Planet Collab

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Netmiko – SCP IOS upload Error Troubleshooting!

By italchemy

Netmiko File stransfer issues:

netmiko.ssh_exception.NetMikoTimeoutException: Timed-out reading channel, data not available

[brechoi@pynetauo scp_test]$ python3 transfer_file_scp.py
Traceback (most recent call last):
File “/usr/local/lib/python3.6/site-packages/paramiko/channel.py”, line 699, in recv
out = self.in_buffer.read(nbytes, self.timeout)
File “/usr/local/lib/python3.6/site-packages/paramiko/buffered_pipe.py”, line 164, in read
raise PipeTimeout()
paramiko.buffered_pipe.PipeTimeout

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 564, in _read_channel_expect
new_data = self.remote_conn.recv(MAX_BUFFER)
File “/usr/local/lib/python3.6/site-packages/paramiko/channel.py”, line 701, in recv
raise socket.timeout()
socket.timeout

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “transfer_file_scp.py”, line 28, in <module>
transfer_file(net_connect,”4mb_test_file1.bin”)
File “transfer_file_scp.py”, line 6, in transfer_file
net_connect.config_mode()
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco_base_connection.py”, line 40, in config_mode
return super().config_mode(config_command=config_command, pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 1644, in config_mode
if not self.check_config_mode():
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco/cisco_ios.py”, line 29, in check_config_mode
return super().check_config_mode(check_string=check_string, pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco_base_connection.py”, line 30, in check_config_mode
return super().check_config_mode(check_string=check_string, pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 1631, in check_config_mode
output = self.read_until_pattern(pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 641, in read_until_pattern
return self._read_channel_expect(*args, **kwargs)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 575, in _read_channel_expect
“Timed-out reading channel, data not available.”
netmiko.ssh_exception.NetmikoTimeoutException: Timed-out reading channel, data not available.

Root cause: caused by enable password, device downgrade you to exec mode, so you have to get into global mode.
Add net_connect.enable(cmd=’enable 15′) to the line.
===========================================
ValueError: Failed to enter enable mode. Please ensure you pass the ‘secret’ argument to ConnectHandler.

[brechoi@pynetauo scp_test]$ python3 transfer_file_scp.py
Traceback (most recent call last):
File “transfer_file_scp.py”, line 30, in <module>
transfer_file(net_connect,”4mb_test_file1.bin”)
File “transfer_file_scp.py”, line 6, in transfer_file
net_connect.enable(cmd=’enable 15′)
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco_base_connection.py”, line 18, in enable
return super().enable(cmd=cmd, pattern=pattern, re_flags=re_flags)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 1600, in enable
raise ValueError(msg)
ValueError: Failed to enter enable mode. Please ensure you pass the ‘secret’ argument to ConnectHandler.

Root cause: incorrect enable password
Solution: You must provide the correct enable password.

==================================================
scp.SCPException: Privilege denied.

[brechoi@pynetauo scp_test]$ python3 transfer_file_scp.py
Traceback (most recent call last):
File “transfer_file_scp.py”, line 30, in <module>
transfer_file(net_connect,”4mb_test_file1.bin”)
File “transfer_file_scp.py”, line 15, in transfer_file
scp_conn.scp_transfer_file(s_file, d_file)
File “/usr/local/lib/python3.6/site-packages/netmiko/scp_handler.py”, line 46, in scp_transfer_file
self.scp_client.put(source_file, dest_file)
File “/usr/local/lib/python3.6/site-packages/scp.py”, line 158, in put
self._recv_confirm()
File “/usr/local/lib/python3.6/site-packages/scp.py”, line 363, in _recv_confirm
raise SCPException(asunicode(msg[1:]))
scp.SCPException: Privilege denied.
Root cause: missing aaa configuration
Solution:
sw1(config)#aaa new-model
sw1(config)#aaa authentication login default local enable
sw1(config)#aaa authorization exec default local

Netmiko – SCP IOS upload Error Troubleshooting!

By italchemy

Netmiko File stransfer issues:

netmiko.ssh_exception.NetMikoTimeoutException: Timed-out reading channel, data not available

[brechoi@pynetauo scp_test]$ python3 transfer_file_scp.py
Traceback (most recent call last):
File “/usr/local/lib/python3.6/site-packages/paramiko/channel.py”, line 699, in recv
out = self.in_buffer.read(nbytes, self.timeout)
File “/usr/local/lib/python3.6/site-packages/paramiko/buffered_pipe.py”, line 164, in read
raise PipeTimeout()
paramiko.buffered_pipe.PipeTimeout

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 564, in _read_channel_expect
new_data = self.remote_conn.recv(MAX_BUFFER)
File “/usr/local/lib/python3.6/site-packages/paramiko/channel.py”, line 701, in recv
raise socket.timeout()
socket.timeout

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “transfer_file_scp.py”, line 28, in <module>
transfer_file(net_connect,”4mb_test_file1.bin”)
File “transfer_file_scp.py”, line 6, in transfer_file
net_connect.config_mode()
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco_base_connection.py”, line 40, in config_mode
return super().config_mode(config_command=config_command, pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 1644, in config_mode
if not self.check_config_mode():
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco/cisco_ios.py”, line 29, in check_config_mode
return super().check_config_mode(check_string=check_string, pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco_base_connection.py”, line 30, in check_config_mode
return super().check_config_mode(check_string=check_string, pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 1631, in check_config_mode
output = self.read_until_pattern(pattern=pattern)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 641, in read_until_pattern
return self._read_channel_expect(*args, **kwargs)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 575, in _read_channel_expect
“Timed-out reading channel, data not available.”
netmiko.ssh_exception.NetmikoTimeoutException: Timed-out reading channel, data not available.

Root cause: caused by enable password, device downgrade you to exec mode, so you have to get into global mode.
Add net_connect.enable(cmd=’enable 15′) to the line.
===========================================
ValueError: Failed to enter enable mode. Please ensure you pass the ‘secret’ argument to ConnectHandler.

[brechoi@pynetauo scp_test]$ python3 transfer_file_scp.py
Traceback (most recent call last):
File “transfer_file_scp.py”, line 30, in <module>
transfer_file(net_connect,”4mb_test_file1.bin”)
File “transfer_file_scp.py”, line 6, in transfer_file
net_connect.enable(cmd=’enable 15′)
File “/usr/local/lib/python3.6/site-packages/netmiko/cisco_base_connection.py”, line 18, in enable
return super().enable(cmd=cmd, pattern=pattern, re_flags=re_flags)
File “/usr/local/lib/python3.6/site-packages/netmiko/base_connection.py”, line 1600, in enable
raise ValueError(msg)
ValueError: Failed to enter enable mode. Please ensure you pass the ‘secret’ argument to ConnectHandler.

Root cause: incorrect enable password
Solution: You must provide the correct enable password.

==================================================
scp.SCPException: Privilege denied.

[brechoi@pynetauo scp_test]$ python3 transfer_file_scp.py
Traceback (most recent call last):
File “transfer_file_scp.py”, line 30, in <module>
transfer_file(net_connect,”4mb_test_file1.bin”)
File “transfer_file_scp.py”, line 15, in transfer_file
scp_conn.scp_transfer_file(s_file, d_file)
File “/usr/local/lib/python3.6/site-packages/netmiko/scp_handler.py”, line 46, in scp_transfer_file
self.scp_client.put(source_file, dest_file)
File “/usr/local/lib/python3.6/site-packages/scp.py”, line 158, in put
self._recv_confirm()
File “/usr/local/lib/python3.6/site-packages/scp.py”, line 363, in _recv_confirm
raise SCPException(asunicode(msg[1:]))
scp.SCPException: Privilege denied.
Root cause: missing aaa configuration
Solution:
sw1(config)#aaa new-model
sw1(config)#aaa authentication login default local enable
sw1(config)#aaa authorization exec default local

Cisco 3750/3850 install IOS using archive tar method

By italchemy

I have been working on Cisco 3850 and it has a new installation method called INSTALL mode which unpacks all files and save time during the book up and processing time. Since I do not have a Cisco 3850, the closest thing I can emulate this is the tar method used on older 3750 switches. My switches were running on BUNDLE mode, so had to archive tar the file to install the IOS on its seperate directory.

INSTALL method – decompress all files to the flash, similar to old tar method

BUNDLE mode – if you simply dump the IOS on the root of the flash:/ and your device is booting up from undecompressed image (.bin) file.

 

Read about 3850 INSTALL vs BUNDLE IOS upgrade and recovery process.

https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/117552-technote-cat3850-00.html

========

Important Command used:

show switch

switch 1 renumber 2

show flash

archive tar /xtract tftp://192.168.254.10/c3750-ipbasek9-tar.122-55.SE1.tar flash:

========

 
Switch#show switch
Switch/Stack Mac Address : 0023.059d.de00
H/W Current
Switch# Role Mac Address Priority Version State
———————————————————-
*1 Master 0023.059d.de00 10 0 Ready

Switch#conf t
Switch(config)#no switch 1 priority 14
Changing the Switch Priority of Switch Number 1 to 1
Do you want to continue?[confirm]
New Priority has been set successfully
Switch(config)#switch 1 renumber 2
WARNING: Changing the switch number may result in a
configuration change for that switch.
The interface configuration associated with the old switch
number will remain as a provisioned configuration.
Do you want to continue?[confirm]
Changing Switch Number 1 to Switch Number 2
New Switch Number will be effective after next reboot
Switch#ping 192.168.254.10
Sending 5, 100-byte ICMP Echos to 192.168.254.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/203/1007 ms

Switch#show flash

Directory of flash:/

2 -rwx 13006601 Mar 1 1993 03:44:48 +00:00 c3750-ipservicesk9-mz.122-55.SE5.bin
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
4 -rwx 1048 Mar 1 1993 00:01:44 +00:00 multiple-fs

15998976 bytes total (2988544 bytes free)
Switch#delete flash:c3750-ipservicesk9-mz.122-55.SE5.bin
Delete filename [c3750-ipservicesk9-mz.122-55.SE5.bin]?
Delete flash:c3750-ipservicesk9-mz.122-55.SE5.bin? [confirm]
Switch#$archive tar /xtract tftp://192.168.254.10/c3750-ipbasek9-tar.122-55.SE1.tar flash:
Loading c3750-ipbasek9-tar.122-55.SE1.tar from 192.168.254.10 (via Vlan1): !
c3750-ipbasek9-mz.122-55.SE1/ (directory)
c3750-ipbasek9-mz.122-55.SE1/html/ (directory)
extracting c3750-ipbasek9-mz.122-55.SE1/html/layers.js (1616 bytes)
extracting c3750-ipbasek9-mz.122-55.SE1/html/title.js (577 bytes)
… [Ommitted for brevity]
extracting c3750-ipbasek9-mz.122-55.SE1/html/images/cna_icon4.gif (1072 bytes)
extracting c3750-ipbasek9-mz.122-55.SE1/html/images/205701.gif (17278 bytes)
extracting c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin (12079771 bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!OOOOOOOOOOOOOOO!OOOOOOOOOOOOOOOOOOOO!OOOOOOOOOOOOOOOOOOOO!OOOOOOOOOOO
extracting c3750-ipbasek9-mz.122-55.SE1/info (681 bytes)O
extracting info (106 bytes)
[OK – 15257600 bytes]

Switch#show flash

Directory of flash:/

2 drwx 192 Mar 1 1993 00:17:41 +00:00 c3750-ipbasek9-mz.122-55.SE1
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
4 -rwx 1048 Mar 1 1993 00:01:44 +00:00 multiple-fs
449 -rwx 106 Mar 1 1993 00:17:42 +00:00 info

15998976 bytes total (948224 bytes free)

 
Switch#show boot system
flash:c3750-ipservicesk9-mz.122-55.SE5.bin

Switch#conf t

Switch(config)# no boot system flash:c3750-ipservicesk9-mz.122-55.SE5.bin

Switch#wri
Building configuration…
[OK]
Switch#reload
Proceed with reload? [confirm]

*Mar 1 00:19:11.277: %SYS-5-RELOAD: Reload requested by console. Reload reason: Reload command
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: 00:23:05:9d:de:00
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash…
flashfs[0]: 443 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 15053824
flashfs[0]: Bytes available: 945152
flashfs[0]: flashfs fsck took 38 seconds.
…done Initializing Flash.
done.
Loading “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin”…@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@… [Ommitted for brevity]

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin” uncompressed and installed, entry point: 0x1000000
executing…

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software – Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000

Initializing flashfs…

flashfs[1]: 443 files, 8 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 15998976
flashfs[1]: Bytes used: 15053824
flashfs[1]: Bytes available: 945152
flashfs[1]: flashfs fsck took 27 seconds.
flashfs[1]: Initialization complete….done Initializing flashfs.

Checking for Bootloader upgrade.. not needed
POST: CPU MIC register Tests : Begin
POST: CPU MIC register Tests : End, Status Passed

POST: PortASIC Memory Tests : Begin
POST: PortASIC Memory Tests : End, Status Passed

POST: CPU MIC interface Loopback Tests : Begin
POST: CPU MIC interface Loopback Tests : End, Status Passed

POST: PortASIC RingLoopback Tests : Begin
POST: PortASIC RingLoopback Tests : End, Status Passed

Waiting for Stack Master Election…
POST: Inline Power Controller Tests : Begin
POST: Inline Power Controller Tests : End, Status Passed

POST: PortASIC CAM Subsystem Tests : Begin
POST: PortASIC CAM Subsystem Tests : End, Status Passed

POST: No Cable found on stack port 1
POST: No Cable found on stack port 2

POST: PortASIC Stack Port Loopback Tests : Begin
POST: PortASIC Stack Port Loopback Tests : End, Status Passed

POST: PortASIC Port Loopback Tests : Begin
POST: PortASIC Port Loopback Tests : End, Status Passed

Election Complete
Switch 2 booting as Master
Waiting for Port download…Complete
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C3750-24P (PowerPC405) processor (revision R0) with 131072K bytes of memory.
Processor board ID FDO1235X4KN
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : 00:23:05:9D:DE:00
Motherboard assembly number : 73-9672-10
Power supply part number : 341-0029-05
Motherboard serial number : FDO123502G1
Power supply serial number : DTN122545WP
Model revision number : R0
Motherboard revision number : A0
Model number : WS-C3750-24PS-S
System serial number : FDO1235X4KN
Top Assembly Part Number : 800-25860-05
Top Assembly Revision Number : A0
Version ID : V06
CLEI Code Number : COMU410ARA
Hardware Board Revision Number : 0x01
Switch Ports Model SW Version SW Image
—— —– —– ———- ———-
* 2 26 WS-C3750-24P 12.2(55)SE1 C3750-IPBASEK9-M
Press RETURN to get started!
*Mar 1 00:01:35.319: %STACKMGR-4-SWITCH_ADDED: Switch 2 has been ADDED to the stack
*Mar 1 00:01:42.374: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Mar 1 00:01:43.725: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
*Mar 1 00:01:47.055: %SYS-5-CONFIG_I: Configured from memory by console
*Mar 1 00:01:47.315: %STACKMGR-5-SWITCH_READY: Switch 2 is READY
*Mar 1 00:01:47.315: %STACKMGR-4-STACK_LINK_CHANGE: Stack Port 1 Switch 2 has changed to state DOWN
*Mar 1 00:01:47.315: %STACKMGR-4-STACK_LINK_CHANGE: Stack Port 2 Switch 2 has changed to state DOWN
*Mar 1 00:01:47.709: %STACKMGR-5-MASTER_READY: Master Switch 2 is READY
*Mar 1 00:01:47.978: %SYS-5-RESTART: System restarted —
Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
*Mar 1 00:01:50.427: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet2/0/24, changed state to up
*Mar 1 00:01:51.786: %LINK-3-UPDOWN: Interface FastEthernet2/0/24, changed state to up% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]

*Mar 1 00:02:08.135: %SSH-5-ENABLED: SSH 1.99 has been enabled
*Mar 1 00:02:10.291: %PKI-6-AUTOSAVE: Running configuration saved to NVRAM
*Mar 1 00:02:19.821: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
Switch>
Switch>en
Switch#sh flash

Directory of flash:/

2 drwx 192 Mar 1 1993 00:17:41 +00:00 c3750-ipbasek9-mz.122-55.SE1
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
449 -rwx 106 Mar 1 1993 00:17:42 +00:00 info
450 -rwx 1939 Mar 1 1993 00:02:13 +00:00 private-config.text
451 -rwx 3096 Mar 1 1993 00:02:13 +00:00 multiple-fs
452 -rwx 2493 Mar 1 1993 00:02:11 +00:00 config.text

15998976 bytes total (941568 bytes free)
Switch#sh ver
Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

Switch uptime is 28 minutes
System returned to ROM by power-on
System image file is “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin”
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C3750-24P (PowerPC405) processor (revision R0) with 131072K bytes of memory.
Processor board ID FDO1235X4KN
Last reset from power-on
1 Virtual Ethernet interface
48 FastEthernet interfaces
4 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : 00:23:05:9D:DE:00
Motherboard assembly number : 73-9672-10
Power supply part number : 341-0029-05
Motherboard serial number : FDO123502G1
Power supply serial number : DTN122545WP
Model revision number : R0
Motherboard revision number : A0
Model number : WS-C3750-24PS-S
System serial number : FDO1235X4KN
Top Assembly Part Number : 800-25860-05
Top Assembly Revision Number : A0
Version ID : V06
CLEI Code Number : COMU410ARA
Hardware Board Revision Number : 0x01
Switch Ports Model SW Version SW Image
—— —– —– ———- ———-
* 2 26 WS-C3750-24P 12.2(55)SE1 C3750-IPBASEK9-M
Configuration register is 0xF

Switch#show version
Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

Switch uptime is 28 minutes
System returned to ROM by power-on
System image file is “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin”
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you

Switch#sh flash

Directory of flash:/

2 drwx 192 Mar 1 1993 00:17:41 +00:00 c3750-ipbasek9-mz.122-55.SE1
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
449 -rwx 106 Mar 1 1993 00:17:42 +00:00 info
450 -rwx 1939 Mar 1 1993 00:02:13 +00:00 private-config.text
451 -rwx 3096 Mar 1 1993 00:02:13 +00:00 multiple-fs
452 -rwx 2493 Mar 1 1993 00:02:11 +00:00 config.text

15998976 bytes total (941568 bytes free)

 

Switch#dir flash:c3750-ipbasek9-mz.122-55.SE1
Directory of flash:/c3750-ipbasek9-mz.122-55.SE1/

513 drwx 4608 Mar 1 1993 01:55:17 +00:00 html
4 -rwx 12079771 Mar 1 1993 02:08:32 +00:00 c3750-ipbasek9-mz.122-55.SE1.bin
7 -rwx 681 Mar 1 1993 02:08:32 +00:00 info

32514048 bytes total (17454080 bytes free)

Cisco 3750/3850 install IOS using archive tar method

By italchemy

I have been working on Cisco 3850 and it has a new installation method called INSTALL mode which unpacks all files and save time during the book up and processing time. Since I do not have a Cisco 3850, the closest thing I can emulate this is the tar method used on older 3750 switches. My switches were running on BUNDLE mode, so had to archive tar the file to install the IOS on its seperate directory.

INSTALL method – decompress all files to the flash, similar to old tar method

BUNDLE mode – if you simply dump the IOS on the root of the flash:/ and your device is booting up from undecompressed image (.bin) file.

 

Read about 3850 INSTALL vs BUNDLE IOS upgrade and recovery process.

https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/117552-technote-cat3850-00.html

========

Important Command used:

show switch

switch 1 renumber 2

show flash

archive tar /xtract tftp://192.168.254.10/c3750-ipbasek9-tar.122-55.SE1.tar flash:

========

 
Switch#show switch
Switch/Stack Mac Address : 0023.059d.de00
H/W Current
Switch# Role Mac Address Priority Version State
———————————————————-
*1 Master 0023.059d.de00 10 0 Ready

Switch#conf t
Switch(config)#no switch 1 priority 14
Changing the Switch Priority of Switch Number 1 to 1
Do you want to continue?[confirm]
New Priority has been set successfully
Switch(config)#switch 1 renumber 2
WARNING: Changing the switch number may result in a
configuration change for that switch.
The interface configuration associated with the old switch
number will remain as a provisioned configuration.
Do you want to continue?[confirm]
Changing Switch Number 1 to Switch Number 2
New Switch Number will be effective after next reboot
Switch#ping 192.168.254.10
Sending 5, 100-byte ICMP Echos to 192.168.254.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/203/1007 ms

Switch#show flash

Directory of flash:/

2 -rwx 13006601 Mar 1 1993 03:44:48 +00:00 c3750-ipservicesk9-mz.122-55.SE5.bin
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
4 -rwx 1048 Mar 1 1993 00:01:44 +00:00 multiple-fs

15998976 bytes total (2988544 bytes free)
Switch#delete flash:c3750-ipservicesk9-mz.122-55.SE5.bin
Delete filename [c3750-ipservicesk9-mz.122-55.SE5.bin]?
Delete flash:c3750-ipservicesk9-mz.122-55.SE5.bin? [confirm]
Switch#$archive tar /xtract tftp://192.168.254.10/c3750-ipbasek9-tar.122-55.SE1.tar flash:
Loading c3750-ipbasek9-tar.122-55.SE1.tar from 192.168.254.10 (via Vlan1): !
c3750-ipbasek9-mz.122-55.SE1/ (directory)
c3750-ipbasek9-mz.122-55.SE1/html/ (directory)
extracting c3750-ipbasek9-mz.122-55.SE1/html/layers.js (1616 bytes)
extracting c3750-ipbasek9-mz.122-55.SE1/html/title.js (577 bytes)
… [Ommitted for brevity]
extracting c3750-ipbasek9-mz.122-55.SE1/html/images/cna_icon4.gif (1072 bytes)
extracting c3750-ipbasek9-mz.122-55.SE1/html/images/205701.gif (17278 bytes)
extracting c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin (12079771 bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!OOOOOOOOOOOOOOO!OOOOOOOOOOOOOOOOOOOO!OOOOOOOOOOOOOOOOOOOO!OOOOOOOOOOO
extracting c3750-ipbasek9-mz.122-55.SE1/info (681 bytes)O
extracting info (106 bytes)
[OK – 15257600 bytes]

Switch#show flash

Directory of flash:/

2 drwx 192 Mar 1 1993 00:17:41 +00:00 c3750-ipbasek9-mz.122-55.SE1
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
4 -rwx 1048 Mar 1 1993 00:01:44 +00:00 multiple-fs
449 -rwx 106 Mar 1 1993 00:17:42 +00:00 info

15998976 bytes total (948224 bytes free)

 
Switch#show boot system
flash:c3750-ipservicesk9-mz.122-55.SE5.bin

Switch#conf t

Switch(config)# no boot system flash:c3750-ipservicesk9-mz.122-55.SE5.bin

Switch#wri
Building configuration…
[OK]
Switch#reload
Proceed with reload? [confirm]

*Mar 1 00:19:11.277: %SYS-5-RELOAD: Reload requested by console. Reload reason: Reload command
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: 00:23:05:9d:de:00
Xmodem file system is available.
The password-recovery mechanism is enabled.
Initializing Flash…
flashfs[0]: 443 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 15053824
flashfs[0]: Bytes available: 945152
flashfs[0]: flashfs fsck took 38 seconds.
…done Initializing Flash.
done.
Loading “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin”…@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@… [Ommitted for brevity]

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin” uncompressed and installed, entry point: 0x1000000
executing…

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software – Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000

Initializing flashfs…

flashfs[1]: 443 files, 8 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 15998976
flashfs[1]: Bytes used: 15053824
flashfs[1]: Bytes available: 945152
flashfs[1]: flashfs fsck took 27 seconds.
flashfs[1]: Initialization complete….done Initializing flashfs.

Checking for Bootloader upgrade.. not needed
POST: CPU MIC register Tests : Begin
POST: CPU MIC register Tests : End, Status Passed

POST: PortASIC Memory Tests : Begin
POST: PortASIC Memory Tests : End, Status Passed

POST: CPU MIC interface Loopback Tests : Begin
POST: CPU MIC interface Loopback Tests : End, Status Passed

POST: PortASIC RingLoopback Tests : Begin
POST: PortASIC RingLoopback Tests : End, Status Passed

Waiting for Stack Master Election…
POST: Inline Power Controller Tests : Begin
POST: Inline Power Controller Tests : End, Status Passed

POST: PortASIC CAM Subsystem Tests : Begin
POST: PortASIC CAM Subsystem Tests : End, Status Passed

POST: No Cable found on stack port 1
POST: No Cable found on stack port 2

POST: PortASIC Stack Port Loopback Tests : Begin
POST: PortASIC Stack Port Loopback Tests : End, Status Passed

POST: PortASIC Port Loopback Tests : Begin
POST: PortASIC Port Loopback Tests : End, Status Passed

Election Complete
Switch 2 booting as Master
Waiting for Port download…Complete
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C3750-24P (PowerPC405) processor (revision R0) with 131072K bytes of memory.
Processor board ID FDO1235X4KN
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : 00:23:05:9D:DE:00
Motherboard assembly number : 73-9672-10
Power supply part number : 341-0029-05
Motherboard serial number : FDO123502G1
Power supply serial number : DTN122545WP
Model revision number : R0
Motherboard revision number : A0
Model number : WS-C3750-24PS-S
System serial number : FDO1235X4KN
Top Assembly Part Number : 800-25860-05
Top Assembly Revision Number : A0
Version ID : V06
CLEI Code Number : COMU410ARA
Hardware Board Revision Number : 0x01
Switch Ports Model SW Version SW Image
—— —– —– ———- ———-
* 2 26 WS-C3750-24P 12.2(55)SE1 C3750-IPBASEK9-M
Press RETURN to get started!
*Mar 1 00:01:35.319: %STACKMGR-4-SWITCH_ADDED: Switch 2 has been ADDED to the stack
*Mar 1 00:01:42.374: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Mar 1 00:01:43.725: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
*Mar 1 00:01:47.055: %SYS-5-CONFIG_I: Configured from memory by console
*Mar 1 00:01:47.315: %STACKMGR-5-SWITCH_READY: Switch 2 is READY
*Mar 1 00:01:47.315: %STACKMGR-4-STACK_LINK_CHANGE: Stack Port 1 Switch 2 has changed to state DOWN
*Mar 1 00:01:47.315: %STACKMGR-4-STACK_LINK_CHANGE: Stack Port 2 Switch 2 has changed to state DOWN
*Mar 1 00:01:47.709: %STACKMGR-5-MASTER_READY: Master Switch 2 is READY
*Mar 1 00:01:47.978: %SYS-5-RESTART: System restarted —
Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
*Mar 1 00:01:50.427: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet2/0/24, changed state to up
*Mar 1 00:01:51.786: %LINK-3-UPDOWN: Interface FastEthernet2/0/24, changed state to up% Generating 1024 bit RSA keys, keys will be non-exportable…[OK]

*Mar 1 00:02:08.135: %SSH-5-ENABLED: SSH 1.99 has been enabled
*Mar 1 00:02:10.291: %PKI-6-AUTOSAVE: Running configuration saved to NVRAM
*Mar 1 00:02:19.821: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
Switch>
Switch>en
Switch#sh flash

Directory of flash:/

2 drwx 192 Mar 1 1993 00:17:41 +00:00 c3750-ipbasek9-mz.122-55.SE1
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
449 -rwx 106 Mar 1 1993 00:17:42 +00:00 info
450 -rwx 1939 Mar 1 1993 00:02:13 +00:00 private-config.text
451 -rwx 3096 Mar 1 1993 00:02:13 +00:00 multiple-fs
452 -rwx 2493 Mar 1 1993 00:02:11 +00:00 config.text

15998976 bytes total (941568 bytes free)
Switch#sh ver
Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

Switch uptime is 28 minutes
System returned to ROM by power-on
System image file is “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin”
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C3750-24P (PowerPC405) processor (revision R0) with 131072K bytes of memory.
Processor board ID FDO1235X4KN
Last reset from power-on
1 Virtual Ethernet interface
48 FastEthernet interfaces
4 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : 00:23:05:9D:DE:00
Motherboard assembly number : 73-9672-10
Power supply part number : 341-0029-05
Motherboard serial number : FDO123502G1
Power supply serial number : DTN122545WP
Model revision number : R0
Motherboard revision number : A0
Model number : WS-C3750-24PS-S
System serial number : FDO1235X4KN
Top Assembly Part Number : 800-25860-05
Top Assembly Revision Number : A0
Version ID : V06
CLEI Code Number : COMU410ARA
Hardware Board Revision Number : 0x01
Switch Ports Model SW Version SW Image
—— —– —– ———- ———-
* 2 26 WS-C3750-24P 12.2(55)SE1 C3750-IPBASEK9-M
Configuration register is 0xF

Switch#show version
Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(55)SE1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 02-Dec-10 07:46 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02D00000

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)

Switch uptime is 28 minutes
System returned to ROM by power-on
System image file is “flash:/c3750-ipbasek9-mz.122-55.SE1/c3750-ipbasek9-mz.122-55.SE1.bin”
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you

Switch#sh flash

Directory of flash:/

2 drwx 192 Mar 1 1993 00:17:41 +00:00 c3750-ipbasek9-mz.122-55.SE1
3 -rwx 676 Mar 1 1993 00:03:56 +00:00 vlan.dat
449 -rwx 106 Mar 1 1993 00:17:42 +00:00 info
450 -rwx 1939 Mar 1 1993 00:02:13 +00:00 private-config.text
451 -rwx 3096 Mar 1 1993 00:02:13 +00:00 multiple-fs
452 -rwx 2493 Mar 1 1993 00:02:11 +00:00 config.text

15998976 bytes total (941568 bytes free)

 

Switch#dir flash:c3750-ipbasek9-mz.122-55.SE1
Directory of flash:/c3750-ipbasek9-mz.122-55.SE1/

513 drwx 4608 Mar 1 1993 01:55:17 +00:00 html
4 -rwx 12079771 Mar 1 1993 02:08:32 +00:00 c3750-ipbasek9-mz.122-55.SE1.bin
7 -rwx 681 Mar 1 1993 02:08:32 +00:00 info

32514048 bytes total (17454080 bytes free)

Scenario#50 – Cisco MRA: Jabber cannot connect Softphone mode over Expressway

By asharsidd
Photo by Pixabay on Pexels.com

Due to COVID-19 and the global pandemic situation more and more people are working from home and are coming across different challenges.

Many of them who use to work from a corporate location are coming across issues that they never faced before.

I worked on such a case recently where a user was having a problem connecting his Jabber over MRA (Mobile Remote Access) and getting softphone mode working. If he connects to corporate VPN and then fires up Jabber it connects fine and he can make and receive calls. The problem was that he was supposed to join an external training which was not accessible on his corporate VPN network and he also wanted to use Jabber for calls.

I started investigating and initially I thought if there is anything wrong with the Expressways? I did a quick health check and found no issues at Expressways. I also did an SRV check using Cisco Collaboration solutions Analyzer and that came out clean with all relevant ports open. From his PC I did an SRV check for Collab-Edge to see if it is resolving to correct Expressway cluster and that displayed correct result. You can do this quick test using the following command from a user’s PC command prompt:

nslookup -type=srv _collab-edge._tls.xyx.com

When you start Cisco Jabber it goes through a sequence of discovering as to how your jabber is connected and where it should go to fetch all services. For Jabber which is inside a corporate network it looks for cisco-uds while outside a network it is looking for collab-edge. Hopefully I will discuss this in a separate post as how Jabber connects and the routine it follows.

Softphone - Not working
Status: Not connected
Protocol: SIP
Address: CUCM3.corp.xyx.com (CCMCIP - Expressway) (Unknown)
Cause: connection error. Make sure that the server information on the Phone Services tab in the Options window is correct. If you need help, contact the system administrator.


Desk phone - None
Status: Not connected
Protocol: CTI
Address: (CTI) (Unknown)

Video for desk phones - information
Status: Not available
Cause: Video for desk phones is not available in softphone mode.


Voicemail - None
Status: Not connected. Awaiting repetition.
Address: Unity1.corp.xyx.com (IPV4)
Port: 443
Protocol: VMREST (HTTPS)


Presence - working
Status: Connected
Protocol: XMPP
Address: Server1.xyx.com (IPV4)    <<< Expressway-E
Port: 5222


Conferences - working
Status: Last connection attempt successful.
Protocol: HTTPS
MeetingAccount: John.doe@xyx.com
Address: meetings.xyx.com (IPV4)


Outlook address book - working
Status: Last connection attempt successful.
Protocol: MAPI
Address: Outlook (Unknown)


Directory - working
Status: Last connection attempt successful.
Address: CUCM2.corp.xyx.com  (IPV4)
Protocol: UDS (HTTPS)

As you can see CCMCIP-Expressway was showing as unknown. I collected the PRT report and this is what I found after the discovering stage:

Note: All IP addresses and hostnames have been changed to dummy values:

## Jabber discovers the Expressway-E : Server1.xyx.com

2020-05-06 16:29:30,457 DEBUG [0x000033e0] [ore\sipstack\sip_common_transport.c(717)] [csf.sip-call-control] [sip_get_local_ip_addr] – SIPCC-SIP_TRANS: sip_get_local_ip_addr: src_addr: 172.1.1.1
2020-05-06 16:29:30,457 INFO [0x000033e0] [mmon\network\SoftPhoneDnsHelper.cpp(129)] [csf.ecc] [csf::ecc::SoftPhoneDnsHelperImpl::queryDns] – hostname=Server1.xyx.com, family=AF_INET, useDNSCache=true
2020-05-06 16:29:30,457 INFO [0x000033e0] [mmon\network\SoftPhoneDnsHelper.cpp(246)] [csf.ecc] [csf::ecc::SoftPhoneDnsHelperImpl::doNetworkLookup] – hostname=Server1.xyx.com, family=AF_INET
2020-05-06 16:29:30,457 DEBUG [0x000033e0] [n\network\SocketHelperFunctions.cpp(294)] [csf.network.helper] [getIpAddressByHostname] – Attempting to resolve “Server1.xyx.com” for protocol AF_INET
2020-05-06 16:29:30,458 INFO [0x000036dc] [n\network\SocketHelperFunctions.cpp(181)] [csf.network.helper] [getIpAddressExcuteThread] – start excute thread

## Jabber discovers the Expressway-E IP address

2020-05-06 16:29:30,458 DEBUG [0x000036dc] [n\network\SocketHelperFunctions.cpp(246)] [csf.network.helper] [getIpAddressExcuteThread] – Server1.xyx.com resolved to IP address:193.1.x.10, retCode:0
2020-05-06 16:29:30,458 DEBUG [0x000036dc] [n\network\SocketHelperFunctions.cpp(258)] [csf.network.helper] [getIpAddressExcuteThread] – end excute thread, ctrl:17BE6CEC
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [n\network\SocketHelperFunctions.cpp(320)] [csf.network.helper] [getIpAddressByHostname] – IP Address:193.1.x.10, error code: 0
2020-05-06 16:29:30,458 INFO [0x000033e0] [mmon\network\SoftPhoneDnsHelper.cpp(235)] [csf.ecc] [csf::ecc::SoftPhoneDnsHelperImpl::queryDns] – hostname=Server1.xyx.com, family=AF_INET – SUCCESS: lookup succeeded, v4(193.1.x.10) v6()2020-05-06 16:29:30,458 DEBUG [0x000033e0] [onewrapper\ccapi_plat_api_impl.cpp(2029)] [csf.ecc.sipcc] [SIPCCPlatBinding::platGetLocalIPAddr] – ipMode=IPv6Preferred, dst_addr->type=IPv4
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [onewrapper\ccapi_plat_api_impl.cpp(2104)] [csf.ecc.sipcc] [SIPCCPlatBinding::platGetLocalIPAddr] – SIPCC will use local IPv4 address: 172.1.1.1 for destination: 193.1.x.10
2020-05-06 16:29:30,458 INFO [0x000033e0] [re\sipstack\sip_common_transport.c(1133)] [csf.sip-call-control] [sip_transport_init_ti_addr] – SIPCC-SIP_TRANS: sip_transport_init_ti_addr: Entered transport: 3 Sec Level: 2 IP type: 1
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [re\sipstack\sip_common_transport.c(1679)] [csf.sip-call-control] [sip_transport_setup_cc_conn] – SIPCC-SIP_CC_CONN: sip_transport_setup_cc_conn: ccm id:1, status:-1, other_status:-1, type:1, other_type:0
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [onewrapper\ccapi_plat_api_impl.cpp(1078)] [csf.ecc.sipcc] [SIPCCPlatBinding::platSecIsServerSecure] – secIsServerSecure() indicated server is secure because we are in edge mode.
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [\core\sipstack\ccsip_platform_tls.c(122)] [csf.sip-call-control] [sip_tls_create_connection] – SIPCC-SIP_TLS: sip_tls_create_connection: Creating secure connection
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [onewrapper\ccapi_plat_api_impl.cpp(1332)] [csf.ecc.sipcc] [SIPCCPlatBinding::platSecSocConnect] – platSecSocConnect(): displayHost=Server1.xyx.com, pIPAddrString=193.1.x.10:5061, blocking=false, plat_soc_connection_mode=1, plat_secure_connection_type=1
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [roject\secCommon\src\sec_ssl_api.c(2501)] [csf.ecc.handyiron] [performSingleConnect] – Invoking non-blocking connect(). Will allow up to 3 seconds for this connect to succeed.
2020-05-06 16:29:30,458 DEBUG [0x000033e0] [honewrapper\ccapi_plat_api_impl.cpp(352)] [csf.ecc.sipcc] [SIPCCPlatBinding::isShuttingDown] – –>
2020-05-06 16:29:30,459 DEBUG [0x000033e0] [roject\secCommon\src\sec_ssl_api.c(2514)] [csf.ecc.handyiron] [performSingleConnect] – connect return.
2020-05-06 16:29:30,997 DEBUG [0x00001708] [ls\src\http\MultiHttpClientImpl.cpp(813)] [csf.httpclient] [csf::http::MultiHttpClientImpl::RequestProcessing::run] – [0x1795be78] waiting for new requests
2020-05-06 16:29:31,737 DEBUG [0x000010ec] [ch\TriDroppedConnectionDetector.cpp(120)] [csf.jwcpp] [gloox::CTriDroppedConnectionDetector::onKeepaliveTimer] – @XmppSDK: #0, onKeepaliveTimer, timer
2020-05-06 16:29:32,396 DEBUG [0x00002f0c] [etutils\src\http\CurlHttpUtils.cpp(1834)] [csf.httpclient] [csf::http::CurlHttpUtils::logOperationTiming] – Request #135 network IO timestamps: [name lookup = 0.031 ; connect = 0 ; ssl connect = 0 ; pre-transfer = 0 ; start-transfer = 0 ; total = 10 ; redirect = 0]

