Highlighted
Honored Contributor.
Honored Contributor.
328 views

After 10.11.02 and driver update, Juniper devices now get SSH connect timeouts

Jump to solution

running: HP Network Automation 10.11.02 64-bit (Build 27-020917)

Driver build:   8592-013017

Tried reverting to drivers that worked pre-upgrade, same issue.

Tried restarting services.

SSH from command line on Linux works fine.

From application: tcpdump shows   syn-->syn ack-->  and then the NA server sends a reset.

I will look into the possiblility that it could be the virtual NIC of the server.

Untitled.png

 

0 Likes
1 Solution

Accepted Solutions
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: After 10.11.02 and driver update, Juniper devices now get SSH connect timeouts

Jump to solution

Hi @iamnoone,

patch 10.11.02 has a warning, did you applied this property on your adjustable_options.rcx?

Issue after the migration from 10.11 to 10.11.02, the fix is added to 10.11.03 and enabled by this:

 

<option name="ssh/maverick/socket/timeout">20000</option>

 

here are the details of the Warning:

 

2017-Mar-24 - A Critical Patch Warning has been issued by HPE.
Network Automation (NA) 10.11.02 patch NA_00041 introduces a problem in HP NA where the SSH server fails to start.

Additional details on this behavior may be found in Change Request QCCR1B152176. If you have already installed 10.11.02 or planning to, please contact HP Support to obtain a hotfix for QCCR1B152176.

This behaviour will be corrected in a superseding patch as soon as possible.

 

Pedro A. Batista
Customer Support Engineer

If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a KUDOS by clicking on the THUMB at the bottom left of the post and show your appreciation.

View solution in original post

3 Replies
Highlighted
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Re: After 10.11.02 and driver update, Juniper devices now get SSH connect timeouts

Jump to solution

Did you confirm connecting to this device via proxy sing SSH?

Ideally we should test for non-ideal connection(e.g latencies in the network)

Also a couple of troubleshooting questions:

Referring to the screenshot results you provided we could not give a conclusion, it looks like either NA SSHD is not listening on the SCP port or the device can't initiate a connection to NA (maybe firewall that only allow connection one way from NA->Device) you can check the communication by sniffing the network (using any network analyzer tool for your OS) on the NA side to see if there is anything coming from device.

If you can connect to NA and collect whole log setting some logging options on trace to see if the key negotiation is failing or something else is happening with

device/session/ssh
device/session/scp
device/session/log
feature/proxy (this will give us lots of good logs)

In case the problem persists you can feel free to open a case with Support To evaluate this particular sitution with you once you made all tests and collected the whole session logs with some specific options on trace.

I hope above information helps on your troubleshooting process.

Christian Henríquez M
Software Support L3 Engineer
Micro-Focus
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: After 10.11.02 and driver update, Juniper devices now get SSH connect timeouts

Jump to solution

Hi @iamnoone,

patch 10.11.02 has a warning, did you applied this property on your adjustable_options.rcx?

Issue after the migration from 10.11 to 10.11.02, the fix is added to 10.11.03 and enabled by this:

 

<option name="ssh/maverick/socket/timeout">20000</option>

 

here are the details of the Warning:

 

2017-Mar-24 - A Critical Patch Warning has been issued by HPE.
Network Automation (NA) 10.11.02 patch NA_00041 introduces a problem in HP NA where the SSH server fails to start.

Additional details on this behavior may be found in Change Request QCCR1B152176. If you have already installed 10.11.02 or planning to, please contact HP Support to obtain a hotfix for QCCR1B152176.

This behaviour will be corrected in a superseding patch as soon as possible.

 

Pedro A. Batista
Customer Support Engineer

If you find that this or any other post resolves your issue, please be sure to mark it as an accepted solution.
If you are satisfied with anyone’s response please remember to give them a KUDOS by clicking on the THUMB at the bottom left of the post and show your appreciation.

View solution in original post

Highlighted
Honored Contributor.
Honored Contributor.

Re: After 10.11.02 and driver update, Juniper devices now get SSH connect timeouts

Jump to solution

I figured it would be just as easy to install the 11.03 patch which includes the that particular fix.  The 03 patch documentation further noted the an issue related to latency & connecting to devices. 

I loaded the 03 patch and it resolved the issue.

THANKS!!!!

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.