Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1680
Views
4
Helpful
19
Replies

Managing Switch with Ansible Via SSH

Go to solution
sleepless swan
Level 1
Level 1

‎03-06-2024 05:18 AM

I am trying to manage a Catalyst 2960 switch with Ansible. The ansible controller is installed on a Linux VM. I haven't been able to SSH to the switch from the controller despite the service being enabled on the switch and the controller. 

 

Connection:

- PC connected to switch with an ethernet cable. The port is configured with an IP in the same subnet as the VM. 

Switch configuration

 

version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ansible
!
boot-start-marker
boot-end-marker
!
!
username mikko privilege 15 password 0 P@ssw0rd
username pocha privilege 15 secret 5 $1$OgQZ$HheCqdqxYg5az5KEaTrNV.
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
ip domain-name ansible.bh
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
ip ssh version 1
!
!
interface FastEthernet0/1
 switchport mode access
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.168.7.17 255.255.255.0
 no ip route-cache
!
ip http server
ip http secure-server
!
control-plane
!
!
line con 0
line vty 0 4
 login local
 transport input ssh
line vty 5 15
 login local
 transport input ssh
!
end

 

Whenever I try to ssh to the switch from the vm, I get a 'no route to host' error. Pinging gives a destination unreachable error.

I've tried to ssh to the switch using Putty, but the connection timed out. 

Is it actually possible to manage the switch using Ansible with the current setup? 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
liviu.gheorghe
Spotlight
Spotlight

‎03-10-2024 04:51 AM

It's more than sure a problem related to VirtualBox or it's configuration. I presume that pinging the switch from the PC on which you installed VirtualBox is successful.

I think you would get more info on a Oracle/VirtualBox forum.

Regards, LG
*** Please Rate All Helpful Responses ***

View solution in original post

0 Helpful
19 Replies 19

Go to solution
liviu.gheorghe
Spotlight
Spotlight

‎03-06-2024 05:41 AM

Hello @sleepless swan ,

the switch configuration looks ok and you should be able to ssh into it, provided your PC has an IP from the 192.168.7.0/24 subnet and you have generated the rsa key needed for ssh.

You are trying to access the switch from a VM which is hosted on virtualisation platform, HyperV or ESXi for example. How is the virtualisation host connected to the switch? On interface FastEthernet 0/1?

How is the vSwitch from the virtualisation host configured? Trunk or single vlan?

Regards, LG
*** Please Rate All Helpful Responses ***

Go to solution
sleepless swan
Level 1
Level 1
In response to liviu.gheorghe

‎03-07-2024 04:08 AM - edited ‎03-07-2024 04:09 AM

Hello @liviu.gheorghe

Indeed both the switch and VM are in the same subnet.

I'm using VirtualBox. The network adapter for the VM is set to NAT with the same subnet as the switch. The pc is connected to the fastethernet 0/1 port on the switch with an ethernet cable. I also have serial connection to the switch for direct configuration. 

Is it possible that I should choose the bridged network adapter for the VM instead? I still haven't tested that yet because it would require a VM reboot and it would take quite sometime due to the tools running on the VM.

0 Helpful

Go to solution
bigevilbeard
VIP
VIP

‎03-06-2024 05:56 AM

I see no reason for this not to work here.

  • Double-check IP addresses: Ensure the VM and switch are configured with valid IP addresses in the same subnet.
  • Check subnet mask: Confirm both devices have the same subnet mask (e.g., 255.255.255.0).
  • Verify default gateway: Make sure the VM has the switch's IP address set as its default gateway.
  • Check the routing table on the PC connected

Hope this helps.

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎03-06-2024 10:25 AM

Hello,

is there a specific reason you are using SSH v1 ? Can you ping 192.168.7.17 from the Ansible controller ?

0 Helpful

Go to solution
sleepless swan
Level 1
Level 1
In response to Georg Pauwen

‎03-07-2024 03:24 AM

I'm assuming it wouldn't matter if it's v1 since it's just a testing environment? Unfortunately, I'm unable to ping from the Ansible controller which of course means I can't SSH to it. 

0 Helpful

Go to solution
liviu.gheorghe
Spotlight
Spotlight
In response to sleepless swan

‎03-07-2024 03:43 AM

Can you share the output of the netstat -nr command from the linux vm?

Regards, LG
*** Please Rate All Helpful Responses ***

Go to solution
sleepless swan
Level 1
Level 1
In response to liviu.gheorghe

‎03-07-2024 04:10 AM

Hello @liviu.gheorghe 

Please find the requested output

sleeplessswan_1-1709813412998.png

 

0 Helpful

Go to solution
liviu.gheorghe
Spotlight
Spotlight
In response to sleepless swan

‎03-07-2024 04:23 AM

And also show arp from the switch and arp -an from the linux vm.

Regards, LG
*** Please Rate All Helpful Responses ***

Go to solution
sleepless swan
Level 1
Level 1
In response to liviu.gheorghe

‎03-07-2024 04:34 AM

sleeplessswan_0-1709814807408.png

sleeplessswan_1-1709814848142.png

 

 

0 Helpful

Go to solution
liviu.gheorghe
Spotlight
Spotlight

‎03-07-2024 04:44 AM

Also show cdp neighbor from the switch.

You have no communication between your switch and the linux vm - no Mac address of the vm or switch in each others arp table.

Your linux VM is hosted on what virtualisation platform? Vmware, HyperV or something else?

Regards, LG
*** Please Rate All Helpful Responses ***
0 Helpful

Go to solution
sleepless swan
Level 1
Level 1
In response to liviu.gheorghe

‎03-07-2024 04:50 AM

There are no cdp neighbors in the output. I'm using VirtualBox

0 Helpful

Go to solution
liviu.gheorghe
Spotlight
Spotlight
In response to sleepless swan

‎03-07-2024 04:56 AM

Ok. Then I believe there is a problem with the networking configuration on your VirtualBox. Can you share a screenshot of the networking configuration for the linux vm?

Regards, LG
*** Please Rate All Helpful Responses ***
0 Helpful

Go to solution
sleepless swan
Level 1
Level 1
In response to liviu.gheorghe

‎03-07-2024 05:08 AM

sleeplessswan_0-1709816845251.png

 

These are the NAT adapter settings

sleeplessswan_1-1709816883903.png

 

 

 

0 Helpful

Go to solution
liviu.gheorghe
Spotlight
Spotlight
In response to sleepless swan

‎03-07-2024 08:37 AM

I would change the settings for the first adapter - Attached to: Bridged Adapter.

This way you are sure that your vm is in the same vlan as the switch management vlan. I presume that the PC you are running VirtualBox on is attached to the switch on the first port - interface FastEthernet0/1.

Regards, LG
*** Please Rate All Helpful Responses ***
0 Helpful
Customers Also Viewed These Support Documents