Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1725
Views
10
Helpful
3
Replies

Expose Netsim to external interface - can it be done?

Go to solution
ron.whitt
Level 1
Level 1

‎02-07-2019 01:44 PM

I would like to expose Netsims to SSH sessions external to the host.  Of course you can ssh to a Netsim from the linux shell (within the same host), but I would like to be able to connect to a Netsim CLI from outside the host.  Is that possible? if so, how could it be done?  Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ron.whitt
Level 1
Level 1

‎02-12-2019 08:55 AM

OK, got this work.  Had to use a little iptables magic from the linux shell.  I had to imput these two commands:


nsoadmin@nso-1D-workshop:~/ncs-run$ sudo iptables -t nat -I PREROUTING -p tcp -d 192.168.88.100/24 --dport 10022 -j DNAT --to-destination 127.0.0.1:10022

nsoadmin@nso-1D-workshop:~/ncs-run$ sudo sysctl -w net.ipv4.conf.ens32.route_localnet=1

 

I was then able to ssh admin@192.168.88.100 -p 10022 and get right into the netsim.  

 

 

View solution in original post

3 Replies 3

Go to solution
joepak
Cisco Employee
Cisco Employee

‎02-07-2019 04:04 PM

So by external interface, you mean a computer/node that resides outside of the NSO's server?

 

I personally have not tried that myself.. I would think to access the netsim device and see if it can ssh to the remote host. I assume it wouldn't since netsim device's begin with 127.0.0.1. You could change the device's address to an IP within the same subnet of the external host and verify.

 

Have you tried this or other methods?

0 Helpful

Go to solution
vleijon
Cisco Employee
Cisco Employee

‎02-08-2019 01:17 AM

In your netsim instance directory, say netsim/ios/ios0/ there is a file confd.conf (and a lot of other little goodies for the curious!). By modifying that file you can modify how the netsim works. 

 

For your use-case, look under cli/ssh, you can set both port and a field called ip. You can look in man ncs.conf for an explanation of what the settings do.

 

After changing confd.conf you must restart the netsim instance.

 

However, on a quick test I just ran it does seem like it binds to 0.0.0.0 by default, so I am not entirely sure why it doesn't work for you.

Go to solution
ron.whitt
Level 1
Level 1

‎02-12-2019 08:55 AM

OK, got this work.  Had to use a little iptables magic from the linux shell.  I had to imput these two commands:


nsoadmin@nso-1D-workshop:~/ncs-run$ sudo iptables -t nat -I PREROUTING -p tcp -d 192.168.88.100/24 --dport 10022 -j DNAT --to-destination 127.0.0.1:10022

nsoadmin@nso-1D-workshop:~/ncs-run$ sudo sysctl -w net.ipv4.conf.ens32.route_localnet=1

 

I was then able to ssh admin@192.168.88.100 -p 10022 and get right into the netsim.  

 

 

Customers Also Viewed These Support Documents