NortelCS_GetomReport returns a GetOmreport -18 Error in the event detail message. (NETIQKB54757)

  • 7754757
  • 02-Feb-2007
  • 15-Feb-2012

Environment

NetIQ AppManager 6.0.x
NetIQ AppManager 7.x

Situation

NortelCS_GetOMReport errors with message NortelCSE1K.GetOMReport returned -18

CHR0392: An SNMP request sent to <> timed out.

Resolution

In order to resolve the above described issue, perform the following:

1.  Make sure the SNMP Community String entered in AppManager Security Manager for the Nortel module has both Read and Write access.

2.  In some circumstances you may have to add an FTP entry into AppManager Security Manager if your enviroment has 'special' requirements to pull the OM reports via FTP. 

Cause

The SNMP community string entered in AppManager Security Manager for the Nortel Module does not have Read and Write access.

Additional Information

Formerly known as NETIQKB54757

For more information see the AppmanagerforNortelICS1000.pdf included in the product download on how to set up the Security Manager entries.  See page 8 for the SNMP community string entries and page 28 for what enviroments require entries into Security Manager for FTP.


Note if the client has a routable  Elan to  Tlan and vice versa, that will cause the following issue (see statement from Nortel).   This is a Nortel limitation on their FTP implementation. 


Statement from Nortel

"Our current implementation of the FTP Server code does not limit itself to only listening for connections on the ELAN and/or TLAN.  (Which is to say, it is not bound to a specific network port or host IP address.)  It will allow a connection from either the ELAN or the TLAN.  

Getting to the FTP Server is only half of the story though.  When it receives a connection request, it needs to respond.  From a software coding perspective, the responses cannot be limited to only appear to come from a specific IP address.  The reply packet is formed by the higher level software, but the routing of the packet is controlled by the IP stack, and depending on how the routing table is constructed, it may be the case that packets come in on one interface, but get replied from a different interface.

The solution to this problem is a careful network design.  If the ELAN is indeed completely isolated, there should be no problem.  If there is a route between the ELAN and the TLAN, then it could be possible for a device on the TLAN to FTP to the ELAN IP address, but see responses coming back from the TLAN IP address."