cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1331
Views
0
Helpful
7
Replies

Unable to get NetConf-Yang Hello message on ASR1001-HX

kn2022
Level 1
Level 1

Hi,

On ASR1001-HX, I have  set management port eth0  ip as X.X.X.X and other to a regular interface GigabitEthernet0/0/3 as Y.Y.Y.Y.

I also have netconf-yang enabled and username enabled with the following commands

    username netuser privilege 15 password 0 P8ssw0rd
    netconf detailed-error
    netconf ssh
    netconf-yang

However even though I am able to get the netconf yang working on regular interface and able to get the the hello message when I do the ssh -p 830 netuser@Y.Y.Y.Y with reply as:
----
<session-id>28</session-id></hello>]]>]]>

----
I can't get the same when I try with ssh -p 830 netuser@X.X.X.X where X.X.X.X is the ip of the management interface.

Is there another command I have to enable for getting netconf-yang working on eth0 port of ASR1001-HX

7 Replies 7

Marcel Zehnder
Spotlight
Spotlight

Do you have a access list on your VTY?

That is what I thought originally too.

But on examination all I see is
asr2#show access-lists
Extended IP access list meraki-fqdn-dns
asr2#

kn2022
Level 1
Level 1

another thing which has caught my attention is:

asr2#show platform software yang-management process
confd : Running
nesd : Running
syncfd : Running
ncsshd : Running
dmiauthd : Running
nginx : Running
ndbmand : Running
pubd : Running
gnmib : Not Running
asr2#

Marcel Zehnder
Spotlight
Spotlight

Might be a stupid question: Normal SSH into the mgmt-interface is working on the box? The mgmt-interface is in its own VRF, so I assume routing (default gateway) is correct: show ip route vrf Mgmt-intf may be used to check this.

Thanks @Marcel Zehnder . Normal SSH into the mgmt-interface is working
Yes show ip route vrf Mgmt-intf  those are setup correctly.
If you see below

ibm002-asr2#show ip route vrf Mgmt-intf

Routing Table: Mgmt-intf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, m - OMP
n - NAT, Ni - NAT inside, No - NAT outside, Nd - NAT DIA
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
H - NHRP, G - NHRP registered, g - NHRP registration summary
o - ODR, P - periodic downloaded static route, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR
& - replicated local route overrides by connected

Gateway of last resort is 192.168.27.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 192.168.27.1
[1/0] via 10.120.27.1, GigabitEthernet0
192.168.27.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.27.0/24 is directly connected, GigabitEthernet0
L 192.168.27.67/32 is directly connected, GigabitEthernet0
ibm002-asr2#

Marcel Zehnder
Spotlight
Spotlight

Sorry, @kn2022 I have no more ideas. The only ASR1001s I have access to are productive boxes without the Gig0/Mgmt-Intf configured, so I have no way to test this further

Thanks for the help.