取消
显示结果 
搜索替代 
您的意思是: 
cancel
4564
查看次数
4
有帮助
15
回复

vmanger能够ping通但是WEB无法打开

xiaomaomao05086
Beginner
Beginner
vmange配置完后,能够ping通,但是WEB无法打开,https的服务也开了,请问大家有谁知道是什么问题吗?
15 条回复15

Rps-Cheers
Collaborator
Collaborator
你可以先看看配置或证书是否有问题?
show run
show control local-properties
看看服务示范都处于running?
request nms all status
另外,是否有在VPN0开启tunnel接口?
https://sdwan-docs.cisco.com/Product_Documentation/Software_Features/Release_17.2/04Segmentation/02Configuring_Segmentation_(VPNs)
看看有没有用呢?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

xiaomaomao05086
Beginner
Beginner
1540488497lcj 发表于 2020-3-3 19:01
你可以先看看配置或证书是否有问题?
show run
show control local-properties

vmanage# show control local-properties
personality vmanage
sp-organization-name
organization-name
root-ca-chain-status Installed
certificate-status Not-Installed
certificate-validity Not Applicable
certificate-not-valid-before Not Applicable
certificate-not-valid-after Not Applicable
dns-name
site-id 0
domain-id 0
protocol dtls
tls-port 23456
system-ip 0.0.0.0
chassis-num/unique-id 3208082f-bfed-40e3-9ec2-57aac3f521a0
serial-num No certificate installed
cloud-hosted no
token -NA-
retry-interval 0:00:00:16
no-activity-exp-interval 0:00:00:20
dns-cache-ttl 0:00:02:00
port-hopped FALSE
time-since-last-port-hop 0:00:00:00
number-vbond-peers 0
number-active-wan-interfaces 0
vmanage#
vmanage#
vmanage#
vmanage#
vmanage#
vmanage#
vmanage#
vmanage# request nms all status
^@NMS application server
Enabled: true
Status: running PID:9347 for 671s
NMS configuration database
Enabled: true
Status: running PID:8289 for 684s
NMS coordination server
Enabled: true
Status: running PID:5551 for 706s
NMS messaging server
Enabled: true
Status: running PID:7488 for 689s
NMS statistics database
Enabled: true
Status: running PID:3432 for 717s
NMS data collection agent
Enabled: true
Status: running PID:10910 for 656s
NMS cloud agent
Enabled: true
Status: running PID:465 for 733s
NMS container manager
Enabled: false
Status: not running
NMS SDAVC proxy
Enabled: true
Status: running PID:551 for 733s
vmanage#
vmanage#
vmanage#
vmanage#

已经为VPN0配置了IP地址,并且也设置为了tunnel inteface,也能ping通这个地址,但是就是web无法打开,请问是因为证书服务没有安装吗?如何安装这个证书

Rps-Cheers
Collaborator
Collaborator
xiaomaomao05086 发表于 2020-3-4 17:42
已经为VPN0配置了IP地址,并且也设置为了tunnel inteface,也能ping通这个地址,但是就是web无法打开 ...

那这个设备应该还没加入overlay吧?
你访问的时候,是访问8443端口吗?
https://system-ip-address:8443/
虚拟机的分配的磁盘和内存有多大呢?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

xiaomaomao05086
Beginner
Beginner
1540488497lcj 发表于 2020-3-4 18:09
那这个设备应该还没加入overlay吧?
你访问的时候,是访问8443端口吗?
https://system-ip-address:844 ...

我虚拟机分配的资源如下所示:
2vCPU
32G内存
200G硬盘

我用https://xx.xx.xx.xx:8443也无法打开WEB页面
被这个问题都搞疯了。

xiaomaomao05086
Beginner
Beginner
1540488497lcj 发表于 2020-3-4 18:09
那这个设备应该还没加入overlay吧?
你访问的时候,是访问8443端口吗?
https://system-ip-address:844 ...

