NetSight - Fail backup configuration

  • 0
  • 1
  • Problem
  • Updated 3 years ago
  • Solved

NetSight - Fail backup configuration


Using NetSight Inventory MAnager or Oneview to backup siwtches configuration fail.

Please refer to attachment for error massage.

Photo of Goh Chern Jie

Goh Chern Jie

  • 320 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,286 Points 20k badge 2x thumb
Hi, the error message is "....CLI access is not enabled..." so you need to configure it or Netsight is not able to telnet/ssh to the device to generate the backup.

Here a example...
https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-setup-CLI-crentials-in-Netsight-Con...

-Ron
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,286 Points 20k badge 2x thumb
If it still don't work please let us know the device type/model of the switch and which Netsight version you've installed.
Photo of Goh Chern Jie

Goh Chern Jie

  • 320 Points 250 badge 2x thumb

Hi still connot :(

NetSight Version :6.2.0.183 . Siwtch model : x250-24p , x250-48p , x460-24p , x460-48p

Photo of Thomas, Frank

Thomas, Frank, Employee

  • 1,902 Points 1k badge 2x thumb
Can you go onto the netsight server directly and try to ssh to that particular device? There could be acl/policy/firewall in the way. The device could have ssh disabled or locked out as well.
Photo of Goh Chern Jie

Goh Chern Jie

  • 320 Points 250 badge 2x thumb
I can SSH from netSight console to the particular device.
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,286 Points 20k badge 2x thumb
I wonder whether it has something to do with your username as that one includes a period.
I'm not even able to create an account with a . included on my X440.
Maybe try it with a username that doens't include special character.

As per Thomas suggestion... ssh into Netsight so that you are in the CLI shell.
Then from the Netsight CLI try to ssh to a switch.
In your above screenshot the putty session is going from your laptop to the switch and not from Netsight.

Could you please also provide a "show management" and "show vlan" from the test switch.

-Ron
Photo of Goh Chern Jie

Goh Chern Jie

  • 320 Points 250 badge 2x thumb

MFR301_S01.1 # sh management
CLI idle timeout                 : Enabled (20 minutes)
CLI max number of login attempts : 3
CLI max number of sessions       : 8
CLI paging                       : Enabled (this session only)
CLI space-completion             : Disabled (this session only)
CLI configuration logging        : Enabled
CLI scripting                    : Disabled (this session only)
CLI scripting error mode         : Ignore-Error (this session only)
CLI persistent mode              : Persistent (this session only)
CLI prompting                    : Disabled (this session only)
Telnet access                    : Disabled (tcp port 23 vr all)
                                 : Access Profile : not set
SSH access                       : Enabled (Key valid, tcp port 22 vr all)
                                 : Access Profile : ssh_access
Web access                       : Disabled (tcp port 80)
                                 : Access Profile : not set
Total Read Only Communities      : 0
Total Read Write Communities     : 0
RMON                             : Enabled
SNMP access                      : v1,v2c Disabled, v3 Enabled
                                 : Access Profile : not set
SNMP Traps                       : Enabled
SNMP v1/v2c TrapReceivers        :
    Destination         Source IP Address       Flags   Timeout  Retries
      10.1.8.58 /10550  10.8.2.106              3ET           -        -

Flags:  Version: 1=v1 2=v2c 3=v3
        Mode: S=Standard E=Enhanced
        Notification Type: T=Trap I=Inform

SNMP stats:     InPkts 2987174 OutPkts   2994704 Errors 588     AuthErrors 0
                Gets   1451546 GetNexts  70610   Sets   3402    Drops      0      
SNMP traps:     Sent   7538    AuthTraps Enabled
SNMP inform:    Sent   0       Retries   0       Failed 0

