04-20-2020 03:10 AM - edited 04-20-2020 04:25 AM
Hello,
I am trying to setup Cisco NSO Version 5.3 (latest from Cisco) to manage configuration on a Juniper SRX device. However, I am getting an error while trying to sync from the Juniper device:
sync-result {
device my_juniper_exchange
result false
info my_juniper_exchange: invalid value for: authentication-algorithm in /ncs:devices/ncs:device[ncs:name='my_juniper_exchange']/ncs:config/junos:configuration/junos:security/junos:ipsec/junos:proposal[junos:name='esp-aes256-sha256-nopfs']/junos:authentication-algorithm: "hmac-sha-256-128" is an invalid value.
}
Here, NSO says that: junos:authentication-algorithm: "hmac-sha-256-128" is an invalid value.
However, in JunOS, hmac-sha-256-128 is a valid value for authentication algorithm.
Can someone help me fix this issue?
Here is how the device is created in NSO CLI (NCS):
admin@ncs(config)# devices device {device_name} address {device_ip_address} device-type netconf ned-id juniper-junos-nc-3.0 admin@ncs(config-device-jnpr-dev-srx)# state admin-state unlocked admin@ncs(config-device-jnpr-dev-srx)# authgroup jnpr admin@ncs(config-device-jnpr-dev-srx)# exit
04-20-2020 03:31 AM
- Cipher mismatch may be due to the NSO version being too low to support the intended platform (for instance); check if you have newer version(s) available.
M.
04-20-2020 03:58 AM
Hello,
Thanks for the reply.
I am using the NSO 5.3, which is the newest version from Cisco.
04-20-2020 08:45 AM
- Not sure the Juniper SRX is supported , it's not in this list :
M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide