Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1332
Views
4
Helpful
2
Replies

Inaccessible IronPort c670 appliance from both GUI and CLI. Can I tunnel-in from other c670 appliance in the cluster?

Go to solution
Chandan Visweswara
Level 1
Level 1

‎03-17-2014 01:24 AM

I am unable to access one of the 6 IronPort appliances. Also, got an error that the appliance has got disconnected from the cluster. Is there any CLI command I can use to possibly tunnel-into the faulty appliance from another appliance in the cluster to reboot?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee

‎03-17-2014 05:30 AM

No.  Normally, from 'clustermode' you can then access machine level on the different appliance(s) in cluster.  But, if this is disconnected, then that command is not going to work.

If you cannot SSH/telnet to the appliance in question, and do not have some form of remote console or access pre-configured, you will need to connect directly to the appliance, or hard boot the appliance in order to attempt to regain connectivity.  

Please see the C670 quick start guide for assistance:

http://www.cisco.com/c/dam/en/us/td/docs/security/esa/hw/C670_QSG.pdf

Setup and Management
•• For access by Ethernet™, connect to the Management Network
Port. Use a browser to access the web-based interface on the
default IP address 192.168.42.42. You can also access the
command line interface by SSH or terminal emulation software
on the same IP address. (The netmask is /24.)
•• Or, for Serial access, connect to the Serial Port. Access the command
line interface by a terminal emulator using 9600 bits, 8 bits, no parity,
1 stop bit (9600, 8, N, 1), flowcontrol = Hardware.

I hope this helps!

-Robert

 

(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)

Cheers,
Robert Sherwin

View solution in original post

2 Replies 2

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee

‎03-17-2014 05:30 AM

No.  Normally, from 'clustermode' you can then access machine level on the different appliance(s) in cluster.  But, if this is disconnected, then that command is not going to work.

If you cannot SSH/telnet to the appliance in question, and do not have some form of remote console or access pre-configured, you will need to connect directly to the appliance, or hard boot the appliance in order to attempt to regain connectivity.  

Please see the C670 quick start guide for assistance:

http://www.cisco.com/c/dam/en/us/td/docs/security/esa/hw/C670_QSG.pdf

Setup and Management
•• For access by Ethernet™, connect to the Management Network
Port. Use a browser to access the web-based interface on the
default IP address 192.168.42.42. You can also access the
command line interface by SSH or terminal emulation software
on the same IP address. (The netmask is /24.)
•• Or, for Serial access, connect to the Serial Port. Access the command
line interface by a terminal emulator using 9600 bits, 8 bits, no parity,
1 stop bit (9600, 8, N, 1), flowcontrol = Hardware.

I hope this helps!

-Robert

 

(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)

Cheers,
Robert Sherwin

Go to solution
Chandan Visweswara
Level 1
Level 1
In response to Robert Sherwin

‎03-19-2014 12:49 PM

Thanks Rob. We did a hard reboot which re-established the connections. This lockup appears to be related to how the memory is being exhausted on the ESA during regular processing. A defect it seems.

0 Helpful
Customers Also Viewed These Support Documents