Diagnostic Commands and Tools

There is extensive debug capability for troubleshooting issues with the VPN Router MC. This section explains how to use this capability efficiently.

Setting the Logging Level

There are two levels of logging available for Router MC: debug and info. The default logging level is information. With this level, only information and error messages are written to the log file. While troubleshooting issues on VPN Router MC, you might want to set the logging to the debug level. However, note that working in debug mode uses more system resources, which slows down the system. Hence, you must use the debug level only when it is required. Once you are finished with troubleshooting or collecting data for analysis, reset the level back to info. Work through the following steps to perform this task:

Step 1.

At the command line of Router MC Server, execute the following command to turn the debug on:

C:\Program Files\CSCOpx\MDC\iosmdc\bin> setLoggermode -debug 

Step 2.

Allow a few minutes for the new mode to take effect, or restart the services.

Step 3.

Simulate your problem; let the system run collecting debug information for the problem you are trying to troubleshoot. Then collect the debug information with the procedure explained in the next section.

Step 4.

Once you have finished collecting debug information, revert the logging level back to info by using the following command:

C:\Program Files\CSCOpx\MDC\iosmdc\bin> setLoggermode -info 

Collecting the Debug Information (Diagnostics)

After setting up the logging level to debug, you can collect or view the debug information in two ways: by using a Graphic User Interface (GUI) or the Command line Interface (CLI).

Using a Graphic User Interface

You can view the debug log messages in the Common Services user interface, by selecting VPN Security Management Solution > Admin > Logging > Operation. This is useful for viewing the information in real time without having the console access to the Router MC server. However, if you want to analyze the log offline or want to send this information to the Cisco support center for additional analysis, you might want to follow the procedure described in the section that follows.

Using a Command Line Interface

Using the CLI is more efficient than using a GUI to collect debug information from the Router MC Server. Work through the following steps to practice using the CLI:

Step 1.

On the Router MC server, open the DOS prompt and type MDCSupport. If you do not specify a location, the MDCSupportInformation.zip file is created in this default location: the $BASE\CSCOpx\MDC\etc directory, where $BASE is the drive and directory where you installed CiscoWorks Common Services (for example, c:\Program Files). To save the file to a different location, enter MDCSupport drive:\path at the DOS prompt.

Step 2.

Press Enter. The MDCSupport utility creates a .zip file that contains system and configuration information.

Step 3.

You can transfer this resultant file into a different machine or send this information to the Cisco support Team for additional analysis.

The MDCSupportInformation.zip file does not include the Router MC database. However, this may be required by the Cisco Support team to replicate your setup. To collect the Router MC database, follow the procedure in the next section.

Collecting the Router MC Database

Work through the following steps to collect the Router MC database of the Router MC server:

Step 1.

Stop the Daemon Manager.

Step 2.

Go to the directory in which Router MC is installed, navigate to CSCOpx\MDC\iosmdc\db, and copy the following files: iosmdcDB.db and iosmdcDB.log

Step 3.

To collect the device configuration files, go to the directory in which Router MC is installed, navigate to CSCOpx\MDC\iosmdc\IOSMDCFS\import\current, and copy the device configuration files.

Step 4.

Restart the Daemon Manager

Using the Log Files

The MDCSupportInformation.zip file is made up of a number of files. Hence to analyze the problem efficiently, you need to know which files are pertinent to the Router MC and therefore need to be analyzed Each message in the log files contains the timestamp, the module that has written the message, its type (information, debug or error), and its data. The following list outlines some of the most important logs that you need to analyze first, based on the types of problem you are experiencing:

  • Tomcat Logs The tomcat logs are located at \CSCOpx\MDC\tomcat\logs. The most important files are stdout.log and stderr.log. If due to login failure or timeout problems, the devices are not accessible when you are trying to update the current configuration, live deployment will fail. This may happen if the IOS does not support the CLI syntax that is generated by Router MC.

  • Jonas logs The Jonas logs provide information on issues related to the database actions. The log files are located at \CSCOpx\MDC\logs. The most important Jonas log files that need to be analyzed first are JonasStderr.log and JonasStdout.log.


The Router MC can generate the following reports, which can be used for troubleshooting Router MC:

  • Audit Report Query-based report showing who did what to which objects in which activity

  • Device Status Last deployment status of all devices

  • Activity Status Summary of active activities and what objects are locked by each

Cisco Network Security Troubleshooting Handbook
Cisco Network Security Troubleshooting Handbook
ISBN: 1587051893
EAN: 2147483647
Year: 2006
Pages: 190
Authors: Mynul Hoda

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net