Managing Device Configuration
The Device command in the CiscoView Configure menu lets you view and change
configuration information for your Catalyst 1200, 2900, 4000, 5000, 5002, 5500, 5509, 6000,
and CPW 2200 device.
The following categories of information are available:
Management
Displays device management information for a Catalyst 5000 series OR a Catalyst 6000 series.
Authentication
Displays device authentication configuration, RADIUS, and TACACS+ information
for the device.
Traps Receivers
Displays the trap receivers configured on a 4000-series device OR on a 5000-series device OR
on a 6000-series device.
Physical
Displays physical information about a 4000-series device a 5000-series device OR a 6000 series device.
(SPAN) Switch Port Analyzer
Displays information about the monitoring source and destination ports
on a 5000-series device OR on a 6000-series device.
Spanning Tree
Displays spanning tree options for halting loops discovered in the network
topology.
Cisco Discovery Protocol
Displays Cisco Discovery Protocol (CDP) information known on a 5000-series device OR on a 6000-series device.
CDP/Neighbor View
Displays information about all neighboring Cisco devices on your network.
Multi Instance Spanning Tree (MISTP)
Lets you enable/disable an MISTP instance.
MISTP Mapping
Lets you map a VLAN to an MISTP instance.
COPS
Displays COPS device configuration information.
File Copy
Lets you copy config files to and from a remote host to runtime memory.
Default Gateways
Displays information for up to three entries of default gateways.
VLAN & Bridge
Displays VLAN membership and configuration for the device.
IP Route
Displays IP routing destination information for the device.
ARP Table
Displays the correspondence between physical and network addresses known on
the device.
TCP
Displays the algorithm and retransmission timeout information for the device.
TopN Report
Displays information from the TopN Report utility for each physical port’s traffic over a user-specified interval.
TCP Connections
Displays debugging information about current TCP connections on the device.
UDP
Displays the Universal Datagram Protocol (UDP) listener table for the device.
FDDI/Ethernet Bridge
Displays information about the FDDI/Ethernet Bridge for the device (not
supported on 4000-series devices).
PIB
Displays a single policy instance that identifies the current incarnation of the PIB and the PDP that installed this incarnation.
Brouter
Displays brouter information for the device.
DNS
Displays Domain Name Server (DNS) information for the device.
MOTD
Lets you change the message of the day for the device.
System Log
Lets you specify if system log messages should be sent to the console
for a 5000-series device OR a 6000-series device.
System Log Message Severity
Lets you set the security level of the different types of system log messages.
System Processes
Displays the information and statistics data for all running processes on the
device.
NTP
Lets you set Network Time Protocol (NTP) parameters for the device.
TACACS+
Lets you set Terminal Access Controller Access Control System (TACACS+)
parameters for the device.
VMPS...
Displays VMPS options for the device.
IP Permit
Sets VLAN Membership Policy Server (VMPS) parameters for this device.
EtherChannel
Displays information about the EtherChannels defined for Catalyst 4000 and 5000 devices.
Displays information about the EtherChannels defined for Catalyst 6000 devices.
Scheduled Reset
Lets you perform a scheduled reset operation.
Summer Time
Lets you specify the local dates and time, the summer time start and end as well as summer time recurring start and end.
Boot Flash Memory
Displays boot Flash partition information for the device.
Boot Configuration
Configures alternative boot configuration parameters; (sysBootedImage is not
supported on the 4000-series device).
Multi-Layer Switching (MLS)
Configures and displays information about MLS shortcuts, routers, netflow
timeouts, data exports, and Layer-2 statistics.
Memory Pool
Displays information about the different types of memory pools supported by
the Catalyst 5000 series.
Trunk VLAN Mapping
Lets you add and delete VLAN to VLAN association for the Catalyst 6000 (with software image version greater than 6.1).
High Availability
Detects there is a redundancy supervisor in the Catalyst 6000 chassis when it is in standby mode.
Extended RMON Netflow Monitor
Displays information about Extended RMON Netflow for Catalyst 5000 switches
with Earl2 and Clear Lake modules installed.
Channel Protocol
Indicates the aggregation protocol configured on this device's modules.
Error Disable Timeout Configuration
Allows you to enable/disable the error disable timeout feature on this device.
Traps
Device>Configure>Traps
Each managed device sends its traps or error messages to a management
station. For example, a trap is sent whenever a port or device is
reset or an incorrect community string is detected by the switch or router.
The Traps window contains the following MIBs:
Authentication Traps (snmpEnableAuthenTraps)
Indicates whether traps will be sent when security violations occur.
Enable this field if you want traps to be sent when security
violations occur.
Chassis Traps (sysEnableChassisTraps)
Indicates whether chassis alarm traps (chassisAlarmOn and
chassisAlarmOff) will be generated for this device.
Module Traps (sysEnableModuleTraps)
Indicates whether module traps (moduleUp and moduleDown) will be
generated (enabled) for this device.
Bridge Traps (sysEnableBridgeTraps)
Indicates whether bridge traps (newRoot and topologyChange) will be
generated (enabled) for this device.
Repeater Traps (sysEnableRepeaterTraps)
Indicates whether repeater traps will be generated for this device,
as enabled or disabled.
IP Permit Traps (sysEnableIpPermitTraps)
Indicates whether the IP Permit Traps in this MIB should be generated (enabled).
VMPS Changed Traps (sysEnableVMPSTraps)
Indicates whether the wmVmpsChange trap defined in
CISCO-VLAN-MEMBERSHIP-MIB should be generated (enabled).
Configuration NVRAM Changed Traps (sysEnableConfigTraps)
Indicates whether sysConfigChange trap in this MIB (which confirms
that the system configuration in NVRAM is changed, should be
generated (enabled).
Entity Configuration Changed Traps (sysEnableEntityTraps)
Indicates whether entConfigChange trap in the ENTITY-MIB (RFC-2023)
should be generated (enabled).
Spanning Tree Traps (sysEnableStpxTraps)
Indicates whether stpxInconsistencyUpdate trap in the
CISCO-STP-EXTENSIONS-MIB should be generated (enabled).
VTP Notifications (vtpNotificationsEnabled)
Indicates whether the notification/traps defined by the
vtpConfigNotificationsGroup are enabled.
Click Apply to make your Traps changes take effect.
Traps Receivers Table
The Trap Receiver table displays the IP addresses and the Read
community strings of the destination network management stations. The
Trap Receiver table can contain a maximum of ten entries, even though
the dialog box displays more than ten rows.
Click Add to create a new row in the Trap Receiver table, then
enter the IP Address and Community String and click Apply, or
click Delete to remove the currently selected row.
Note: The rows in the Trap Receivers Table are numbered
beginning with 0, so if you try to delete the second row, a message
appears asking if you want to delete row 1.
Click Cancel to close the dialog box without making any
changes. Click Print to print the contents of the dialog box.
Command Line Alternative: You can set trap configurations via
the command line CLI/SNMP
To set an snmp trap, use:
set snmp trap <enable | disable> [vtp | ippermit | vmps |
config | entity | stpx]
set snmp trap <rcvr_address> <rcvr_community>
show snmp
Authentication
Device>Configure>Authentication
Manage your device’s authentication with the following options:
Configuration
RADIUS
TACACS+
Configuration
Device>Configure>Authentication>Configuration
Authentication Configuration indicates whether TACACS+ or RADIUS is the
primary login, or primary enable authentication.
Console Login (sysConsolePrimaryLoginAuthentication)
Indicates whether TACACS+ or RADIUS is the primary login authentication. If
tacasLoginAuthentication and radiusLoginAuthentication are set to disabled, it
will have a value of local.
Console Privilege (sysConsolePrimaryEnableAuthentication)
Indicates whether TACACS+ or RADIUS is the primary enable authentication. If
tacacsEnableAuthentication and radiusEnableAuthentication are set to disabled,
it will have a value of local.
Telnet Login (sysTelnetPrimaryLoginAuthentication)
Indicates whether TACACS+ or RADIUS is the primary login authentication, i.e.
which method will be tried first for a telnet session. If
tacacsLoginAuthentication and radiusLoginAuthentication are set to disabled, it will have a value of
local.
Telnet Privilege (sysTelnetPrimaryEnableAuthentication)
Indicates whether TACACS+ or RADIUS is the primary enable authentication, i.e.
which method will be tried first for a telnet session. If
tacacsEnableAuthenticaion and radiusEnableAuthentication are set to disabled, it will have a value
of local.
RADIUS
Device>Configure>Authentication>RADIUS
Use the Authentication RADIUS dialog box to set RADIUS parameters for the
device.
Login Authentication (radiusLoginAuthentication)
Indicates whether the login authentication using RADIUS feature is enabled or
disabled for console and/or telnet sessions.
Enable Authentication (radiusEnableAuthentication)
Indicates whether the enable authentication using the RADIUS feature is
enabled or disabled for console and telnet sessions.
Server DeadTime (radiusDeadtime)
Indicates the length of time, in seconds, the system will wait for a response
from RADIUS server before the system will mark the server dead. The default
value of 0 means that the RADIUS servers will not be marked dead if they do not
respond.
Authentication Key (radiusAuthKey)
The key used in encrypting the packets passed between the RADIUS server and
the client. This key must match the one configured on the server. This item is
only accessible when using the community string defined in sysCommunityRwa, or
the value is a null string.
Interval Between Retrials (radiusRetransmits)
Indicates number of times the RADIUS server should be tried before giving up
on the server.
Timeout (radiusTimeout)
Indicates the time, in seconds, between retransmissions to the RADIUS server.
Click Apply to make your changes to these six values take effect.
Server Address (radiusServerAddr)
The IP address of a RADIUS server.
Server Port (radiusServerAuthPort)
The destination UDP port number to which RADIUS messages should be sent. The
RADIUS server will not be used for authentication if this port number is 0.
Server Type (radiusServerType)
Type of RADIUS server: primary or other.
Click Create to add a new entry to this table, or click Delete to remove the selected entry. Click on the Type field to change the type to Primary or Other.
Click Cancel to close the dialog box without making any changes. Click Print to print the contents of the dialog box.
TACACS+
Device>Configure>Authentication>TACACS+
Use the Authentication TACACS+ dialog box to set Terminal Access Controller
Access Control System (TACACS+) parameters for the device.
Login Authentication (tacacsLoginAuthentication)
Whether TACACS+ login authentication is enabled on the device.
Local Login Authentication (tacacsLocalLoginAuthentication)
Whether login authentication using a local password is enabled on the device.
Enable Authentication (tacacsEnableAuthentication)
Whether TACACS+ enable authentication is enabled on the device.
Local Enable Authentication (tacacsLocalEnableAuthentication)
Whether enable authentication using a local password is enabled on the device.
Allowed Login Attempts (tacacsNumLoginAttempts)
Number of login attempts allowed on the device. Valid values are 1 to 10.
Direct Request (tacacsDirectedRequest)
Whether the TACACS+ directed request feature is enabled on the device.
Time Out (tacacsTimeout)
Number of seconds the device waits for a response from the TACACS+ server host.
Authentication Key (tacacsAuthKey)
Key used to encrypt the data passed between the TACACS+ server and this
client. This key must match the one configured on the server. You must have
Read/Write access to the device to change this value.
Click Apply to make your changes to these eight values take effect.
TACACS+ Server's IP (tacacsServerAddr)
IP address of this TACACS+ server.
TACACS+ Server Type (tacacsServerType)
Type of this TACACS+ server: primary or other.
Click Create to add a new entry to this table, or click Delete to remove the selected entry. Click on the Type field to change the type to Primary or Other.
Click Cancel to close the dialog box without making any changes. Click Print to print the contents of the dialog box.