cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
603
Views
15
Helpful
8
Replies

Config Archival: Failed and Partially Successful Device

jeeyishyuan
Level 1
Level 1

Hi Experts,

I have two problems in archiving the devices.

1. Failed to establish TELNET connection to 10.71.225.245 -Cause: Authentication failed on device 3 times Failed to detect SSH version running on the device.

(I am able to telnet to the device manually. Telnet and enable passwords are double verified and confirmed to be correct.)

2.Command failedFailed to detect SSH version running on the device. VLAN Config fetch is not supported using TFTP. (Both running and startup config are successful but VLAN config is failed. Config archival is successful on the same model of switch -- 3548XL.)

I am wondering why are these two switches failed. Please advice.

Thanks and Regards,

YS

8 Replies 8

Joe Clarke
Cisco Employee
Cisco Employee

The first error is almost always correct. I know you've verified the credentials, but since you're using telnet, you should start a sniffer trace filtering on TCP port 23 traffic to this device, then perform another Sync Archive. When it fails, check the sniffer trace to see what credentials RME is using, and where the fetch fails.

The second problem indicates an issue being able to either login to this switch using telnet or SSH, or more likely, the TFTP is not allowed between device and server. In order for the vlan.dat config to be fetched, RME will login to the device using either telnet or SSH, then perform a "copy flash:vlan.dat tftp:" to transfer the file back to the RME server. If the network does not allow udp/69 and ephemeral UDP ports between the device and server, then you will see this error.

Hi joe,

Thanks for the reply but how could I check if the Port 69 is enable in between device and LMS? I thought I read that VLAN.dat is not supported by TFTP?

"Command failedFailed to detect SSH version running on the device. VLAN Config fetch is not supported using TFTP."

Hi Joe,

I have captured the telnet packets that I sniffed when I rerun the config archival for 10.71.225.245. Possible for you to advise based on the text file? Thanks!

Regards

YS

RME sends:

passcisc0

The device replies with the password prompt again indicating that this password is incorrect.

You could try to manually TFTP the vlan.dat file from the switch to the RME server. Create an empty vlan.dat in the NMSROOT\tftpboot on the RME server. Then, attempt to copy the vlan.dat from the switch to the server. I'm betting this times out.

When RME says that the vlan.dat fetch is not supported with TFTP it means it is not supported with SNMP-triggered TFTP. The vlan.dat is, in fact, transferred using TFTP, just not the same way as the running and startup configs.

Hi Joe,

Something that I don't understand is I am able to TFTP manually. The Vlan.dat file is actually successfully fetch from the switch using a third party TFTP server.

Aft I have tried to TFTP manually, the fetching of vlan.dat using Config Archival is successful instead. Just wondering why is it so?

Regards

YS

Run another sniffer trace filtering on all traffic to this switch. Perform a new Sync Archive job. When the vlan.dat fetch fails, the sniffer trace should show you why.

axa-wongjeff
Level 1
Level 1

What is your login prompt? Is it the standard "Username:" prompt or is it custom?

If it's custom, then Ciscoworks has a problem with it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco