Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2318
Views
0
Helpful
3
Replies

Router/switch is up but can't telnet/ssh to it

moha06
Level 1
Level 1

‎02-11-2020 05:07 AM

Hello,

 

So I work at NOC. And sometimes, when our monitor shows that something goes down, a router/switch, that is not always the case. When I troubleshoot it, I see that it is up and running and etc. So most of the time it is management problem. My questions is:

 

1. Why does this happen?

2. My colleague said that just because you cant ping the router/switch it doesn't need to be management problem. An ACL can block ICMP which is true. So what can the problem be?

3. How do you solve it?

 

Best regards,

 

Labels:
0 Helpful
3 Replies 3

marce1000
VIP
VIP

‎02-11-2020 07:20 AM

 

 - Since you work at NOC , do you have any firewalling-infrastructure between your noc-client and the switch which could provide  full access when needed ?

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame

‎02-11-2020 12:40 PM

The original post asks a question about monitoring software reporting a resource is down asking why does it happen and how to solve it. We do not have enough information to be able to answer either of those questions. First how does the monitoring software check on the resource? Is it a simple ping? Is it a series of pings that fail x times? Is it that it does not respond to SNMP? If we knew how it detects failure we might have an answer about why false positives happen and what could be done about it.

 

And I wonder about the mismatch between the title of the post being about router/switch is up but can't telnet/ssh and the problem described in the post which is about monitor reports down when the device is really not down.

HTH

Rick
0 Helpful

gaston.benitez
Level 1
Level 1

‎02-12-2020 10:49 AM

Hi Moha06

 

Sometimes when you can ping a device but you can not ssh or telnet to it. This behaviour maybe related to TACACs / Radius in the sense that the device, when you try to login. It has to ask to the tacacs server to validate your credentials and if the server is temporarely unavailable or with drops in the connection from the device <--> tacacs you can face problems trying to login to the box.

 

You can validate in your tacacs server logs if you are not facing connection drops from the device you are trying to connect to.

 

From the box, you can do a show tacacs and see the counters to verify if it is sending and receiving correctly the packets.

 

Router# show tacacs

Tacacs+ Server : 172.19.192.80/49
Socket opens: 3
Socket closes: 3
Socket aborts: 0
Socket errors: 0
Socket Timeouts: 0
Failed Connect Attempts: 0
Total Packets Sent: 7
Total Packets Recv: 7
Expected Replies: 0
No current connection

 

 

Please. Don´t forguet to mark if this post is usefull 

BR 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card