vmanage# show running-config 
system
host-name vmanage
admin-tech-on-failure
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
usergroup tenantadmin
!
user admin
password $6$j5Bg15pfyVjD2XGS$3TIqc8ZDo7T7/D/cgLgZ/nutmvCwNSVZ7bsP2F71NdTY/nhQC8VC4JB76xvybVIW615pcclx0xEWDyki7oSdZ1
!
!
logging
disk
enable
!
!
!
vpn 0
dns 114.114.114.114 primary
interface eth0
ip address 172.30.20.201/16
ipv6 dhcp-client
tunnel-interface
allow-service all
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
no allow-service ntp
no allow-service stun
allow-service https
!
no shutdown
!
ip route 0.0.0.0/0 172.30.0.1
!
vpn 512
!
vmanage#
vmanage#

这是我的全部配置

wuhao0015
Rising star
Rising star
1,你在VPN0还是在VPN512上做的配置?
先把tunnel interface去掉,或者allow-service https
2,用的什么版本你的内存给够了没?
3,到vshell下看看服务和端口又没起来?
vmanage:~$ netstat -tnal | grep 8443
tcp6 0 0 :::8443 :::* LISTEN

wuhao0015
Rising star
Rising star
我做实验从0到站点之间做通,硬撸文档做了一周,里面各种坑,最难搞的就是PKI和加vedge。

xiaomaomao05086
Beginner
Beginner
wuhao0015 发表于 2020-3-4 20:18
1,你在VPN0还是在VPN512上做的配置?
先把tunnel interface去掉,或者allow-service https
2,用的什么 ...

1.我在VPN0上做的IP地址访问,把tunnel interface去掉了还是不行,之前一直有allow-service https,但是还是不行;
2.用的版本是19.1.0
3.这个vshell的后台怎么进入
4.我的整机配置文件如下:
vmanage# show running-config 
system
host-name vmanage
admin-tech-on-failure
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
usergroup tenantadmin
!
user admin
password $6$j5Bg15pfyVjD2XGS$3TIqc8ZDo7T7/D/cgLgZ/nutmvCwNSVZ7bsP2F71NdTY/nhQC8VC4JB76xvybVIW615pcclx0xEWDyki7oSdZ1
!
!
logging
disk
enable
!
!
!
vpn 0
dns 114.114.114.114 primary
interface eth0
ip address 172.30.20.201/16
ipv6 dhcp-client
tunnel-interface
allow-service all
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
no allow-service ntp
no allow-service stun
allow-service https
!
no shutdown
!
ip route 0.0.0.0/0 172.30.0.1
!
vpn 512
!
vmanage#
vmanage#

xiaomaomao05086
Beginner
Beginner
wuhao0015 发表于 2020-3-4 20:21
我做实验从0到站点之间做通,硬撸文档做了一周,里面各种坑,最难搞的就是PKI和加vedge。

请问在哪里可以获取到文档

xiaomaomao05086
Beginner
Beginner
wuhao0015 发表于 2020-3-4 20:18
1,你在VPN0还是在VPN512上做的配置?
先把tunnel interface去掉,或者allow-service https
2,用的什么 ...

硬件参数分配我觉得已经够大了
2VCPU
32G内存
200G硬盘

wuhao0015
Rising star
Rising star
xiaomaomao05086 发表于 2020-3-5 08:56
请问在哪里可以获取到文档

1,我是硬啃的官方文档
2,vshell直接在cli下敲vshell
3,telnet 8443端口是否能通?
4,是不是浏览器或者防火墙的原因,实在不行再重新部署个只配置个地址直连。

xiaomaomao05086
Beginner
Beginner
wuhao0015 发表于 2020-3-5 12:04
1,我是硬啃的官方文档
2,vshell直接在cli下敲vshell
3,telnet 8443端口是否能通?

vmanage:~$ netstat -tnal | grep 8443
vmanage:~$ netstat -tnal | grep 8443
vmanage:~$
vmanage:~$
vmanage:~$
vmanage:~$
vmanage:~$

这是不是端口没有起来,这个端口能更改吗?
目前已经是直连了。

xiaomaomao05086
Beginner
Beginner
问题已解决,使用的版本是19.1.0,换用版本,换用18.4.3然后同样的配置,GUI已经可以正常打开

感谢楼主分享解决方案,是否有小伙伴的回答也令您满意呢?您可以标记为最佳哦
入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:







快捷链接