cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1251
Views
0
Helpful
10
Replies

Sandbox Access Issues - Please Help

We were working on sandbox to test few functionalities of code for the Cisco-SD WAN API through programming.
As we have found, There are 2 ways of sending the request and getting the response.

 

Python Programming.
Need to write the code on the local machine and execute with VPN Connection on sandbox.
Using Postman
Need to setup the postman and the send the command to sandbox after connecting to VPN.

 

For the above we need to have VPN connection established.
Rohit VPN connection failed, and Cisco VPN client collapsed on Saturday (12th June 2021).
My VPN connection failed, and Cisco VPN client collapsed today (14th June 2021)

 

Please note that, as we have found there no space on the sandbox where you can write the code and execute from there only.
It’s only a virtual box which gives access to the API’s to return the responses.

We have downloaded the Any Connect_Connection_Guide.pdf document which says that 2nd email provides the below information.

Your Lab’s Network IP Address
Your VPN Username
Your VPN Password

 

In the email 2nd email, we have received (Both First and Second email received are attached)
Your lab's private VPN connection information:
Lab Network Address: http://devnetsandbox-usw1-reservation.cisco.com:20265
Username: ManjunathM
Password: MENTHLPD

 

I am here by attaching the both the email that received after reserving the sandbox and AnyConnect_Connection_Guide.pdf.
I am also here by attaching cmd_response.txt which gives the output of both ping and trace route.

Please help us how can we get this working.
If you direct s to right person who can help us to get this issue resolved OR let us know, if we are doing anything wrong here.

 

10 Replies 10

Hello @ManjunathMaregowda1709 it is best to run your code (Python / Postman) from your local machine towards the sandbox IP (vManage) - the DevBox is mostly used for local admin and the SD-WAN certs etc... we do not recommend testing or using this as a jump host (the devbox does not have internet access or sudo also - so no tools can be installed)

 

Here is an example code to use on the sandbox 

 

 

Sadly, I cannot comment on your past issues when connecting to the sandbox and it failing, I do know our ENG team filters ICMP as part of the security posture in some cases.

 

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Dear TEAM,

 

My VPN connection is not getting established.

When i try to establish the VPN connection, the VPN client is failing and resulting in VPN client getting crashed and which i need to re-install again.

 

Please note that our previous reservations also I had the same issue.

As I remember in one of the cisco training also, we had reserved for the sandbox and that time also we faced the same issue.

 

Dear TEAM.

As per the discussion with Joel Jose, i tried the connection by setting up reservation on sand box for 8 hours again today.

As per the previous, i received 2 emails which are attached.

I tried the VPN connection, this time the VPN did not crash. but the connection gt timeout.

 

I am attaching all the below documents.

Ping and trace route commands executed from local machine.
Both the emails received after the reserving the sandbox.
Screen shots for the error and also the reservation of sand box.

 

Please go through the attachments and help me to get this issue resolved.

Thank You.

 

 

@ManjunathMaregowda1709 Joel and I have asked the sandbox team to help also. In the meantime the please check provide the following details.

 

Do you have an active reservation to troubleshoot this issue you can provide the reservation ID and also what your username is for devnet so the team can lookup your past reservations?

 

Some tips from past issues I have seen.

 

  • Try disabling IPv6 on your local internet connection
  • With Windows occasionally seen issues with TLS being blocked
  • Please be sure that your local and corporate firewall allow VPN tunnels
  • Another good test (if possible) is to try connecting another PC running a different operating system than Windows and see if that one connects
  • Go to Network Connections from Control Panel, right-click Cisco AnyConnect Security Mobility Client Connection, and choose Properties. Then disable IPv6, change IPv4 IP settings from Fixed IP to Dynamic. Close all Network Properties dialog boxes, and try VPN connecting again.
  • The gateway / head-end firewall IP you are trying to ping/traceroute does not reply to ICMP so this will fails by design and security posture - you can test this with TCP ping/trace to the port of your reservation

I took a reservation this morning of this SD-WAN sandbox and did not see any issues with connection or VPN. Hope some of these tips work.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Dear,

 

Thanks for the response.

Yes, i have active reservation as i reserved this morning for 8 hours.

 

Please check from your side and in the mean time, i will check with the other options you have provided.

disabling IPv6 on your local internet connection: done.

Please be sure that your local and corporate firewall allow VPN tunnels ; Checked and its been allowed.

Cisco AnyConnect Security Mobility Client Connection, and choose Properties. Then disable IPv6: Done

change IPv4 IP settings from Fixed IP to Dynamic: Its always the case

 

Still i have issue with VPN connection.

 

Please note the below

I received in the 2nd email "Lab Network Address: http://devnetsandbox-usw1-reservation.cisco.com:20122"

I am using "devnetsandbox-usw1-reservation.cisco.com" to establish the connection.

Please correct me if there is anything wrong and suggest me further.

 

Thank You.

Hello @ManjunathMaregowda1709 you need to enter the URL with the port number. In your example - enter the following into the Any Connect. Without the port, your connection will error and fail.

 

devnetsandbox-usw1-reservation.cisco.com:20122

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Dear All,

 

I tried with the Port by reserving again with sandbox.

This time the entire URL i received is "http://devnetsandbox-usw1-reservation.cisco.com:20108"

I used as specified or suggested

devnetsandbox-usw1-reservation.cisco.com:20108

 

This time, my entire VPN crashed and i am not seeing the VPN now at all.

Just like first time, i need to get this VPN client installed again.

 

@ManjunathMaregowda1709 thanks for the update - see the issue you are reporting above and screen shots is your Any Connecting is trying to update, a fatal error occurs and results in the Any Connect not being able to launch. I am not an Any Connect expert - but do not believe this is caused by the DevNet sandox and this is a local issue on your machine. I found this thread here -->https://community.cisco.com/t5/vpn/fatal-error-during-installation-a-vpn-connection-cannot-be/td-p/4081222 which might help you resolved your machine's issues.

 

You will need to look at your AnyConnect installation logs to see the local errors.

 

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

Dear TEAM,

 

I have successfully installed the new version of the CIsco VPN client 4.9 version.

I was able to connect to VPN successfully.

 

Thank You.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: