cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1138
Views
24
Helpful
5
Replies

NX-OS 5.1(3)N1(1) VM-FEX configuration problem

Hello Gents

Cisco Nexus 5000 Series NX-OS Layer 2 Switching Configuration Guide, Release 5.1(3)N1(1) VM-FEX configuration article lists Step 6 as part of configuration procedure:

Step 6 Switch and vCenter: Install XML certificate from switch to vCenter.

a) Switch: Enable HTTP using the feature http command in config mode.

b) From a web browser, access the IP address of the switch and download the displayed XML certificate.

c) Switch: Disable HTTP using the no feature http command in config mode.

d) vCenter: Install the XML certificate plugin.

But enabling feature http-server doesnt enable http-server on switch: switch refuses http connections and if U check with command "sho feature | i http-serv" U will see 2 entries with http-server feature with one of them in disabled state.

Q is how enable http-server on switch (N5548UP) or is there other way to get the XML certificate from the switch?

Thank U

1 Accepted Solution

Accepted Solutions

Steve Fuller
Level 9
Level 9

Hi,

What do you see if you execute the show http-server command? Does it still show as enabled?

I just checked my switch here and I don't see two http-server entries, but I've noticed that connections are refused unless I connect to the IP address of the management interface, mgmt 0. If I try to connect to the IP address of any other interface I also see the connections refused.

Are you able to connect to the IP address assigned to the management interface and see if that works OK?

Regards

View solution in original post

5 Replies 5

Steve Fuller
Level 9
Level 9

Hi,

What do you see if you execute the show http-server command? Does it still show as enabled?

I just checked my switch here and I don't see two http-server entries, but I've noticed that connections are refused unless I connect to the IP address of the management interface, mgmt 0. If I try to connect to the IP address of any other interface I also see the connections refused.

Are you able to connect to the IP address assigned to the management interface and see if that works OK?

Regards

Yes, it (sho http-server) pretty shows http-server is enabled.

I also didn't try http access via mgmt0. Will check today. After a lot of thoughts  I believe XML certificate can be found somewhere in file system.

Many thanks to Steve, using mgmt I downloaded xml-files.

Now only one of them can be registered in Plug-in Manager of vCenter. I believe it's due the fact taht N5K's are already assembled in VPC-domain. Is it critical to have both XML-certificate installed in vCenter?

Hi,

I'm not sure whether both switches will have to be registered in vCenter as I've not setup VM-FEX.

It seems strange though that vPC would be the reason that only one certificate can be installed. In my mind the two switches are both independent apart from using a common LAG ID such that any downstream device connected via a port-channel sees both switches as a single entity.

Are the XML certificates that are exported from both switches exactly the same?

Regards

Pretty the same. svs connection is set up as expected thought. I have read in N5K-ops-VM-FEX that "The extension key is synchronized by the primary vPC member to the secondary vPC memeber. You can verify that the extension key is the same on both peers by using the show svs connection command." And yes, theay are. I try to move forward with VM-FEX.

Thank U Steve.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: