Managing Device Configuration

The Device command in the CiscoView Configure menu lets you view and change configuration information for your Catalyst 1200, 2900, 4000, 5000, 5002, 5500, 5509, 6000, and CPW 2200 device.

The following categories of information are available:

Management

Displays device management information for a Catalyst 5000 series OR a Catalyst 6000 series.

Authentication

Displays device authentication configuration, RADIUS, and TACACS+ information for the device.

Traps Receivers

Displays the trap receivers configured on a 4000-series device OR on a 5000-series device OR
on a 6000-series device.

Physical

Displays physical information about a 4000-series device a 5000-series device OR a 6000 series device.

(SPAN) Switch Port Analyzer

Displays information about the monitoring source and destination ports
on a 5000-series device OR on a 6000-series device.

Spanning Tree

Displays spanning tree options for halting loops discovered in the network topology.

Cisco Discovery Protocol

Displays Cisco Discovery Protocol (CDP) information known on a 5000-series device OR on a 6000-series device.

CDP/Neighbor View

Displays information about all neighboring Cisco devices on your network.

Multi Instance Spanning Tree (MISTP)

Lets you enable/disable an MISTP instance.

MISTP Mapping

Lets you map a VLAN to an MISTP instance.

COPS

Displays COPS device configuration information.

File Copy

Lets you copy config files to and from a remote host to runtime memory.

Default Gateways

Displays information for up to three entries of default gateways.

VLAN & Bridge

Displays VLAN membership and configuration for the device.

IP Route

Displays IP routing destination information for the device.

ARP Table

Displays the correspondence between physical and network addresses known on the device.

TCP

Displays the algorithm and retransmission timeout information for the device.

TopN Report

Displays information from the TopN Report utility for each physical port’s traffic over a user-specified interval.

TCP Connections

Displays debugging information about current TCP connections on the device.

UDP

Displays the Universal Datagram Protocol (UDP) listener table for the device.

FDDI/Ethernet Bridge

Displays information about the FDDI/Ethernet Bridge for the device (not supported on 4000-series devices).

PIB

Displays a single policy instance that identifies the current incarnation of the PIB and the PDP that installed this incarnation.

Brouter

Displays brouter information for the device.

DNS

Displays Domain Name Server (DNS) information for the device.

MOTD

Lets you change the message of the day for the device.

System Log

Lets you specify if system log messages should be sent to the console
for a 5000-series device OR a 6000-series device.

System Log Message Severity

Lets you set the security level of the different types of system log messages.

System Processes

Displays the information and statistics data for all running processes on the device.

NTP

Lets you set Network Time Protocol (NTP) parameters for the device.

TACACS+

Lets you set Terminal Access Controller Access Control System (TACACS+) parameters for the device.

VMPS...

Displays VMPS options for the device.

IP Permit

Sets VLAN Membership Policy Server (VMPS) parameters for this device.

EtherChannel

Displays information about the EtherChannels defined for Catalyst 4000 and 5000 devices.

Displays information about the EtherChannels defined for Catalyst 6000 devices.

Scheduled Reset

Lets you perform a scheduled reset operation.

Summer Time

Lets you specify the local dates and time, the summer time start and end as well as summer time recurring start and end.

Boot Flash Memory

Displays boot Flash partition information for the device.

Boot Configuration

Configures alternative boot configuration parameters; (sysBootedImage is not supported on the 4000-series device).

Multi-Layer Switching (MLS)

Configures and displays information about MLS shortcuts, routers, netflow timeouts, data exports, and Layer-2 statistics.

Memory Pool

Displays information about the different types of memory pools supported by the Catalyst 5000 series.

Trunk VLAN Mapping

Lets you add and delete VLAN to VLAN association for the Catalyst 6000 (with software image version greater than 6.1).

High Availability

Detects there is a redundancy supervisor in the Catalyst 6000 chassis when it is in standby mode.

Extended RMON Netflow Monitor

Displays information about Extended RMON Netflow for Catalyst 5000 switches with Earl2 and Clear Lake modules installed.

Channel Protocol

Indicates the aggregation protocol configured on this device's  modules.

Error Disable Timeout Configuration

Allows you to enable/disable the error disable timeout feature on this device.


Traps

Device>Configure>Traps

Each managed device sends its traps or error messages to a management station. For example, a trap is sent whenever a port or device is reset or an incorrect community string is detected by the switch or router.

The Traps window contains the following MIBs:

Authentication Traps (snmpEnableAuthenTraps)

Indicates whether traps will be sent when security violations occur. Enable this field if you want traps to be sent when security violations occur.

Chassis Traps (sysEnableChassisTraps)

Indicates whether chassis alarm traps (chassisAlarmOn and chassisAlarmOff) will be generated for this device.

Module Traps (sysEnableModuleTraps)

Indicates whether module traps (moduleUp and moduleDown) will be generated (enabled) for this device.

Bridge Traps (sysEnableBridgeTraps)

Indicates whether bridge traps (newRoot and topologyChange) will be generated (enabled) for this device.

Repeater Traps (sysEnableRepeaterTraps)

Indicates whether repeater traps will be generated for this device, as enabled or disabled.

IP Permit Traps (sysEnableIpPermitTraps)

Indicates whether the IP Permit Traps in this MIB should be generated (enabled).

VMPS Changed Traps (sysEnableVMPSTraps)

Indicates whether the wmVmpsChange trap defined in CISCO-VLAN-MEMBERSHIP-MIB should be generated (enabled).

Configuration NVRAM Changed Traps (sysEnableConfigTraps)

Indicates whether sysConfigChange trap in this MIB (which confirms that the system configuration in NVRAM is changed, should be generated (enabled).

Entity Configuration Changed Traps (sysEnableEntityTraps)

Indicates whether entConfigChange trap in the ENTITY-MIB (RFC-2023) should be generated (enabled).

Spanning Tree Traps (sysEnableStpxTraps)

Indicates whether stpxInconsistencyUpdate trap in the CISCO-STP-EXTENSIONS-MIB should be generated (enabled).

VTP Notifications (vtpNotificationsEnabled)

Indicates whether the notification/traps defined by the vtpConfigNotificationsGroup are enabled.

Click Apply to make your Traps changes take effect.

Traps Receivers Table

The Trap Receiver table displays the IP addresses and the Read community strings of the destination network management stations. The Trap Receiver table can contain a maximum of ten entries, even though the dialog box displays more than ten rows.

Click Add to create a new row in the Trap Receiver table, then enter the IP Address and Community String and click Apply, or click Delete to remove the currently selected row.


Note: The rows in the Trap Receivers Table are numbered beginning with 0, so if you try to delete the second row, a message appears asking if you want to delete row 1.


Click Cancel to close the dialog box without making any changes. Click Print to print the contents of the dialog box.

Command Line Alternative: You can set trap configurations via the command line CLI/SNMP

To set an snmp trap, use:

set snmp trap <enable | disable> [vtp | ippermit | vmps | config | entity | stpx]

set snmp trap <rcvr_address> <rcvr_community>

show snmp


Authentication

Device>Configure>Authentication

Manage your device’s authentication with the following options:

Configuration

RADIUS

TACACS+


Configuration

Device>Configure>Authentication>Configuration

Authentication Configuration indicates whether TACACS+ or RADIUS is the primary login, or primary enable authentication.

Console Login
(sysConsolePrimaryLoginAuthentication)

Indicates whether TACACS+ or RADIUS is the primary login authentication. If tacasLoginAuthentication and radiusLoginAuthentication are set to disabled, it will have a value of local.

Console Privilege (sysConsolePrimaryEnableAuthentication)

Indicates whether TACACS+ or RADIUS is the primary enable authentication. If tacacsEnableAuthentication and radiusEnableAuthentication are set to disabled, it will have a value of local.

