The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This appendix provides troubleshooting information. It contains information about:
•Checking the Version Number of Cisco Configuration Engine
•System Cannot Connect to the Network
•Cannot Connect to the System Using a Web Browser
•Problems Connecting to the System with Secure Shell
•Cannot Connect to the System Using Telnet
•Backup and Restore Not Working Properly
•Using the cns-send and cns-listen Commands
Note For additional troubleshooting information, see the Troubleshooting Guide for Cisco Configuration Engine.
In some of the sections, you might be advised to contact the Cisco Technical Assistance Center (TAC) for assistance. You can obtain TAC assistance online at http://www.cisco.com/tac.
To check the version number of the Cisco Configuration Engine software, do one of the following:
•Start the Cisco Configuration Engine application, and look for the version number in the displayed login screen.
•Use the version command. This command is located in the
cd $CISCO_CE_INSTALL_ROOT/CSCOcnsie/bin directory.
Problem You cannot log in to the system.
Possible Cause This problem could occur for one of the following reasons:
–You did not run the Setup program to create the initial system configuration.
–You lost all of the user account passwords.
Solution To resolve this problem, follow these steps:
Step 1 If you did not run the Setup program, run the Setup program as described in the Cisco Configuration Engine Solaris Installation & Configuration Guide, 2.0.
Step 2 If you do not know the passwords for the system user accounts, reconfigure the system to create a new user account.
Step 3 If you still cannot log in to the system, contact the Cisco Technical Assistance Center (TAC) for assistance.
Problem The system cannot connect to the network.
Possible Cause This problem could occur for the following reasons:
–The network cable is not connected to an Ethernet port.
–The Ethernet interface is disabled or misconfigured.
–The system is configured correctly, but the network is down or misconfigured.
–The system is not configured correctly.
Solution To resolve this problem, follow these steps:
Step 1 Verify that the network cable is connected to an Ethernet port and that the Link light is on.
•If the network cable is not connected, connect it.
•If the network cable is connected but the Link light is not on, check these probable causes:
–The network cable is faulty.
–The network cable is the wrong type (for example, a crossover type is used, instead of the required straight-through type).
–The port on the default gateway to which the system connects is down.
Step 2 If you still cannot connect to the network, use the ping command to perform the following tests:
a. Try to connect to a well-known host on the network. A DNS server is a good target host.
If the ping command can reach the well-known host, the system is connected to the network. If it cannot connect to the host, the problem is with the network configuration or the host. Contact your network administrator for assistance.
b. If the ping command cannot reach the well-known host, try to reach another host on the same subnet as the system.
If the ping command can reach a host on the same subnet, but cannot reach a host on a different subnet, the default gateway is probably down or misconfigured.
Step 3 If the ping command cannot reach any hosts, use the ifconfig command to determine whether the Ethernet interface is disabled or misconfigured.
If the Ethernet interface is disabled, enable it. If it is misconfigured, configure it correctly.
Step 4 If the interface is enabled and correctly configured but you still cannot connect to the network, ensure that all network setting are configured correctly. Run the Setup program again by entering the setup command in the shell prompt.
Note You cannot run the Setup program a second time by logging in as setup. For security reasons, the account is disabled after it is used once successfully.
Step 5 Contact your network administrator to verify that there are no conditions on the network that prevent the system from connecting to the network.
Step 6 If no conditions are preventing the system from connecting to the network, contact the Cisco TAC for assistance.
Problem You cannot connect to the system by entering its IP address in a web browser.
Possible Cause This problem could occur for the following reasons:
–The system cannot connect to the network.
–Encryption is enabled (plain text is disabled).
–The HTTP service is not running.
Solution To resolve this problem, follow these steps:
Step 1 Make sure that the system can connect to the network.
If it cannot connect to the network, see the "System Cannot Connect to the Network" section for possible resolution.
Step 2 Try to connect to the system by using a web browser.
If encryption is enabled:
•Use https://... to connect.
•Verify that the certificate is correct.
Step 3 If you still cannot connect, stop and start the web server by entering the following commands:
/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/httpd start
If the LDAP directory contains thousands of devices, restart and wait 20 minutes.
Step 4 Repeat Step 2.
Step 5 If you cannot connect, restart the system.
If the LDAP directory contains thousands of devices, restart and wait 20 minutes.
Step 6 If you still cannot connect to the system, contact the Cisco TAC for assistance.
Problem When connecting to the system using Secure Shell (SSH), you experience one of these problems:
•You cannot connect to the system.
•The system is extremely slow, even though it is connected to the network.
•The system cannot correctly process requests from management applications.
Possible Cause The system cannot obtain DNS services from the network.
Solution To resolve this problem, follow these steps. Connect to the console if you cannot connect by using SSH.
Step 1 Do one of the following:
•Set up the name servers properly by editing the /etc/resolv.conf file.
•Re-execute Setup.
Step 2 Verify that the system can obtain Domain Name System (DNS) services from the network by entering the following command:
#
host <dns-name>
where <dns-name> is the DNS name of a host on the network that is registered in DNS. When you enter this command, it responds with the IP address of the host.
If the system cannot resolve DNS names to IP addresses, the DNS server is not working properly.
Step 3 Resolve the network DNS problem.
Step 4 If the system can resolve DNS names to IP addresses but you still cannot connect to the system using SSH, contact the Cisco TAC for assistance.
Problem You cannot connect to the system by using Telnet even though the system is connected to the network.
Possible Cause This problem could occur if the Telnet service is disabled on the system.
Solution To resolve this problem, use SSH to connect to the system.
Problem Backup and restore is not working properly.
Possible Cause This problem could occur for the following reasons:
–The time base for the host system is not set to the UTC time zone.
–The time has changed.
–The cron job has not started.
Solution To resolve this problem, follow these steps:
Step 1 Connect to the console if you cannot connect using SSH.
Step 2 Log in to the host system as root.
Step 3 To determine whether the time is correct, enter the following command:
# date
Step 4 To determine the state of the cron job, enter the following command:
# /etc/rc.d/init.d/crond restart
Example:
# /etc/rc.d/init.d/crond restart
Stopping cron daemon: [ OK ]
Starting cron daemon: [ OK ]
#
Problem Cannot back up jobs.
Possible Cause The crontab command is used to schedule backup jobs. This command requires space in the /var partition to execute. If the /var partition is full, the crontab command fails to execute, which causes backup job failure.
Solution To resolve this problem, clean up the /var partition on the system (move some files to the /home/ directory). Then resubmit the backup job from the Cisco Configuration Engine user interface.
Use the cns-send and cns-listen commands to send and receive test messages to the event gateway in the Cisco Configuration Engine. These commands are located in the /opt/CSCOcnsie/tools directory.
The syntax for the cns-send command is:
cns-send -version
or
cns-send [-service <service>] [-network <network>] [-daemon <daemon>] [-file <filename>] <subject> [<message>]
To use the cns-send command, follow these steps:
Step 1 Log in to the host system as root.
Step 2 Change directories to /opt/CSCOcnsie/tools.
Step 3 Type ./cns-send -file <filename> <subject>
Note The cns-send command sends messages in the opaque data format.
The syntax for the cns-listen command is:
cns-listen -version
or
cns-listen [-service <service>] [-network <network>] [-daemon <daemon>] <subject_list>
To use the cns-listen command, follow these steps:
Step 1 Log in to the host system as root.
Step 2 Change directories to /opt/CSCOcnsie/tools.
Step 3 Type ./cns-listen <subject_list>
Use the greater than symbol (>) for a wildcard.
./cns-listen "cisco.cns.config.load"
./cns-listen "cisco.cns.>"