Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
773
Views
1
Helpful
11
Replies

CUCM Unable to add backup Device.

00uqiocu6PtCHRDKn5d6
Level 1
Level 1

‎05-23-2024 10:58 AM

Hi All! 

 

Hope you are doing good! I have one client that is having issues trying to add a Backup device to the DRS system. 

The CUCM version is : 12.5(1)SU2

We already restart DRF Master and Loca

l on the cluster. 

Cluster details: 

PUB
SUB
CUP1 
CUP2 

I also regenerate IPsec Certificates on all the nodes and rebooted the whole cluster. 

the same error appears each time we try to add the backup device: 

00uqiocu6PtCHRDKn5d6_0-1716486112881.png

 

We used, Solarwind SFTP, FreeFTPD and BITvise as SFTP servers. 

Attached are some traces taken after we tried to add the backup device:

00uqiocu6PtCHRDKn5d6_1-1716486522327.png

 

00uqiocu6PtCHRDKn5d6_2-1716486678723.png

But the password and Username were correct we tested with WinSCP

Checking the upgrade history of the CUCM cluster it was upgraded from version 10.5.X to 12.5.X   there is any bug or defect that affects the Backups.?

admin:show version active

Active Master Version: 12.5.1.12900-115

Active Version Installed Software Options:

ciscocm.V12-5-1_CSCvt63366-rtmt_C0060-1.cop

 

admin:show version inactive

Inactive Master Version: 10.5.2.11900-3

Inactive Version Installed Software Options:

cmterm-devicepack10.5.2.13049-1.cop

ciscocm.free_common_space_v1.5.cop

 

Thanks for your help.

 

DRF LOGS CUCM.zip
0 Helpful
11 Replies 11

Maren Mahoney
VIP
VIP

‎05-28-2024 05:30 AM

If I am reading the error right, it's saying that your password is too short. Can you try again with a longer password? The password I use in my lab environment is 8 characters and that works with 12.5.

Maren

00uqiocu6PtCHRDKn5d6
Level 1
Level 1
In response to Maren Mahoney

‎05-28-2024 12:26 PM

Hi Maren, 
Good afternoon, thank you for your suggestion, but we already tried with different SFTP server and Users and passwords, the same error : Unable to connect to SFTP server. 

0 Helpful

Sadav Ansari
VIP Alumni
VIP Alumni

‎05-28-2024 07:13 AM

Use Titan FTP server and check, It should be work with FreeFTPD.

Create username password in FreeFTPD and same creds should be enter on backup device with corerct sftp server ip.

SadavAnsari_0-1716905519662.png

 

Pls rate if its "Helpful". If this answered your question pls click "Accept as Solution".

0 Helpful

00uqiocu6PtCHRDKn5d6
Level 1
Level 1
In response to Sadav Ansari

‎05-28-2024 12:27 PM

We tried with FreeSFTP using local computer and a Windows server but  the same error.

0 Helpful

Elliot Dierksen
VIP
VIP

‎05-28-2024 10:59 AM

I suspect it is a problem with the Ciphers or Key Exchange algorithms that your SFTP supports. Here is what I put into the sshd_config (OpenSSH) to make it play nice with DRS. There are a few version dependent things in here.

Ciphers aes128-cbc,3des-cbc,blowfish-cbc

These ones can be added to the default with multiple addition lines:

Ciphers +aes128-cbc
Ciphers +3des-cbc
Ciphers +blowfish-cbc

Not sure if this is needed

KexAlgorithms +diffie-hellman-group1-sha1


in sshd_config:

KexAlgorithms +diffie-hellman-group1-sha1
KexAlgorithms +diffie-hellman-group-exchange-sha1

Ciphers +aes128-cbc
# 3DES isn't supported on newer version of DRS or in
# newer versions of OpenSSH
Ciphers +3des-cbc

Newer Ubuntu needs this:
PubkeyAcceptedAlgorithms +ssh-rsa
HostkeyAlgorithms +ssh-rsa
0 Helpful

00uqiocu6PtCHRDKn5d6
Level 1
Level 1
In response to Elliot Dierksen

‎05-28-2024 12:55 PM

Hi Elliot, 

Thank you for your response how Can we change that part to FreeSFTP or Solarwinds ? 

Thanks 
Roman 

0 Helpful

Nithin Eluvathingal
VIP
VIP

‎05-28-2024 11:59 AM

Since you have tried different SFTP servers, it doesn’t appear to be an issue with the SFTP configuration. I assume it might be related to the ciphers being used.



Response Signature


0 Helpful

00uqiocu6PtCHRDKn5d6
Level 1
Level 1
In response to Nithin Eluvathingal

‎05-28-2024 12:53 PM

Hi Nithin Eluvathingal

Any idea how to change or adjust the ciphers to work with CUCM 12.5 and Solarwinds or FreeSFTP? 
I'm lost about that part of ciphears

0 Helpful

Nithin Eluvathingal
VIP
VIP
In response to 00uqiocu6PtCHRDKn5d6

‎05-28-2024 09:02 PM

AFAIK, the freeftpD and SolarWinds don’t offer that level of flexibility. You might want to consider using OpenSSH, or even explore Cisco Prime Collaboration Deployment as a backup solution



Response Signature


0 Helpful

Greg S
Level 1
Level 1

‎09-27-2024 01:02 PM - edited ‎09-27-2024 01:05 PM

Good afternoon.  We are trying to move our SFTP backup host from RHEL7.9 which is working to a new RHEL9 node.  On the RHEL9 node we are unable to connect from Cisco DRS on our call manager node via SFTP.    The only exception to this is if we enable SHA1 on the RHEL9 node.    This helped us confirm that there is a cipher or key algorithm mismatch, but enabling SHA1 is not a secure option to move forward with.

Does anyone have any suggestions on a working config to use SFTP via openssh on RHEL9?   i should add, we are running Call Manager 14SU4

Thanks!

Greg

0 Helpful

Greg S
Level 1
Level 1
In response to Greg S

‎09-27-2024 01:04 PM - edited ‎09-27-2024 01:05 PM

we are hopeful someone else has crossed this bridge

0 Helpful
Customers Also Viewed These Support Documents