Photo of Goh Chern Jie

Goh Chern Jie

  • 320 Points 250 badge 2x thumb

MFR301_S01.2 # sh vlan
---------------------------------------------------------------------------------------------
Name            VID  Protocol Addr       Flags                       Proto  Ports  Virtual  
                                                                            Active router
                                                                            /Total
---------------------------------------------------------------------------------------------
adm_dept        40   ------------------------------------------------ ANY    1 /4   VR-Default
cctv_vlan       204  ------------------------------------------------ ANY    5 /14  VR-Default
con_store       24   ------------------------------------------------ ANY    1 /4   VR-Default
Default         1    ------------------------------------------------ ANY    0 /0   VR-Default
dnd_dept        200  ------------------------------------------------ ANY    1 /4   VR-Default
fad_dept        42   ------------------------------------------------ ANY    1 /4   VR-Default
firewall_vlan   10   ------------------------------------------------ ANY    1 /4   VR-Default
guest_zone      22   ------------------------------------------------ ANY    1 /4   VR-Default
hpd_dept        44   ------------------------------------------------ ANY    1 /4   VR-Default
hrd_dept        46   ------------------------------------------------ ANY    1 /4   VR-Default
hsd_dept        48   ------------------------------------------------ ANY    1 /4   VR-Default
hse_dept        50   ------------------------------------------------ ANY    1 /4   VR-Default
jea_dept        86   ------------------------------------------------ ANY    1 /4   VR-Default 
jmcl_dept       84   ------------------------------------------------ ANY    1 /4   VR-Default
jms_dept        82   ------------------------------------------------ ANY    2 /5   VR-Default
mes_dept        52   ------------------------------------------------ ANY    1 /4   VR-Default
Mgmt            4095 ------------------------------------------------ ANY    0 /1   VR-Mgmt   
mgmt_vlan       4    ------------------------------------------------ ANY    2 /5   VR-Default
mis_dept        54   ------------------------------------------------ ANY    1 /4   VR-Default
osd_dept        56   ------------------------------------------------ ANY    1 /4   VR-Default
pad_dept        58   ------------------------------------------------ ANY    1 /4   VR-Default
pdd_dept        60   ------------------------------------------------ ANY    1 /4   VR-Default
pfd_dept        62   ------------------------------------------------ ANY    1 /4   VR-Default
pmo_dept        64   ------------------------------------------------ ANY    1 /4   VR-Default
pms_vlan        30   ------------------------------------------------ ANY    1 /4   VR-Default
printer_vlan    32   ------------------------------------------------ ANY    2 /5   VR-Default
qad_dept        66   ------------------------------------------------ ANY    1 /4   VR-Default
reader_vlan     14   ------------------------------------------------ ANY    9 /17  VR-Default
scm_dept        80   ------------------------------------------------ ANY    1 /4   VR-Default
server_farm     8    ------------------------------------------------ ANY    2 /5   VR-Default
ssd_dept        68   ------------------------------------------------ ANY    1 /4   VR-Default
sslvpn_vlan     6    ------------------------------------------------ ANY    1 /4   VR-Default
super_own       26   ------------------------------------------------ ANY    2 /5   VR-Default
switch_vlan     2    10.8.2.106     /23  -fL------------------------- ANY    2 /5   VR-Default
video_vlan      16   ------------------------------------------------ ANY    1 /4   VR-Default
voice_vlan      1088 ------------------------------------------------ ANY    1 /4   VR-Default
warehouse       20   ------------------------------------------------ ANY    1 /4   VR-Default
wireless_vlan   12   ------------------------------------------------ ANY    1 /6   VR-Default
workshop        18   ------------------------------------------------ ANY    1 /4   VR-Default
---------------------------------------------------------------------------------------------
Flags : (B) BFD Enabled, (c) 802.1ad customer VLAN, (C) EAPS Control VLAN,
        (d) Dynamically created VLAN, (D) VLAN Admin Disabled,
        (e) CES Configured, (E) ESRP Enabled, (f) IP Forwarding Enabled,
        (F) Learning Disabled, (i) ISIS Enabled, (I) Inter-Switch Connection VLAN for MLAG,
        (k) PTP Configured, (l) MPLS Enabled, (L) Loopback Enabled,
        (m) IPmc Forwarding Enabled, (M) Translation Member VLAN or Subscriber VLAN,
        (n) IP Multinetting Enabled, (N) Network Login VLAN, (o) OSPF Enabled,
        (O) Flooding Disabled, (p) PIM Enabled, (P) EAPS protected VLAN,
        (r) RIP Enabled, (R) Sub-VLAN IP Range Configured,
        (s) Sub-VLAN, (S) Super-VLAN, (t) Translation VLAN or Network VLAN,
        (T) Member of STP Domain, (v) VRRP Enabled, (V) VPLS Enabled, (W) VPWS Enabled,
        (Z) OpenFlow Enabled

Total number of VLAN(s) : 39

Photo of Goh Chern Jie

Goh Chern Jie

  • 320 Points 250 badge 2x thumb

what is the command from netsight ssh to my switch ?



Last login: Thu Sep  3 10:48:21 2015 from 10.1.55.219

**** Extreme Networks *********************************************************
                   
This is the NetSight Suite Appliance 6.2.0.183.  Alter files with caution.

WWW Site:       http://www.extremenetworks.com
Support Email:  support@extremenetworks.com
Phone:          800-998-2408

*******************************************************************************
root@mslnstprd001.sembmarine.com:~$ ssh
ssh            ssh-add        ssh-agent      ssh-argv0      ssh-copy-id    sshd           ssh-import-id  ssh-keygen     ssh-keyscan    ssh-vulnkey   
root@mslnstprd001.sembmarine.com:~$ ssh


Photo of Goh Chern Jie

Goh Chern Jie

  • 320 Points 250 badge 2x thumb

Hi ,

i found the problem :) is the ACL block :)

So i have to add the netsight IP into every switches. i got 100plus switches , may i know netsight got any way to help cause i don wish add the netsight IP into ACL 1 switch by 1 switch.


Best regards,

CJ