Cisco Cisco Security Manager 4.4 Guia De Especificaciones
Cisco Security Manager 4.4 API Specification (Version 1.1)
OL- 29074-01
Page 190
9
Troubleshooting (Common Scenarios)
Symptom: Certificate errors when communicating with the server
The CSM server uses self-signed certificates. Change the client program to accept self-signed certificates. Also API
access is only available over HTTPS and HTTP access is disabled for security reasons.
access is only available over HTTPS and HTTP access is disabled for security reasons.
Symptom: Authentication errors even after a successful login
Intermittent session errors will be seen if the session has timed out or has been invalidated. Default session inactivity
timeout is 15 minutes. The session can be kept alive using a ping or hearbeat mechanism.
timeout is 15 minutes. The session can be kept alive using a ping or hearbeat mechanism.
Symptom: Inline IP entered in the CSM GUI are retrieved as objects
CSM automatically encapsulates certain inline values (IP’s, Interface names etc.) inside a policy object for
convienience.
convienience.
Symptom: Data visible in the CSM client UI are not seen in the response data when fetched via the API
This can be due to various reasons. Some of them are listed below:
API only returns committed data (i.e. all changes must be submitted). So check if all data that is visible in
the client is committed.
the client is committed.
In some cases CSM specific settings are not returned in the response as it may not be relevant for API
access.
access.
Check if the user has sufficient Role Based Access Control (RBAC) privileges to access the data
Symptom: Client does not receive any event notifications from the server
Some of the reasons for this problem:
The event subscription has not been done or has been registered with incorrect syslog server that receives
the notification
the notification
Session used to register the event subscription has timed out. All event notifications are tied to a user
session. If the user session is invalidated then all event notifications for that user session will be stopped.
session. If the user session is invalidated then all event notifications for that user session will be stopped.