##Connection timing out

2020-05-06 16:29:32,396 INFO [0x00002f0c] [ls\src\http\CurlAnswerEvaluator.cpp(122)] [csf.httpclient] [csf::http::CurlAnswerEvaluator::curlCodeToResult] – Request #135 got curlCode=[28] curl error message=[Connection timed out after 10000 milliseconds] ttpClientResult=CONNECTION_TIMEOUT_ERROR] fips enabled=[false]

##Trying second Expressway-E: Server2.xyx.com but getting same CONNECTION FAILED Error

2020-05-06 16:29:32,396 INFO [0x00002f0c] [ls\src\http\BasicHttpClientImpl.cpp(562)] [csf.httpclient] [csf::http::executeImpl] – *—–* HTTP response code 0 for request #135 to https://Server2.xyx.com:8443/aGVpZGVsYmVyZy5jb20/get_edge_config?service_name=_cisco-uds&service_name=_cuplogin
2020-05-06 16:29:32,396 ERROR [0x00002f0c] [ls\src\http\BasicHttpClientImpl.cpp(567)] [csf.httpclient] [csf::http::executeImpl] – There was an issue performing the call to curl_easy_perform for request #135: CONNECTION_TIMEOUT_ERROR
2020-05-06 16:29:32,396 DEBUG [0x00002f0c] [etutils\src\http\HttpRequestData.cpp(91)] [csf.httpclient] [csf::http::HttpRequestData::returnEasyCURLConnection] – Request #135 returning borrowed EasyCURLConnection
2020-05-06 16:29:32,396 DEBUG [0x00002f0c] [\src\edge\EdgeConfigRequestImpl.cpp(207)] [csf.edge] [csf::edge::EdgeConfigRequestImpl::execute] – *—–* Get Edge Config HTTP Result: CONNECTION_FAILED, HTTP Response Code: 0
2020-05-06 16:29:32,396 ERROR [0x00002f0c] [\src\edge\EdgeConfigRequestImpl.cpp(211)] [csf.edge] [csf::edge::EdgeConfigRequestImpl::execute] – Edge Config Request failed, httpResult: CONNECTION_FAILED
2020-05-06 16:29:32,396 INFO [0x00002f0c] [s\src\edge\GlobalEdgeStateImpl.cpp(1391)] [csf.edge] [csf::edge::GlobalEdgeStateImpl::executeEdgeConfigRequest] – server Server2.xyx.com failed, but is the last server on the list, so will not be added to the failed list
2020-05-06 16:29:32,396 WARN [0x00002f0c] [s\src\edge\GlobalEdgeStateImpl.cpp(1437)] [csf.edge] [csf::edge::GlobalEdgeStateImpl::executeEdgeConfigRequest] – Warning, request failed with error: [INTERNAL_ERROR]. Attempting to failover.
2020-05-06 16:29:32,396 WARN [0x00002f0c] [s\src\edge\GlobalEdgeStateImpl.cpp(1462)] [csf.edge] [csf::edge::GlobalEdgeStateImpl::executeEdgeConfigRequest] – Failed to retrieve EdgeConfig with error:INTERNAL_ERROR
2020-05-06 16:29:32,396 INFO [0x000035bc] [s\src\edge\GlobalEdgeStateImpl.cpp(1279)] [csf.edge] [csf::edge::GlobalEdgeStateImpl::attemptServer] – Attempting request with host name:Server2.xyx.com, port:8443

2020-05-06 16:29:32,397 INFO [0x000035bc] [etutils\src\http\CurlHttpUtils.cpp(1116)] [csf.httpclient] [csf::http::CurlHttpUtils::configureEasyRequest] – *—–* Configuring request #136 GET https://Server2.xyx.com:8443/aGVpZGVsYmVyZy5jb20/get_edge_config?service_name=_cisco-uds&service_name=_cuplogin
2020-05-06 16:29:32,397 INFO [0x000035bc] [etutils\src\http\CurlHttpUtils.cpp(1895)] [csf.httpclient] [csf::http::CurlHeaders::CurlHeaders] – Number of Request Headers : 1
2020-05-06 16:29:32,397 DEBUG [0x000035bc] [etutils\src\http\CurlHttpUtils.cpp(1571)] [csf.httpclient] [csf::http::CurlHttpUtils::addOauthToken] – Using authentication OAUTH with token
2020-05-06 16:29:32,397 DEBUG [0x000035bc] [etutils\src\http\CurlHttpUtils.cpp(1523)] [csf.httpclient] [csf::http::CurlHttpUtils::configureEasyRequest] – Request #136 configured with: connection timeout 10000 msec, transfer timeout 30000 msec
2020-05-06 16:29:32,397 DEBUG [0x000035bc] [ls\src\http\BasicHttpClientImpl.cpp(633)] [csf.httpclient] [csf::http::performCurlRequest] – About to perform curl connection request #136
2020-05-06 16:29:32,402 DEBUG [0x000035bc] [netutils\src\http\CurlHttpUtils.cpp(191)] [csf.httpclient] [csf::http::CurlHttpUtils::curlTraceCallback] – Request #136 pre connect phase: ‘ Trying 193.1.x.20…’
2020-05-06 16:29:32,493 DEBUG [0x000033e0] [roject\secCommon\src\sec_ssl_api.c(2489)] [csf.ecc.handyiron] [isSockConnected] – getsockopt(SOL_SOCKET, SO_ERROR) : n=0, err=10061
2020-05-06 16:29:32,493 DEBUG [0x000033e0] [roject\secCommon\src\sec_ssl_api.c(2551)] [csf.ecc.handyiron] [performSingleConnect] – socket signalled an exception.
2020-05-06 16:29:32,493 ERROR [0x000033e0] [onewrapper\ccapi_plat_api_impl.cpp(1198)] [csf.ecc.sipcc] [eccSecEstablishSecureConnection] – secSSLConnect(remoteIP=193.1.x.10, port=5061) returned NULL.
2020-05-06 16:29:32,493 INFO [0x000033e0] [tiveapp\sipcc\core\ccapp\cc_alarm.c(816)] [csf.sip-call-control] [setUnregReason] – SIPCC-PLAT_API: setUnregReason: setting unreg reason to=106
2020-05-06 16:29:32,493 DEBUG [0x000033e0] [veapp\sipcc\core\api\ccapi_device.c(100)] [csf.sip-call-control] [CCAPI_Device_getDeviceInfo] – SNAPSHOT-CREATE: CCAPI_Device_getDeviceInfo: g_deviceInfo.ins_state=0
2020-05-06 16:29:32,494 DEBUG [0x000033e0] [veapp\sipcc\core\api\ccapi_device.c(122)] [csf.sip-call-control] [CCAPI_Device_getDeviceInfo] – SNAPSHOT-CREATE: CCAPI_Device_getDeviceInfo: deviceInfo->sis_name=
2020-05-06 16:29:32,494 DEBUG [0x000033e0] [veapp\sipcc\core\api\ccapi_device.c(125)] [csf.sip-call-control] [CCAPI_Device_getDeviceInfo] – SNAPSHOT-CREATE: CCAPI_Device_getDeviceInfo: reference pointer=1bf24998
2020-05-06 16:29:32,494 DEBUG [0x000033e0] [veapp\sipcc\core\api\ccapi_device.c(128)] [csf.sip-call-control] [CCAPI_Device_getDeviceInfo] – SNAPSHOT-CREATE: CCAPI_Device_getDeviceInfo: deviceInfo->ins_state=0
2020-05-06 16:29:32,494 DEBUG [0x000033e0] [\sipcc\core\api\ccapi_device_info.c(235)] [csf.sip-call-control] [CCAPI_DeviceInfo_getCUCMMode] – SIPCC-SIP_CC_PROV: 0x1bf24998, CCAPI_DeviceInfo_getCUCMMode: returned 00
2020-05-06 16:29:32,494 INFO [0x000033e0] [tiveapp\sipcc\core\ccapp\cc_alarm.c(880)] [csf.sip-call-control] [setUnregReason] – SIPCC-PLAT_API: setUnregReason: value of first_oos_alarm_set=1
2020-05-06 16:29:32,494 DEBUG [0x000033e0] [veapp\sipcc\core\api\ccapi_device.c(218)] [csf.sip-call-control] [CCAPI_Device_releaseDeviceInfo] – SNAPSHOT-RELEASE: CCAPI_Device_releaseDeviceInfo: reference pointer=1bf24998
2020-05-06 16:29:32,494 ERROR [0x000033e0] [\core\sipstack\ccsip_platform_tls.c(157)] [csf.sip-call-control] [sip_tls_create_connection] – SIPCC-SIP_TLS: sip_tls_create_connection: Secure connect failed!!


