cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
690
Views
5
Helpful
1
Replies

NSO FMC - device connectivity failure

Michal Garcarz
Cisco Employee
Cisco Employee

Hello Team,

 

NSO 4.6.2 with NED for FMC: ncs-4.6.2-cisco-fmc-1.0.6.signed.bin

 

Installed successfully, show packeges show the right data.

 

Device (FMC) added:

Screen Shot 2018-10-05 at 13.41.47.png

 

But sync up failing: 

Screen Shot 2018-10-05 at 13.32.55.png

Logs in /var/log/ + Packet captures confirms it;'s trying plain http over tcp/443 instead https (and of course FMC rejects such a request):
Screen Shot 2018-10-05 at 13.29.29.png

So why is that happening ? Is there any command under the device forcing SSL for tcp/443 ?
Should not NED force this ? (it's not possible to connect via plain http anyway).

Once i get thru this: there might be a problem with cert ? Can i somehow accept it ?

Thanks,
Michal

1 Accepted Solution

Accepted Solutions

Michael Maddern
Cisco Employee
Cisco Employee

Hi Michal,

 

There are some NED settings for this:

 

admin@ncs(config)# devices device fmc0 ned-settings cisco-fmc-connection ssl ?
Possible completions:
  accept-any    Accept any certificate (unsafe)
  certificate   Use specific DER formated SSL certificate

I think either of these will make it use SSL. If you set accept-any, this will also solve your second problem (but only use it for development and testing).

View solution in original post

1 Reply 1

Michael Maddern
Cisco Employee
Cisco Employee

Hi Michal,

 

There are some NED settings for this:

 

admin@ncs(config)# devices device fmc0 ned-settings cisco-fmc-connection ssl ?
Possible completions:
  accept-any    Accept any certificate (unsafe)
  certificate   Use specific DER formated SSL certificate

I think either of these will make it use SSL. If you set accept-any, this will also solve your second problem (but only use it for development and testing).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community: