cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1966
Views
15
Helpful
9
Replies

NSO: adding and configuring router with terminal server to NSO

Geethanjali
Cisco Employee
Cisco Employee

Hi,

 

I have a topology wherein my cisco ios router is configured with a terminal server. SSH is enabled on the terminal server. How to connect to the router through this terminal server added to NSO?

 

I have already referred the below post

https://community.cisco.com/t5/nso-developer-hub-discussions/how-to-connect-to-device-that-requires-jump-host/td-p/3437827

 

But am facing the same issue that sujmurth has mentioned. I dont see cisco-ios-proxy-settings option listed for ned-settings command. Pls let me know the commands.

2 Accepted Solutions

Accepted Solutions

vleijon
Cisco Employee
Cisco Employee

Make sure you use a production version of the NED and not the one that is distributed with NSO. Which NED version are you running?

View solution in original post

The NEDs that ship with the NSO distribution are suitable only for running the examples that ship with NSO. For any real development you need to use the productised NEDs.

View solution in original post

9 Replies 9

vleijon
Cisco Employee
Cisco Employee

Make sure you use a production version of the NED and not the one that is distributed with NSO. Which NED version are you running?

My NSO version is 4.7 and below is the Cisco IOS NED details. So why should we not use the NED that is distributed with NSO, if so what is purpose of packaging NEDs along with a NSO image?

packages package cisco-ios
 package-version 3.0.0.3
 description     "NED package for Cisco IOS"
 ncs-min-version [ 3.0.2 ]
 directory       ./state/packages-in-use/1/cisco-ios
 component upgrade-ned-id
  upgrade java-class-name com.tailf.packages.ned.ios.UpgradeNedId
 component cisco-ios
  ned cli ned-id  cisco-ios
  ned cli java-class-name com.tailf.packages.ned.ios.IOSNedCli
  ned device vendor Cisco

The NEDs that ship with the NSO distribution are suitable only for running the examples that ship with NSO. For any real development you need to use the productised NEDs.

Alright, i have upgraded my NED. Now the proxy commands are enabled. As per the same i see the below ned-settings.

I am able to set the proxy prompt (before sending telnet) to # but am not able to set the proxy-prompt2(after sending telnet) to >.

 proxy-prompt              - Prompt pattern on the proxy before sending telnet/ssh command
  proxy-prompt2             - Prompt pattern on the proxy after sending telnet/ssh command
  remote-address            - Address of host behind the proxy
  remote-command            - Connection command used to initiate proxy on device.
  remote-connection         - Connection type between proxy and device
  remote-name               - User name on the device behind the proxy
  remote-password           - Password on the device behind the proxy
  remote-port               - Port of host behind the proxy

 

admin@ncs% show devices device router-ios-1 ned-settings
cisco-ios {
    connection {
        number-of-retries  2;
        time-between-retry 5;
        prompt-timeout     15000;
        send-login-newline true;
    }
    proxy {
        remote-connection telnet;
        remote-address    10.78.241.213;
        remote-port       2066;
        remote-command    R1;
        remote-name       admin;
        remote-password   $8$LMvw1+gRkRyr3uNHFlMlCBkpvVBza5hpeXAbwR6+Gtw=;
        proxy-prompt      "#";
        proxy-prompt2     >; (is this one not in double quote an issue?)
    }
}
[ok][2019-02-12 16:26:52]

It shouldn’t matter, it is simply that the CLI avoids quotes whenever it can to make things look prettier. You will see that the remote-name for instance is not quoted either. As an experiment you can try setting the prompt to something like “string with space” and see what the resulting output is.

My connection to the router fails from NSO. Below is the message. I earlier got an error message which stated connection refused, no response from device in state proxyjump. After some changes i now see the message pointing to proxylogin. Any help or inputs here pls

admin@ncs% request devices device router-ios-1 connect
result false
info Failed to connect to device router-ios-1: connection refused: Timeout after 15s, no response from device in state proxylogin
[ok][2019-02-12 22:49:04]

 

Below is the ned-settings configuration done

 

admin@ncs% show devices device router-ios-1 ned-settings
cisco-ios {
    connection {
        number-of-retries  2;
        time-between-retry 5;
        prompt-timeout     15000;
        send-login-newline true;
    }
    proxy {
        remote-connection         telnet;
        remote-address            192.168.250.1;
        remote-port               2066;
        remote-command            R1;
        remote-name               admin;
        remote-password           $8$LMvw1+gRkRyr3uNHFlMlCBkpvVBza5hpeXAbwR6+Gtw=;
        remote-secondary-password $8$cMrB6I/W/RwucQVoYY5d5Sin8r3n/jSgzrK6onCDy9s=;
        proxy-prompt              "#";
        proxy-prompt2             .*;
    }
}
[ok][2019-02-12 22:49:27]

 device connect issue is resolved. the mistake i made was that i had set wrong protocol for the jump server as telnet which should have been ssh.

 

Thanks @vleijon @KJ Rossavik

One final question. I see that the device connection status keeps fluctuating. I mean it said connected. After some time I see it not getting connected. And again get connected when no config changes or n/w changes are made. Please see below. Any reason for this unstable behavior?

 

admin@ncs% request devices device router-ios-1 connect
result false
info Failed to connect to device router-ios-1: connection refused: Timeout after 30s, no response from device in state login
[ok][2019-02-13 12:04:37]

[edit]
admin@ncs% request devices device router-ios-1 connect
result false
info Failed to connect to device router-ios-1: connection refused: Timeout after 30s, no response from device in state login
[ok][2019-02-13 12:05:18]

[edit]
admin@ncs% request devices device router-ios-1 connect
result true
info (admin) Connected to router-ios-1 - 10.78.241.213:22
[ok][2019-02-13 12:05:54]

[edit]
admin@ncs%

No, there should be no nso-reason for that to fail intermittently. The SSH part is usually rock-solid.

 

I recommend turning on the device trace (set devices global-settings trace raw) and checking in the trace file what seems to happen.

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community: