Wired Intelligent Edge

 View Only
last person joined: 2 days ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

ssh from 2930f to Mikrotik error

This thread has been viewed 16 times
  • 1.  ssh from 2930f to Mikrotik error

    Posted Aug 05, 2022 07:48 PM

    INFO:
    -Mikrotik RB951 ver 7.4
    -2930f ver WC.16.11.0006

    PROBLEMS:

    1. I can't ssh from 2930f to Mikrotik
    but I can ssh to Mikrotik using my Mac connecting to switch port

    # ping 10.0.100.1
    10.0.100.1 is alive, time = 2 ms
    # ssh admin@10.0.100.1
    The SSH connection failed: Unknown SSH error.

    Could Aruba fix in next release?
    tq



  • 2.  RE: ssh from 2930f to Mikrotik error

    Posted Aug 06, 2022 08:41 AM
    Hi,
    Can you ssh from your mac to the Aruba 2930f?

    If you want some help, you need to share your relevant configuration for the devices.



    ------------------------------
    Arne Opdal
    ------------------------------



  • 3.  RE: ssh from 2930f to Mikrotik error

    Posted Aug 06, 2022 09:07 AM

    SSH

    1. MBP 2014 to 2930f: no problem
    2. Win11 to 2930f: no problem
    3. Win11 to Mac: no problem
    4. 2930f to Mac: no problem
    5. Mac to Mikrotik: no problem
    other user has same problem from Aruba to Arista too
    https://www.reddit.com/r/Arista/comments/jjuu7j/arista_ssh_error/

    this is ssh client in Aruba.
    even without any additional config, you can ssh to any ip



  • 4.  RE: ssh from 2930f to Mikrotik error

    EMPLOYEE
    Posted Aug 08, 2022 10:26 AM
    This might have to do with the limited SSH client in the switch, and a mismatch in supported ciphers between your switch and the Mikrotik. In general you should not SSH out from the switch, but must admit that it has become handy a few times in the past where I didn't have another device.

    If you want to have this resolved, it's first important to understand why the session does not come up, and you might be able to configure additional ciphers in the Aruba switch, or in the Mikrotik. If you can't find out yourself, it would be best to work with TAC Support.

    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 5.  RE: ssh from 2930f to Mikrotik error

    Posted Aug 09, 2022 12:09 AM
      |   view attached
    I don't have contract so I can't open a case
    but from my mikrotik I can show you my ssh debug file
    could someone please take a look
    please see attached file

    Attachment(s)

    txt
    mikrotiksshdebug.txt   11 KB 1 version


  • 6.  RE: ssh from 2930f to Mikrotik error

    EMPLOYEE
    Posted Aug 09, 2022 06:03 AM
    Based on the log I would say it should work:
    SSH: agreed on: diffie-hellman-group-exchange-sha256,ssh-dss,aes256-gcm@openssh.com,aes256-gcm@openssh.com,none,none,​

    Would not know how to help further; TAC would be my next step, but if you don't have access it will be hard.

    Maybe someone else has seen this and knows what to do. As you have seen the ssh traffic works in most cases, just not in in case and in one direction. You may try to open a case with Mikrotik as well, if you have access to that.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------