Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5005
Views
5
Helpful
7
Replies

Cisco Prime 3.1 cannot access CLI via SSH

ThomasD86
Level 1
Level 1

‎02-12-2020 07:52 AM - edited ‎02-12-2020 07:52 AM

Hi,

on a fresh install of Cisco Prime 3.1 I cannot get SSH connection to work. I can ping the server and access the webUI, but trying to connect through SSH just goes into timeout.


I've confirmed that the sshd service is running and it's listening on port 22. I've also tried to stop and restart the service to no avail.

 

To rule out a network issue, I've also tried to connect directly back to back with the server interface and yet connecting through SSH won't work. 

 

Tried to reboot the server, again no dice.

 

According to the admin guide, it seems that SHH is one of the things that should just work after the installation without configuring anything (and if that was the case I'd expect some kind of "connection refused" message of some sort rather than a timeout) 

 

Has anyone got any idea?

Thanks

1 person had this problem
Labels:
7 Replies 7

marce1000
VIP
VIP

‎02-12-2020 10:16 AM

 

 - SSH-access should be available by default 1) Make sure no in-between fire-walling  infrastructure is active between your ssh-client and the Prime server preventing access. 2) Since you can not run ncs status - reboot the Prime server and carefully scrutinize the startup of all services. Make sure no errors are observed.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

gaston.benitez
Level 1
Level 1

‎02-12-2020 10:21 AM

Hi Thomas

 

Are you trying to connect to the server with the admin user? or root user?

 

I think that Prime only receive connections from admin user.

 

If you have access to the console.

 

Can you validate that the network parameters that were configured during installation process are correct?

ip add /mask / DG

 

BR

0 Helpful

ThomasD86
Level 1
Level 1
In response to gaston.benitez

‎02-12-2020 10:26 AM - edited ‎02-12-2020 10:26 AM

Hi Gaston,
I am logging in with the admin user I created during the setup phase, so i just type ssh <serverip> admin but I never get a reply from the server and it just times out.

I confirmed that the supplied parameters are right multiple times and the ip mask and dg are correct. To rule out a possible network issue I also directly connected my computer to the interface and tried to ssh that way but with the same results: connection time out.


In both cases (when I am remotely connected or when I am directly connected) I can ping the server and access the webui just fine. It's only the ssh that fails

0 Helpful

Jurgens L
Level 3
Level 3
In response to ThomasD86

‎02-12-2020 10:57 AM

Did you also try the telnet TCP port test, but doing telnet <prime_ip_addr> 22 from your machine? Out of interest what SSH client are you using?
0 Helpful

gaston.benitez
Level 1
Level 1
In response to ThomasD86

‎02-12-2020 11:01 AM

Thomas.

 

Where are you trying to connect from? Windows, Lunux CLI or from putty like tools?

 

Did you test to connect like this?

 

ssh admin@A.B.C.D

or ssh -l admin A.B.C.D

 

BR

0 Helpful

ThomasD86
Level 1
Level 1

‎02-12-2020 12:57 PM - edited ‎02-12-2020 01:00 PM

Thanks all for your replies so far, I'll try to answer you all

 

@marce1000 I have physical access to the servers (they are 2 as we're trying to run some test for an EPNM HA deployment) through the serial port. The NCS status command doesn't show any obvious error (apart from the health monitoring server complaining that HA is not configured

@Jurgens L 

I've not tried that, will be the first thing I do tomorrow when I get into work. My go to client usually is SecureCRT, but I've also tried with PuTTy and the windows built-in one and had the same result with all of them. I am not sure the client might be a fault as we do have a live server with the same prime infrastructure version running on it I can access using SecureCRT just fine.

I've tried to have a look at the live server configuration but nothing seemed off.

 

@gaston.benitez 
No, I've not tried with the syntax you suggested, will try tomorrow!                

 

Additionally, perhaps it can give people another clue, this prime installation was done on 2 cisco UCS servers we have here as we're trying to test the feasibility of an EPNM ha installation, servers have respectively a .172 and .173 ip with their gateway being a .161 on a /28 mask.


Servers are connected to a 3850 stack and while I can ping one from the other (I can ping .173 from .172 and vice versa) by trying to ssh into one another with ssh <server IP> admin nothing happens. So my first thought was there was something wrong with the networking hence to rule that out, I've tried to connect directly to the interface of both with my computer but with the same exact results. 

I can ping the server and access the webUI, but not ssh into it because of the connection timing out. At this point I am convinced is something super obvious I am missing.


Thanks again for all your help

0 Helpful

ThomasD86
Level 1
Level 1

‎02-12-2020 12:58 PM - edited ‎02-12-2020 12:59 PM

Double post by mistake.

0 Helpful
Customers Also Viewed These Support Documents