks Ignores the User-defined enforce_save Device Variable

Bug ID: QCCR1D64674

Device tasks that modify a device's configuration ignore the enforce_save device access setting. Because of this, startup configuration is always set as the current configuration.

Workaround: The DeviceInteraction/EnforceConfigurationSave/ConfiguringModels configuration option in appserver.rcx file can be set to false. In this way, startup configuration is not run for all device tasks that reconfigure the device.

Email Report Task

Bug ID: QCCR1D69342

While scheduling an Email Report task, if you select a report other than Summary Reports in the Reports To Run field, the task is reported as failed. However, the report is successfully emailed to the recipient. You can ignore the error message.

Template Scripts

Bug ID: QCCR1D70552

While using template scripts, selecting the Run Again option will rerun the same script.

CiscoWorks NCM Core Gateways

Bug ID: QCCR1D68751

You cannot configure redundant CiscoWorks NCM Core Gateways in the same CiscoWorks NCM Realm as a single CiscoWorks NCM Core.

Workaround: Edit the adjustable_options.rcx file and add the IP addresses of other CiscoWorks NCM Core Gateways.

Example:

<array name="rpc/allowed_ips">

<value>10.255.54.10</value>

</array>

Potential for Task Failure while Using Reserved CiscoWorks NCM Characters in Device Prompts

Bug ID: QCCR1D70102

There are 11 characters that have special meaning in CiscoWorks NCM:

•Opening square bracket ( [ )

•Opening round bracket and the closing round bracket ( ( ) ).

•Backslash ( \ )

•Caret ( ^ )

•Dollar sign ( $ )

•Period or dot ( . )

•Vertical bar or pipe symbol ( | )

•Question mark ( ? )

•Asterisk or star ( * )

•Plus sign ( + )

If you use these characters in a device prompt, null pointer exception errors could occur during task execution. As a result, the task will fail. These characters should not be used while naming devices that interact with CiscoWorks NCM.

Oracle Database Errors Cause Failed Tasks and Other Issues

Bug ID: QCCR1D69094

Oracle database errors cause tasks to fail and other issues due to a bug in the JDBC Oracle driver. You could get the following error message:

OALL8 is in an inconsistent state.

Workaround: Update your version of Oracle Database Server.

ACLs with the Same Name, But Different Case in CiscoWorks NCM, Is Not Recommended

Bug ID: QCCR1D61744

CiscoWorks NCM supports case-sensitivity in ACL names. Therefore, you can have two ACLs with the same name, but different case.

If you delete one of those ACLs, all ACLs with the same name are deleted, regardless of the case. Cisco does not recommend multiple ACLs with same name, but with differing case in CiscoWorks NCM.

Use of the Dollar Sign ($) in Perl Code

Bug ID: QCCR1D61867

If you convert a Telnet/SSH Proxy session that contains a dollar sign ($) to Perl, CiscoWorks NCM will not interpret the dollar sign properly in the generated Perl code.

Workaround: Edit the script and add a backslash (\) in front of the dollar sign.

Downloading Software Images from Cisco.com

Bug ID: QCCR1D66891

You can download software images from Cisco.com for devices that are not currently in your CiscoWorks NCM system. However, you may need to modify the driver or model information or both to successfully deploy the software image.

Workaround:

To successfully deploy the software image:

---

Step 1 Choose Devices > Device Tools > Software Images.

The Software Images page opens.

Step 2 In the Action column, click Edit next to the software image that you want to modify.

The Edit Software Image page opens.

Step 3 In the Image Set Requirements field, modify the driver and model information to be compatible with the device in CiscoWorks NCM.

Step 4 Click Save Software.

---

High Availability Distributed System: Importing Devices

Bug ID: QCCR1D59742

If you import two devices with identical IP addresses into two separate CiscoWorks NCM Cores at the same time, you cannot detect if there is a duplicated device.

Workaround: Manually run the Deduplication task after importing the devices. One device will be automatically de-duplicated and set to Inactive state. (See Chapter 7 in the User Guide for CiscoWorks Network Compliance Manager 1.5 for information on running the Deduplication task.)

Passing Your CiscoWorks NCM Password to Advanced Scripts

Bug ID: QCCR1D50037

$tc_user_password$ will not work, if you are using the advanced scripts.

Workaround: Use $Password$ instead of $tc_user_password. $Password$ can only be used in the Parameters part of the advanced script. You need to add the code to your script to get the password from the command line arguments when the script runs.

High Availability Distributed System External Authentication

Bug ID: QCCR1D53815

When external authentication is used in a High Availability Distributed System environment, the External Authentication Type, for example, TACACS+ or Active Directory, is global (shared between all CiscoWorks NCM Cores). Authentication server information is CiscoWorks NCM Core specific.

Workaround: Set the External Authentication Type to None in the User Authentication page. Configure each CiscoWorks NCM Core individually with the authentication server information or Active Directory setup. After configuring all CiscoWorks NCM Cores, you can set the External Authentication Type on one of the CiscoWorks NCM Cores. The External Authentication Type setting is replicated on all CiscoWorks NCM Cores.

RADIUS External Authentication

Bug ID: QCCR1D9099

CiscoWorks NCM authenticates a user against the CiscoWorks NCM local password, if the RADIUS server does not respond to the authentication request of the user. This happens even if you configure CiscoWorks NCM to not to fail-over on external authentication.

Scripts: Output Results in HTML Format

Bug ID: QCCR1D21216

While executing an advanced script or a Run External Application task, any text that the advanced script or external application writes to stdout stream is stored in CiscoWorks NCM as the task result.

If your script output begins with anything other than <html>, the script results will be treated as plaintext.

Nmap Scanning

Bug ID: QCCR1D19036

Some network topologies can result in very long scans. It is recommended that you do not scan Internet addresses. If you think your Nmap scan will take more than a few minutes, you can use the following Nmap options to limit the scanning time:

max_scan_delay milliseconds

where milliseconds is a value between 1 and 1000.

Nmap settings can be changed by using the Administrative Settings option. See the Nmap documentation at www.insecure.org for detailed Nmap information.

SecurID Software Token Software, Version 3.x

Bug ID: QCCR1D18988

If the CiscoWorks NCM server is installed with the 3.x SecurID token software, turn off copy protection while exporting SecurID software token keys on the RSA server. Otherwise, CiscoWorks NCM will report an error while accessing SecurID software tokens.

A patched version of the SecurID software is available at http://www.rsasecurity.com.

Canceling or Deleting Tasks

Bug ID: QCCR1D16257

Some of the CiscoWorks NCM tasks will spawn external processes to run PERL scripts, Expect scripts, user-provided executables, or shell scripts. Sometimes, CiscoWorks NCM may not be able to kill these external processes, when the spawning task is cancelled or deleted.

Workaround: Manually stop the external process on the CiscoWorks NCM server.

Tasks: A Task Scheduled for the 31st Might Run on the 1st

Bug ID: QCCR1D11142

If you schedule a monthly recurring task for the 31st of every month, CiscoWorks NCM may run the task on the 1st, 2nd, or 3rd day of the next month depending on the number of days in the previous month. For example, if you schedule a task in February (with 28 days) for the 30th of every month, the task will actually run on March 2nd.

Workaround: If you want to run the task on the last day of the month, you must set the date correctly.

Inventory: Data from Device Overwrites Manually Entered Values

Bug ID: QCCR1D11942

Some of the data on the Device Details page is auto-populated. If you manually change the data, CiscoWorks NCM overwrites the values during the next snapshot.

The automatically populated data includes:

•Domain Name

•Host Name

•Model

•Serial Number

•Location

•Vendor

Console Server: SSH Access is not Supported

Bug ID: QCCR1D11402

CiscoWorks NCM does not support console server access via SSH. If you use a console server to access a device, you must use the Telnet connectivity.

If you select the Use To Access Device option in the New Device page or Edit Device page, you should also select the Telnet option in the Connection Information section.

Sending Reports to External Email Addresses

Bug ID: QCCR1D15982

When the SMTP server is configured to reject messages from the CiscoWorks NCM server address, CiscoWorks NCM messages are not delivered and the following error message will be displayed:

Error occurred when sending email. Please check the email address and/or your SMTP server settings.

If this occurs, you need to configure the SMTP server to enable the CiscoWorks NCM server to relay email messages through it.

Accessing the CiscoWorks NCM Documentation Set

All or any part of the CiscoWorks NCM documentation set, including this document, might be upgraded over time. Therefore, we recommend that you access the CiscoWorks NCM documentation set using the following URL: http://www.cisco.com/en/US/products/ps6923/tsd_products_support_series_home.html

---

Tip To cut and paste a two-line URL into the address field of your browser, you must cut and paste each line separately to get the entire URL without a break.

---

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.

Notices

The following notices pertain to this software license.

OpenSSL/Open SSL Project

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).

This product includes software written by Tim Hudson (tjh@cryptsoft.com).

License Issues

The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org.

OpenSSL License:

Copyright © 1998-2007 The OpenSSL Project. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)".

4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org.

5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project.

6. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)".

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT "AS IS"' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

Original SSLeay License:

Copyright © 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved.

This package is an SSL implementation written by Eric Young (eay@cryptsoft.com).

The implementation was written so as to conform with Netscapes SSL.

This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com).

Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgement:

"This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)".

The word `cryptographic' can be left out if the routines from the library being used are not cryptography-related.

4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: "This product includes software written by Tim Hudson (tjh@cryptsoft.com)".

THIS SOFTWARE IS PROVIDED BY ERIC YOUNG "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The license and distribution terms for any publicly available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU Public License].

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2010 Cisco Systems, Inc. All rights reserved.