Telnet Login (sysTelnetPrimaryLoginAuthentication)

Indicates whether TACACS+ or RADIUS is the primary login authentication, i.e. which method will be tried first for a telnet session. If tacacsLoginAuthentication and radiusLoginAuthentication are set to disabled, it will have a value of local.

Telnet Privilege (sysTelnetPrimaryEnableAuthentication)

Indicates whether TACACS+ or RADIUS is the primary enable authentication, i.e. which method will be tried first for a telnet session. If tacacsEnableAuthenticaion and radiusEnableAuthentication are set to disabled, it will have a value of local.


RADIUS

Device>Configure>Authentication>RADIUS

Use the Authentication RADIUS dialog box to set RADIUS parameters for the device.

Login Authentication
(radiusLoginAuthentication)

Indicates whether the login authentication using RADIUS feature is enabled or disabled for console and/or telnet sessions.

Enable Authentication (radiusEnableAuthentication)

Indicates whether the enable authentication using the RADIUS feature is enabled or disabled for console and telnet sessions.

Server DeadTime (radiusDeadtime)

Indicates the length of time, in seconds, the system will wait for a response from RADIUS server before the system will mark the server dead. The default value of 0 means that the RADIUS servers will not be marked dead if they do not respond.

Authentication Key (radiusAuthKey)

The key used in encrypting the packets passed between the RADIUS server and the client. This key must match the one configured on the server. This item is only accessible when using the community string defined in sysCommunityRwa, or the value is a null string.

Interval Between Retrials (radiusRetransmits)

Indicates number of times the RADIUS server should be tried before giving up on the server.

Timeout (radiusTimeout)

Indicates the time, in seconds, between retransmissions to the RADIUS server.

Click Apply to make your changes to these six values take effect.

Server Address (radiusServerAddr)

The IP address of a RADIUS server.

Server Port (radiusServerAuthPort)

The destination UDP port number to which RADIUS messages should be sent. The RADIUS server will not be used for authentication if this port number is 0.

Server Type (radiusServerType)

Type of RADIUS server: primary or other.

Click Create to add a new entry to this table, or click Delete to remove the selected entry. Click on the Type field to change the type to Primary or Other.

Click Cancel to close the dialog box without making any changes. Click Print to print the contents of the dialog box.


TACACS+

Device>Configure>Authentication>TACACS+

Use the Authentication TACACS+ dialog box to set Terminal Access Controller Access Control System (TACACS+) parameters for the device.

Login Authentication (tacacsLoginAuthentication)

Whether TACACS+ login authentication is enabled on the device.

Local Login Authentication (tacacsLocalLoginAuthentication)

Whether login authentication using a local password is enabled on the device.

Enable Authentication (tacacsEnableAuthentication)

Whether TACACS+ enable authentication is enabled on the device.

Local Enable Authentication (tacacsLocalEnableAuthentication)

Whether enable authentication using a local password is enabled on the device.

Allowed Login Attempts (tacacsNumLoginAttempts)

Number of login attempts allowed on the device. Valid values are 1 to 10.

Direct Request (tacacsDirectedRequest)

Whether the TACACS+ directed request feature is enabled on the device.

Time Out (tacacsTimeout)

Number of seconds the device waits for a response from the TACACS+ server host.

Authentication Key (tacacsAuthKey)

Key used to encrypt the data passed between the TACACS+ server and this client. This key must match the one configured on the server. You must have Read/Write access to the device to change this value.

Click Apply to make your changes to these eight values take effect.

TACACS+ Server's IP (tacacsServerAddr)

IP address of this TACACS+ server.

TACACS+ Server Type (tacacsServerType)

Type of this TACACS+ server: primary or other.

Click Create to add a new entry to this table, or click Delete to remove the selected entry. Click on the Type field to change the type to Primary or Other.

Click Cancel to close the dialog box without making any changes. Click Print to print the contents of the dialog box.