I jumped onto the Expressways-E/C and tried to search for the user id and the CSF profile but there were no records of any attempt by this user.

There seems to be a problem Jabber connecting to Expressways over Internet?

Could it be a User PC issue or something to do with his Internet?

I also have a Jabber account with this company as a test user so I thought I should give it a go to make sure there is no issue with MRA.

I fired up my Jabber, entered credentials for this Company account and viola I connected straight away no issues. My Softphone also came to live within seconds, and I could see my user id and CSF in Expressway Event logs.

Hmmm that means something wrong at his PC!

I went back to him and asked if he is using any special Firewall or Antivirus software which might be blocking connection but I found no issues there.

I then asked him to check his Internet and if there are any special settings for VoIP.

Guess what? He was told by his provider to go to his user account and disable this option :

 “Prevent use of internet telephony from the home network” under “Telephony > Telephone Numbers > Line Settings” in the “Security” section.

How Sweet!

We spent all this time thinking if it is something to do with MRA and at the end it was his Internet connection and some special settings to access VoIP.

This is a snippet below from his Provider Fritzbox Cable as how it should be configured.

I hope this post was useful. Please like and Subscribe to this post and share.

Scenario#49 – UCCX: Call gets System Error message on IVR

By asharsidd
Photo by energepic.com on Pexels.com

I was looking at an issue a few days back where a customer complained that when they are selecting a particular IVR option the call gets connected to Music on Hold and then before it gets transferred to an Agent the caller hears “Sorry we are experiencing system problems……” the famous CCX default message when something goes wrong! I am sure you all have come across this dreaded message during your UC Career.

I made some test calls myself and collected logs from SIP Gateway, CCM and CCX to find out where exactly is the call failing.

I looked at the script which was a bit complex as there were several IVR options with nested scripts. This particular case was related to option#4 where CCX will send the call to another script to check opening hours based on Local office number you dialed. I checked IVR logs and I can see the call has gone fine up until this point and got queued correctly. I could also hear Music on hold. This is the section of script which I was interested in.

In IVR logs I am skipping right at the end where Agent was selected and call was delivered to the agent. This is where I heard RINGING tone just after Music on Hold. It just rang once and then I hear “Sorry we are having system problems…..”

## CCX has selected AGENT_3 with extension +4799999999

114292827: May 8 13:05:10.724 GMT %MIVR-SS_RM-7-UNK:[MIVR_SS_RM_RmMsgProcessor-67-0-RmMsgProcessor] Agent: Agent AGENT_3 .setWrapupData(6231017/2, null)

114292829: May 8 13:05:10.724 GMT %MIVR-ICD_CTI-7-UNK:[EventQueue.DispatchThread-0-17] CRACTIEventHandler: EventHandler:got rsrcStateChangedEvent
114292830: May 8 13:05:10.724 GMT %MIVR-ICD_CTI-7-UNK:[EventQueue.DispatchThread-0-17] CRACTIEventHandler: EventHandler: posting {AGENT_STATE_EVENT: Socket:Socket: null monitoredDeviceDN:+4799998888, agentDN:+4799998888, agentID:AGENT_3, monitorID = 0, stateDuration = 0, agentstate = RESERVED, eventreasoncode = 0, agentID = AGENT_3, agentExtension = +4799999999, agentID_Long = AGENT_3 } to outboundQ

114292850: May 8 13:05:10.734 GMT %MIVR-SS_CM-7-UNK:[MIVR_ENG_TASKS-31-14-TASK:0xf2253f431_Script101.aef] TransferCompletionState: Reseting All the flags of CallContact to false

## Here I observed that CCX is complaining about “\” before DN in CUCM but it is without “\” in CCX under Resources. This is not an issue anymore but in older versions of CCX you must have AGENT DN without “\+”

114292851: May 8 13:05:10.734 GMT %MIVR-SS_TEL-7-UNK:[MIVR_ENG_TASKS-31-14-TASK:0xf2253f431_Script101.aef] Port: Agent AGENT_3 Extension contains ‘\’ at the start, ignoring that character : Original Extension=[\+4799999999] New =[+4799999999]
114292852: May 8 13:05:10.734 GMT %MIVR-SS_TEL-7-UNK:[MIVR_ENG_TASKS-31-14-TASK:0xf2253f431_Script101.aef] InCallObserverImpl: CallID:24607 MediaId:6231017/2 Task:65000436785, transfer(+4799999999, 20000, ACKNOWLEDGED)

114292858: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= ConsultCallActive
114292859: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= ConnCreatedEv 04720100164:UCCX_P:1
114292860: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= ConnConnectedEv 04720100164:UCCX_P:1
114292861: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= CallCtlConnInitiatedEv 04720100164:UCCX_P:1
114292862: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= TermConnCreatedEv CX_04720100164
114292863: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= TermConnActiveEv CX_04720100164
114292864: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= CallCtlTermConnTalkingEv CX_04720100164
114292865: May 8 13:05:10.741 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= CallCtlConnDialingEv 04720100164:UCCX_P:1
114292866: May 8 13:05:10.742 GMT %MIVR-SS_TEL-7-UNK:[MIVR_SS_TEL_TPG_EXE-40-529158-CALL_EVENT_LOG:04720100164] RequestImpl: CallID:24607 MediaId:6231017/2 Task:65000436785 Got CallCtlConnDialingEv 04720100164:UCCX_P:1, events on the AddressCallObserver.
114292867: May 8 13:05:10.743 GMT %MIVR-SS_TEL-7-UNK:[(P1-172.1.1.1) EventThread] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= CallCtlConnEstablishedEv 04720100164:UCCX_P:1
114292868: May 8 13:05:10.743 GMT %MIVR-SS_TEL-7-UNK:[MIVR_SS_TEL_TPG_EXE-40-529159-CALL_EVENT_LOG:04720100164] RequestImpl: CallID:24607 MediaId:6231017/2 Task:65000436785 Got CallCtlConnEstablishedEv 04720100164:UCCX_P:1, events on the AddressCallObserver.

##Here as you can see I saw an Error “CTIERR_UNSPECIFIED” and this is when I hear “System Error message”


114292869: May 8 13:05:10.746 GMT %MIVR-SS_TEL-7-UNK:[MIVR_ENG_TASKS-31-14-TASK:0xf2253f431_Script101.aef] InCallObserverImpl: CallID:24607 MediaId:6231017/2 Task:65000436785 consultWithoutMedia gets CiscoJtapiException: 0x0(CTIERR_UNSPECIFIED)::Unspecified error

114292870: May 8 13:05:10.747 GMT %MIVR-SS_TEL-7-UNK:[MIVR_SS_TEL_TPG_EXE-40-529160-CALL_EVENT_LOG:04720100164] RequestImpl: CallID:24607 MediaId:6231017/2 Task:65000436785 Got ConnFailedEv 04720100164:UCCX_P:1, CallCtlConnFailedEv 04720100164:UCCX_P:1, events on the AddressCallObserver.

114292875: May 8 13:05:10.938 GMT %MIVR-SS_TEL-7-UNK:[MIVR_ENG_TASKS-31-14-TASK:0xf2253f431_Script101.aef] ConsultCallObserver: OrigCall=CallID:24607 MediaId:6231017/2 Task:65000436785, ConsultEvent= CallObservationEndedEv
114292876: May 8 13:05:10.938 GMT %MIVR-SS_TEL-7-UNK:[MIVR_ENG_TASKS-31-14-TASK:0xf2253f431_Script101.aef] CallImpl: Call.transferFailed(+4799999999, UNKNOWN) JTAPICallContact[id=24607,type=Cisco JTAPI Call,implId=6231017/2

114292879: May 8 13:05:10.939 GMT %MIVR-SS_RM-7-UNK:[MIVR_SS_RM_RmMsgProcessor-67-0-RmMsgProcessor] RsrcMgrMsgProcessor: Processing msg: SessionNotAnsweredMsg
114292880: May 8 13:05:10.939 GMT %MIVR-SS_CM-7-UNK:[MIVR_SS_RM_RmMsgProcessor-67-0-RmMsgProcessor] ContactMgr: ContactMgr.getRmCmContact(6231017/2) returns 39785449 [6231017/2]
114292881: May 8 13:05:10.939 GMT %MIVR-SS_CM-7-UNK:[MIVR_SS_RM_RmMsgProcessor-67-0-RmMsgProcessor] CTIPort: The Resource to which the transfer failed is AGENT_3 in CTIPort 04720100164 .processSessionNotAnsweredMsg (24607, 39785449 [6231017/2])
114292882: May 8 13:05:10.939 GMT %MIVR-SS_RM-7-UNK:[MIVR_SS_RM_RmMsgProcessor-67-0-RmMsgProcessor] RsrcMgr: RsrcMgr.cancelSession(AGENT_3, 39785449 [6231017/2], SESSION_CANCELLED_CAUSE_OTHER)
114292883: May 8 13:05:10.939 GMT %MIVR-SS_RM-7-UNK:[MIVR_SS_RM_RmMsgProcessor-67-0-RmMsgProcessor] RsrcMgrMsgProcessor: Processing msg: SessionCancelledMsg (Rsrc:6231017/2 Cause:SESSION_CANCELLED_CAUSE_OTHER)
114292884: May 8 13:05:10.939 GMT %MIVR-SS_RM-7-UNK:[MIVR_SS_RM_RmMsgProcessor-67-0-RmMsgProcessor] Agent: Agent AGENT_3.processSessionCancelledMsg(SessionCancelledMsg (Rsrc:6231017/2 Cause:SESSION_CANCELLED_CAUSE_OTHER))

I Went back to CUCM to check DN settings for this AGENT_3 and found AGENT had a CALL FORWARD ALL set on the DN. This is a big NO for any CCX Agent as that will cause issues such as above. I removed the Call Forwarding from Agent Extension and calls started to work perfectly fine!

Please note whenever you come across issues like these, always get as much information as possible and most of the time customers describe the problem in a very generic way which would increase your troubleshooting time. Concise and accurate information is inversely proportional to the time you will spend troubleshooting a case. The more concise problem description is the less time you will spend resolving the problem. Even in this case which I discussed above, customer initially said calls to the main number are failing and they are getting that “System error message”. I thought it is failing for all their IVR options so I made some test calls and selected random Menu options and they all worked fine. I then went back to the customer to find out exactly which option is failing and then they confirmed it is option#4. Always get as much information as possible before start troubleshooting as that will save time.

I hope this post was useful. Please like and Subscribe to this post and share.

Running Docker FTP server for IOS upgrade – a working test run~!

By italchemy

Docker FTP server on Ubuntu 18 server:

Prerequsite: Install docker on Ubuntu 18 server

Then pull the image from Docker/hub
$ docker pull gspeedy101/pynet-ftp:0.1
Pull “pynet-ftp latest 8c2ae1c4ea04 3 days ago 175MB” image from Docker/hub

Run docker FTP server with a full command as below.

User ID is ftp

Password is ftpftpftp

Target file to copy. I have mapped the /tmp directory on the host Ubuntu server to /home/vsftpd of the Docker FTP Container.

root@ubuntu:/tmp# ls /tmp/test*
/tmp/testfile1.txt

 

The most important command!!!
root@ubuntu:~# docker run -d -v /tmp:/home/vsftpd -p 20:20 -p 21:21 -p 47400-47470:47400-47470 -e FTP_USER=ftp -e FTP_PASS=ftpftpftp -e PASV_ADDRESS=192.168.185.3 pynet-ftp:latest

 

The second most important command:
Run the copy ftp command from your router or switch:

PytMelCT1-Sw02#copy ftp://ftp:ftpftpftp@192.168.185.3/testfile1.txt flash:/testfile1.txt flash:/testfile1.txt
Destination filename [testfile1.txt]?
Accessing ftp://ftp:ftpftpftp@192.168.185.3/testfile1.txt…
Loading testfile1.txt
[OK – 31/4096 bytes]

31 bytes copied in 0.067 secs (463 bytes/sec)
As you can see testfile1.txt has been downloaded to switch flash:

PytMelCT1-Sw02#show flash

Directory of flash:/

2 -rwx 556 Mar 1 1993 00:01:16 +00:00 vlan.dat
3 -rwx 12749374 Mar 2 1993 01:54:15 +00:00 c3560-ipservicesk9-mz.122-55.SE10.bin
4 -rwx 12752928 Mar 1 1993 00:20:25 +00:00 c3560-ipservicesk9-mz.122-55.SE5.bin
5 -rwx 5986 Sep 11 2015 05:47:18 +00:00 config.old
6 -rwx 31 Mar 1 1993 01:37:37 +00:00 testfile1.txt
7 -rwx 1768 Mar 1 1993 01:27:56 +00:00 config.text
8 -rwx 2967 Mar 1 1993 01:27:56 +00:00 private-config.text
9 -rwx 2072 Mar 2 1993 01:56:57 +00:00 multiple-fs

32514048 bytes total (6993920 bytes free)

Checking the downloaded file
PytMelCT1-Sw02#more testfile1.txt
dkdkdkg
d
skdkdkdkd
blabla
bla

PytMelCT1-Sw02#

Running Docker FTP server for IOS upgrade – a working test run~!

By italchemy

Docker FTP server on Ubuntu 18 server:

Prerequsite: Install docker on Ubuntu 18 server

Then pull the image from Docker/hub
$ docker pull gspeedy101/pynet-ftp:0.1
Pull “pynet-ftp latest 8c2ae1c4ea04 3 days ago 175MB” image from Docker/hub

Run docker FTP server with a full command as below.

User ID is ftp

Password is ftpftpftp

Target file to copy. I have mapped the /tmp directory on the host Ubuntu server to /home/vsftpd of the Docker FTP Container.

root@ubuntu:/tmp# ls /tmp/test*
/tmp/testfile1.txt

 

The most important command!!!
root@ubuntu:~# docker run -d -v /tmp:/home/vsftpd -p 20:20 -p 21:21 -p 47400-47470:47400-47470 -e FTP_USER=ftp -e FTP_PASS=ftpftpftp -e PASV_ADDRESS=192.168.185.3 pynet-ftp:latest

 

The second most important command:
Run the copy ftp command from your router or switch:

PytMelCT1-Sw02#copy ftp://ftp:ftpftpftp@192.168.185.3/testfile1.txt flash:/testfile1.txt flash:/testfile1.txt
Destination filename [testfile1.txt]?
Accessing ftp://ftp:ftpftpftp@192.168.185.3/testfile1.txt…
Loading testfile1.txt
[OK – 31/4096 bytes]

31 bytes copied in 0.067 secs (463 bytes/sec)
As you can see testfile1.txt has been downloaded to switch flash:

PytMelCT1-Sw02#show flash

Directory of flash:/

2 -rwx 556 Mar 1 1993 00:01:16 +00:00 vlan.dat
3 -rwx 12749374 Mar 2 1993 01:54:15 +00:00 c3560-ipservicesk9-mz.122-55.SE10.bin
4 -rwx 12752928 Mar 1 1993 00:20:25 +00:00 c3560-ipservicesk9-mz.122-55.SE5.bin
5 -rwx 5986 Sep 11 2015 05:47:18 +00:00 config.old
6 -rwx 31 Mar 1 1993 01:37:37 +00:00 testfile1.txt
7 -rwx 1768 Mar 1 1993 01:27:56 +00:00 config.text
8 -rwx 2967 Mar 1 1993 01:27:56 +00:00 private-config.text
9 -rwx 2072 Mar 2 1993 01:56:57 +00:00 multiple-fs

32514048 bytes total (6993920 bytes free)

Checking the downloaded file
PytMelCT1-Sw02#more testfile1.txt
dkdkdkg
d
skdkdkdkd
blabla
bla

PytMelCT1-Sw02#

Python 3 – effective SSH CLI scraping using Cisco CLI commands and saving to a file

By italchemy

############## Step 1. Create this file ###############
[root@localhost ~]# cat host_file.py
network_devices = [‘192.168.185.22’]
# network_devices = [‘192.168.185.1’, ‘192.168.185.11’, ‘192.168.185.22’]
###### Step 2. Create this file with your desired commands output ###############
[root@localhost ~]# cat config_file.py

host_conf = [‘show ver | in ^System image file is|^Model number|^System serial number|^Base ethernet MAC Address’, ‘ show boot | in BOOT path-list’, ‘show flash’]
#host_conf = [‘show flash | in bytes total’]

# To implement config changes your config would be implemented in list format
# host_conf = [‘config t’, ‘interface lo10’, ‘description TEST-CONFIG-SCRIPT-3’, ‘end’, ‘show run int loop 10’]
############ Step 3. Create this file #################

This file calls the other two files and save the show command CLI’s
[root@localhost ~]# cat sshscriptv3.py

# sshscriptv3.py

import os
import paramiko
import time
import getpass
import os
from host_file import network_devices
from config_file import host_conf

UN = input(“Username : “)
PW = getpass.getpass(“Password : “)

# removes existing file first
try:
os.remove(“mylogfile001.txt”)
except OSError:
pass

# For loop allows you to specify number of hosts
for ip in network_devices:
# print (ip)
twrssh = paramiko.SSHClient()
twrssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
twrssh.connect(ip, port=22, username=UN, password=PW)
remote = twrssh.invoke_shell()
# remote.send(‘term len 0\n’)
time.sleep(2)
#This for loop allows you to specify number of commands you want to enter
#Dependent on the output of the commands you may want to tweak sleep time.
for command in host_conf:
remote.send(‘ %s \n’ % command)
time.sleep(3)
buf = remote.recv(65000)

# print (buf)
f = open(‘mylogfile001.txt’, ‘a’)
f.write((buf).decode(‘ascii’))
f.close()
twrssh.close()
============ End Result ========================
[root@localhost ~]# more mylogfile001.txt

sw3560-2#$el number|^System serial numberial number|^Base ethernet MAC Addres
r|^Base ethernet MAC Address
System image file is “flash:c3560-ipservicesk9-mz.122-55.SE12.bin”
Base ethernet MAC Address : 00:16:C8:B3:58:80
Model number : WS-C3560G-24TS-S
System serial number : FOC1004Y2TR
sw3560-2# show boot | in BOOT path-list
BOOT path-list : flash:c3560-ipservicesk9-mz.122-55.SE12.bin
sw3560-2# show flash

Directory of flash:/

2 -rwx 4120 Mar 1 1993 00:20:53 +00:00 multiple-fs
3 -rwx 12749781 Mar 1 1993 00:36:32 +00:00 c3560-ipservicesk9-mz.122-55.SE8.bin
4 -rwx 796 Mar 1 1993 00:16:35 +00:00 vlan.dat
5 -rwx 12745998 Mar 1 1993 00:21:04 +00:00 c3560-ipservicesk9-mz.122-55.SE12.bin
359 -rwx 4113 Mar 1 1993 00:05:06 +00:00 config.old
7 -rwx 1921 Mar 1 1993 00:20:53 +00:00 config.text
8 -rwx 4883 Mar 1 1993 00:20:53 +00:00 private-config.text

32514048 bytes total (6999552 bytes free)
sw3560-2#

Python 3 – effective SSH CLI scraping using Cisco CLI commands and saving to a file

By italchemy

############## Step 1. Create this file ###############
[root@localhost ~]# cat host_file.py
network_devices = [‘192.168.185.22’]
# network_devices = [‘192.168.185.1’, ‘192.168.185.11’, ‘192.168.185.22’]
###### Step 2. Create this file with your desired commands output ###############
[root@localhost ~]# cat config_file.py

host_conf = [‘show ver | in ^System image file is|^Model number|^System serial number|^Base ethernet MAC Address’, ‘ show boot | in BOOT path-list’, ‘show flash’]
#host_conf = [‘show flash | in bytes total’]

# To implement config changes your config would be implemented in list format
# host_conf = [‘config t’, ‘interface lo10’, ‘description TEST-CONFIG-SCRIPT-3’, ‘end’, ‘show run int loop 10’]
############ Step 3. Create this file #################

This file calls the other two files and save the show command CLI’s
[root@localhost ~]# cat sshscriptv3.py

# sshscriptv3.py

import os
import paramiko
import time
import getpass
import os
from host_file import network_devices
from config_file import host_conf

UN = input(“Username : “)
PW = getpass.getpass(“Password : “)

# removes existing file first
try:
os.remove(“mylogfile001.txt”)
except OSError:
pass

# For loop allows you to specify number of hosts
for ip in network_devices:
# print (ip)
twrssh = paramiko.SSHClient()
twrssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
twrssh.connect(ip, port=22, username=UN, password=PW)
remote = twrssh.invoke_shell()
# remote.send(‘term len 0\n’)
time.sleep(2)
#This for loop allows you to specify number of commands you want to enter
#Dependent on the output of the commands you may want to tweak sleep time.
for command in host_conf:
remote.send(‘ %s \n’ % command)
time.sleep(3)
buf = remote.recv(65000)

# print (buf)
f = open(‘mylogfile001.txt’, ‘a’)
f.write((buf).decode(‘ascii’))
f.close()
twrssh.close()
============ End Result ========================
[root@localhost ~]# more mylogfile001.txt

sw3560-2#$el number|^System serial numberial number|^Base ethernet MAC Addres
r|^Base ethernet MAC Address
System image file is “flash:c3560-ipservicesk9-mz.122-55.SE12.bin”
Base ethernet MAC Address : 00:16:C8:B3:58:80
Model number : WS-C3560G-24TS-S
System serial number : FOC1004Y2TR
sw3560-2# show boot | in BOOT path-list
BOOT path-list : flash:c3560-ipservicesk9-mz.122-55.SE12.bin
sw3560-2# show flash

Directory of flash:/

2 -rwx 4120 Mar 1 1993 00:20:53 +00:00 multiple-fs
3 -rwx 12749781 Mar 1 1993 00:36:32 +00:00 c3560-ipservicesk9-mz.122-55.SE8.bin
4 -rwx 796 Mar 1 1993 00:16:35 +00:00 vlan.dat
5 -rwx 12745998 Mar 1 1993 00:21:04 +00:00 c3560-ipservicesk9-mz.122-55.SE12.bin
359 -rwx 4113 Mar 1 1993 00:05:06 +00:00 config.old
7 -rwx 1921 Mar 1 1993 00:20:53 +00:00 config.text
8 -rwx 4883 Mar 1 1993 00:20:53 +00:00 private-config.text

32514048 bytes total (6999552 bytes free)
sw3560-2#

Cisco ISDN Switch Type IOS Commands Voice Gateway

By Avinash Karnani

Cisco ISDN Switch Type IOS Commands Voice Gateway

For any ISDN Line to establish a Layer 1 connectivity, the switch type has to be defined and switch type is country specific. Sometimes when you taken an ISDN Connection from your service provider, they might not be aware of the switch type you should be using when you deploy/configure ISDN. In such cases we have to refer to country specific switch type and try with those commands.

The command is : Isdn switch-type [switch-type]

Below are the list of country specific switch type and it’s respective command.

Telco switch type Cisco Command
AT&T 4ESS (ISDN PRI only) for the US primary-4ess
AT&T 5ESS (ISDN PRI only) for the US primary-5ess
AT&T basic rate switch type basic-5ess
Australian TS013 switch type basic-ts013
DPNSS switch type for Europe primary-dpnss
European and Australian ISDN PRI switch type primary-net5
French VN2 ISDN switch type for ISDN BRI only vn2
French VN3 ISDN switch type for ISDN BRI only vn3
French VN4 ISDN switch type for ISDN BRI only vn4
National ISDN switch type primary-ni
National ISDN-1 switch type basic-ni1
NET3 switch type (Europe, U.K., Australia & Asia) basic-net3
New Zealand Net3 switch type basic-nznet3
No switch type none
Nortel DMS-100 (ISDN PRI only) for the US primary-dms100
Nortel DMS-100 basic rate switch type basic-dms100
Norway Net3 switch type basic-nwnet3
NTT ISDN PRI switch type (Japan) primary-ntt
PINX (PBS) switches with QSIG signalling per Q.931 basic-qsig
QSIG signalling per Q.931 primary-qsig
TS014 Switch type for Australia primary-ts014

Hope this helps

Published by Team UC Collabing

The post Cisco ISDN Switch Type IOS Commands Voice Gateway appeared first on UC Collabing.

SNMPwalking your Cisco Devices to understand Cisco IOS devices

By italchemy

Step 1: Configure your Cisco Device(s)

snmp-server group GroupName v3 [noauth|auth|priv] [write v1default]

snmp-server user UserName GroupName v3 [auth|priv]
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#snmp-server engineID local 123456789ABC
Switch(config)#snmp-server group G1 v3 ?
auth group using the authNoPriv Security Level <<<{Auth but no Envryption}
noauth group using the noAuthNoPriv Security Level <<<{No Auth, No Encryption}
priv group using SNMPv3 authPriv security level <<< {Auth, Encryption}
Switch(config)#snmp-server group GROUP1 v3 priv

Switch(config)#snmp-server user User1 GROUP1 v3 auth sha UserPassword priv aes 128 aesPassword
Switch(config)#do show run | in User1
Switch(config)#do show snmp user

User name: User1
Engine ID: 123456789ABC
storage-type: nonvolatile active
Authentication Protocol: SHA
Privacy Protocol: AES128
Group-name: GROUP1

 

Step 2: For windows, Download and install MibBrowser

ManageEngine MibBrowser Free tool

https://www.manageengine.com.au/products/mibbrowser-free-tool/download.html
Step 3: Start Wireshark to capture packets from GNS3 Topology

Step 4: Run MibBrowser to do the SNMPwalk to capture all MIBS from the device.

Step 5: Stop Wireshare capture on GNS3, check the captured packets, decrypt the packets using the Authentication and Encryption password.

Step 6: Write a simple Python script to monitor the device

Step 7: Write a simple Python script to modify the device configuration

 

Step 3: For Walking SNMP on Linux server

snmpwalk -v3 -l authPriv -u User1 -a SHA -A “UserPassword” -x AES -X “aesPassword” 192.168.47.148
[root@localhost user]# snmpget -v3 -l authPriv -u User1 -a SHA -A “UserPassword” -x AES -X “aesPassword” 192.168.47.148 sysUpTime.0
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (833142) 2:18:51.42

Up interface
[root@localhost user]# snmpget -v3 -l authPriv -u User1 -a SHA -A “UserPassword” -x AES -X “aesPassword” 192.168.47.148 ifDescr.1 ifOperStatus.1 ifLastChange.1
IF-MIB::ifDescr.1 = STRING: GigabitEthernet0/0
IF-MIB::ifOperStatus.1 = INTEGER: up(1)
IF-MIB::ifLastChange.1 = Timeticks: (3635) 0:00:36.35

Down interface
[root@localhost user]# snmpget -v3 -l authPriv -u User1 -a SHA -A “UserPassword” -x AES -X “aesPassword” 192.168.47.148 ifDescr.2 ifOperStatus.2 ifLastChange.2
IF-MIB::ifDescr.2 = STRING: GigabitEthernet0/1
IF-MIB::ifOperStatus.2 = INTEGER: down(2)
IF-MIB::ifLastChange.2 = Timeticks: (3983) 0:00:39.83

 

Step 4: The result

[root@localhost user]# snmpwalk -v3  -l authPriv -u User1 -a SHA -A “UserPassword”  -x AES -X “aesPassword” 192.168.47.148

 

SNMPv2-MIB::sysDescr.0 = STRING: Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.6(2)T, RELEASE SOFTWARE (fc2)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2016 by Cisco Systems, Inc.

Compiled Tue 22-Mar-16 16:19 by prod_rel_team

SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.1041

DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1507459) 4:11:14.59

SNMPv2-MIB::sysContact.0 = STRING:

SNMPv2-MIB::sysName.0 = STRING: R1.localdomain

SNMPv2-MIB::sysLocation.0 = STRING:

SNMPv2-MIB::sysServices.0 = INTEGER: 78

SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00

SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::enterprises.9.7.129

SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::enterprises.9.7.115

SNMPv2-MIB::sysORID.3 = OID: SNMPv2-SMI::enterprises.9.7.265

SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::enterprises.9.7.112

SNMPv2-MIB::sysORID.5 = OID: SNMPv2-SMI::enterprises.9.7.106

SNMPv2-MIB::sysORID.6 = OID: SNMPv2-SMI::enterprises.9.7.47

…[omitted]

 

❌