vRNI – Adding NSX-T and Physical sources

Now it is time to add some sources to vRealize Network Insight. You could of course add just the vCenters but if possible it is better to add NSX also and if possible (If the network guys agree). then add the physical devices also. This will however take some configuration effort.

All sources are added from the settings page on the Platform server. (Settings –> “Account and Data sources”. From there you should see a long list of various supported platforms. For this post I will focus mainly on a couple of Catalyst 3000’s that I have and Generic router/Switch and of course NSX-T.

NSX-T

once inside the Account and Data sources, select NSX-T (Not NSX without -T) and fill in the details. Like selecting which Collector to use and the FQND/IP of the nsx manager LB IP. Next add the username/password. I went with Admin here though I don’t recommend it but I am only setting up NSX at the moment so I will correct this later.

NSX-T-Source

There is not much else to this, just make sure you can verify the connection and then hit the submit button.

You should now have NSX-T listed amongst your data sources.

Catalyst 3000 device

Next up is the hardware bit. So lets add a Catalyst 3000 device to Network insight also so we can get some more data inside.

Again you need the Add source, and then you need to find the Router/Switch section on the page. Select the Cisco Catalyst 3000 button and you get a screen to fill in, much like for NSX-T above. Fill in the details Cisco-Cat-3k-Add

Notice that the Validation is successful but you get a warning that the Source type could not be verified at given IP/FQDN. This is basically down to that the type and version might not be fully supported by vRealize Network Insight. The device adds ok though.

So what I worked out was that I checked if my device was in deed supported, which it was. You can see a list of supported devices here. The next thing is that next to my device it says SSH and SNMP. So I figured, ok lets configure SNMPv3 and see if it makes a difference.

In the Cisco device, if you have not set this up before you can use something like this. Notice that the iso gives access all the way down. If you want to narrow this down you might want to check out the Cisco SNMP Object Navigator. This will help you search for and narrow down the security. Anyway, I just want to show a simple example here of how to configure access in a Cisco device:

snmp-server view ALL-ACCESS iso included

snmp-server group GROUP1 v3 priv read ALL-ACCESS

snmp-server user user GROUP1 v3 auth sha secretpw! priv aes 128 privatesecret!

 

So the first line creates a view, the next line creates a group and gives access to the View. Finally the last line creates a user with access to the group. I think it’s fairly straight forward.

After that you configure SNMP in the switch configuration.

You do not need the Context in the case of snmpv3 because we have user verification.

You should end up with something like the following based on the config in the cisco device above:

snmp-config

At the end it looks like this after enabling SNMP.

After-snmp-config

That’s all for now.

%d bloggers like this: