DX NetOps Manager

Expand all | Collapse all

RedHat Linux detected as Nokia Firewall

Jump to Best Answer
  • 1.  RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 04:06 AM

    Hi guys,

     

    So I recently added 6 Redhat 6.8 servers on which Net-SNMP is configured but once added to Spectrum they are all listed with:

     

    Model Type Name: NokiaFW

    Device Type: Nokia Firewall

    Model Class: Firewall

     

    What would you suggest be the first steps in diagnosing this problem?

     

    Many thanks.



  • 2.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 06:00 AM

    Hello,

     

     

    the net-snmp agent will be used by many vendors but often they didn't change the object sysobjectid to something private.
    In this case the agent reports the sysobjectId of net-nsmp and most likely this is already mapped to NokiaFW in your environment.
    You can check with the DeviceCertification Tool in OneClick.

     

    The owner of the Spectrum ModelType can change the discovery and mapping order.

     

    The NokiaFW vendor can configure a private value to the object sysobjectId.

     

    You can configure a private value for sysobjectid on your RedHat devices, which you can map with DeviceCertification.

     

    You can model with "model by type" but you will get a "different type model" alarm.

     

    Regards,
    Olaf



  • 3.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 06:55 AM

    I can see that NET-SNMP/AGENT/REDHAT is listed as a certified device on the CA Certified Devices list, which sysobjectid should I set for this device and what model type and device type should a redhat Linux come under?



  • 4.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 08:28 AM

    I would expect that your RedHat server contains a sysOid starting with     1.3.6.1.4.1.8072. and that this OID was mapped to MType NokiaFW in your environment.

    Seek the System Objet ID in the Information Tab -> CA Spectrum Modeling Information View of your RedHat Device, modeld as a NokiaFW, and search this OID in the Device Certification Tool.

    You will find the Device Certification Tool in your OneClick client Tools->Utilities->Device Certification ....



  • 5.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 08:48 AM

    Thanks Olaf, I appreciate the response but I'm not sure you understand the problem.

     

    Redhat Linux using net-snmp is a CA certified device, so if I remove the custom mapping it should have a CA certified mapping but this is not the case and as such I don't know which Device Type and Model Type the device should be.

     

    I am going to have to use the NewMM.pl script in order to change the Model Type.



  • 6.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 08:55 AM

    If your question is, how to change the Mtype of an existing Spectrum model, you are right.

    To change the Device Certification will not automatically change existing models, you have to re-model them.



  • 7.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 08:58 AM

    I know how to remodel devices, the question is as follows:

     

    Which model type do I use for 1.3.6.1.4.1.8072.3.2.10 seeing as it should be a CA certified OID?



  • 8.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 09:07 AM

    The tool "Device Certification" in OneClick will tell you which Mtype will be used in your environment

     

    In this environment this sysOid is used by Cisco and is mapped to the Mtype Cisco_SecGW.

     

    What do you get if you filter for 1.3.6.1.4.1.8072.3.2.10 in your environment in the OC tool Device Certification?



  • 9.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 09:12 AM

    It is currently mapped to NokiaFW and Firewall, I need to know what to map it to?

     

    Auto? Linux? Redhat? Server?



  • 10.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 09:23 AM

    First question should be, why is this OID mapped to NokiaFW.

    Do you have NokiaFW models with sysoid 1.3.6.1.4.1.8072.3.2.10 in your environmnet?

    Than you have a conflict which has to be solved (see the hint in the post of Jason).

     

    Auto, Linux, Redhat and Server are not Spectrum ModelTypes.

    You can choose a Model Type which fits to your needs with the Browse button. 

    If there is no more detailed MT you can choose GnSnmpDev.



  • 11.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 10:35 AM
      |   view attached

    To set it back to default just select the entry and delete it.

    Cheers

    Jay



  • 12.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 08:29 AM
      |   view attached

    What is the sysoid?   I think what Olaf was mentioning was more in regards to launching the Spectrum Device Certification… utility (Tools-> Utilities-> Device Certification…).  In there you can check the sysoid and change the modeltype and/or add an entry if it doesn’t exist.  However, be careful in case the oid is a standard NET-SNMP oid.  If that’s the case, you may need to check into MTE at the modeltype to see if it can be changed:

     

    https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec1326162.html

     

    Cheers

    Jay



  • 13.  Re: RedHat Linux detected as Nokia Firewall

    Posted 06-06-2017 09:02 AM

    Hi Jason,

     

    The sysoid is 1.3.6.1.4.1.8072.3.2.10. It should be certified by CA shouldn't it?



  • 14.  Re: RedHat Linux detected as Nokia Firewall
    Best Answer

    Posted 06-06-2017 09:20 AM

    Hi Peter,

     

    I checked the Spectrum Certified Devices spreadsheet, located at http://ehealth-spectrum.ca.com/devices/, and I see this System Object ID was added in Spectrum 10.0 as the following:

       Vendor:   Net-SNMP

       Device Name:   Linux WS

       System Object Identifier:   1.3.6.1.4.1.8072.3.2.10

       Spectrum:   10

       Release:   Initial

       Firmware:   -

       Model Type:   GnSNMPDev

       Support Level:   Simple

     

    I double checked the Device Certification utility from an out of the box install of Spectrum 10.2.1, and found by default there aren't any entries for this System OID. Therefore, if your Device Certification utility shows a custom mapping to the Nokia Firewall, this is what is causing your problem.

     

    You will need to delete the custom mapping from the Device Certification utility, and then use the NewMM.pl, using the -m option, to convert the existing Nokia Firewall models back to a GnSNMPDev model type. The NewMM.pl script is located in the $SPECROOT/Install-Tools/PostInstall directory.

     

    I hope this helps,

    Brad