I'm trying to save to configs of our multiple context fwsm, but I keep getting these errors:
TELNET: Failed to establish TELNET connection to 192.168.3.1 - Cause: connect timed out. Couldnot exit from Module No. 0
TELNET: Failed to establish TELNET connection to 192.168.3.1 - Cause: connect timed out. Couldnot enter ENABLE Mode from CONFIG Mode on 192.168.3.1.
I'm using LMS2.6.
Does anybody know how I can solve this issue?
There is not enough information here to know what is going on. The best thing to do would be to get a sniffer trace of the telnet traffic between the LMS server and the FWSM when the sync archive job is running, then scan that trace for potential problems.
Additionally, enabling ArchiveMgmt Service debugging under RME > Admin > System Preferences > Loglevel Settings, then re-running the job will cause debug messages to be written to the dcmaservice.log. That may provide more of a clue as to what is happening.
There is a problem with the FWSM SC prompt. When RME first logs into the SC, the prompt is FWSM/NOB-cmf> . This changes to FWSM/NOB-cmf# when RME enables itself. Then, it changes to FWSM# . Based on the log, I'm not sure exactly what triggers that change. But the problem happens when RME finishes all of its work. It tries to exit from the device, but never gets back to the FWSM/NOB-cmf# prompt.
From the log, this appears to be the series that produces the FWSM# prompt:
FWSM# show pager
Can you confirm how the prompt turns from FWSM/NOB-cmf# to FWSM# ? I do not have an FWSM at hand with which to test, but if I can understand how we get to that FWSM# prompt, and how we can get back to FWSM/NOB-cmf# I may be able to patch this.
FWSM# is the system context prompt, so for RME to get there it should issue the command: changto system or changto context system.
To get back to the FWSM/NOB-cmf# prompt RME should issue the command:
changto context NOB-cmf (case-sensitve)
As far as I can see RME is able to save the configs from all the firewall contexts, but seems to skip the admin context (NOB-cmf), because I can't find that config anywhere.
Hope this helps solve the issue
Yes, I see the bug. We are entering the system context, but never properly reverting to the previous context on exit. What command will show you the current context?
Well the prompt shows you the name of the current context, like: FWSM/NOB-cmf# for example and FWSM# for the system context etc.
There is also the show context command, which will give an output like this:
FWSM/NOB-cmf# show context
Context Name Class Interfaces Mode URL
*NOB-cmf default NOB_DMZ,vlan63, Routed disk:/nob.cfg
But if you issue this command in the system context it will offcourse list all the contexts.
Yeah, reading from the prompt will probably be easier. I'm waiting for some other developer feedback on my proposed patch, but hopefully, I'll have a solution to this soon. You will need to open a TAC service request to get any patch, though.
This is a known bug, CSCsj70409, which will be fixed in RME 4.1.1 (part of LMS 3.0.1) due out next month. I have put in a request to have this fixed in RME 4.0 as well.