cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
iboyd
Engaged Sweeper III
Hello Lansweeper Community!

I have a few Cisco SourceFire modules in play, along with a few Firesight Management Consoles.

I can get the consoles to play nice with Lansweeper, but using the SSH Cred's for the SourceFire modules doesn't seem to work. Any one have any clues on how to clear up scanning errors between SourceFire and Lansweeper?

Thanks,
Ian B
6 REPLIES 6
keys_it
Engaged Sweeper III
I know this is a bit old but we had initially come across scanning issues with our FMC being scanned correctly and hopefully this helps for someone else in the future. The issue we had was Lansweeper detects the the FMC as SSH and no matter what SSH credentials we defined, it can log in via SSH but Lansweeper failed to scan it. The solution is to enable SNMP and map SNMP credentials with the community string in Lansweeper.

The first part is to setup FMC for SNMP scanning.
1. Log into FMC
2. Navigate to System > Configuration > SNMP
3. Select your version and enter a community string > Save


The second part is to map the SNMP credentials.
1. Log into Lansweeper
2. Navigate to Scanning > Scanning Credentials
3. If the SNMP credentials do no exist, create it.
4. Click Map Credential > IP address > type in the IP > select the SNMP credential > Add

Once you rescan the FMC, all details will fill in, including mount points, ip information, mac address and if its on VMWare and you are scanning your hosts, VMWare guest details will load too. I have verified that the correct Mac address is scanning as of Lansweeper version 7.0.110.2.
iboyd
Engaged Sweeper III
Simon,

Sorry, it might not be as automagical as I might have made it out to be. Here is what I had to do:
My 5506's and Firesight are showing up as Generic SSH machines. Once I go into each device thru the ADSM and add the community I get more info, but Lansweeper is pulling (?) the wrong MAC, so i edit the MAC address on the Asset entry and boom, all the ASA interfaces map.

I added the Community to the FMC, I am not sure if it sends it down to each SFR onsite. But again at least by changing the asset MAC address to the right one, it maps the network interfaces at least.

Bubba,

We are talking about just getting Lansweeper to scan the FMC VM's as a regular asset, along with the onsite SourceFires and ASA's to report back normally since they occupy 2 different IP's. I never thought of using Lansweeper as an ID source, is that doable? What is the use case? By the way, my organization is not making use of the Lansweeper Helpdesk if that is where you are going.
bubba198
Engaged Sweeper II
Are you guys discussing just LAN sweeper being able to scan the FMC VM, the ASAs etc or is this discussion around integration in terms of using LAN sweeper as an identity source for FirePOWER?

~B
Simon_Pretty
Engaged Sweeper II
that would be great, I have the firepower management center reading no problems but each of the disks in the asa have been picked up on the IP scan, the ssh credentials work if i putty to the box but lansweeper does not get any reading back. i guess there is not the api for an ssh connection to give back the info that lansweeper is asking for. I tried to configure snmp on the disk but that didnt work either. so any help that you can give would be very welcome... cheers.
iboyd
Engaged Sweeper III
No, unfortunately I haven't gotten them fully engaged to Lansweeper.

I have 1 that is pretty much set but is still giving me an SSH error even tho the creds are right.

The ASA itself is playing nice once you put the manager into the ASDM.

I have seen that these will not "auto-join" as it were, and need some configuring done to play nice.

Where are you stuck? I will try find time to document what I have done.

-Ian B
Simon_Pretty
Engaged Sweeper II
Did you get anywhere with this, been driving me potty this afternoon.