11-04-2014 07:46 PM
I upgraded from 4.1.2a to 5.0.1 and now I am unable to connect to SSH from normal IP VE interfaces. The only port that allows management is the dedicated management port or the Serial port. What am I missing to allow management like I had in the past?
11-05-2014 06:31 AM
Ok so I admit I hadn't read every section of the 5.0.1 documentation. That bit me hard.
Quote from Network OS Layer 3 Routing Configuration Guide:
Beginning with release 5.0.0, support is provided for the management VRF. The default VRF and other user-configured (nondefault) VRFs can no longer be used for router management. This feature is allowed only on management VRF ports.
Now for me to figure out this VRF feature, which I hadn't even played with before today.
12-15-2014 06:32 AM
Just assign the management ve to the mgmt-vrf.
I believe the command would be 'vrf fowarding mgmt-vrf' from the ve interface prompt. One "suprise" is that entering this command will remove the IP address from the ve- just reapply it and you should be good to go.
12-30-2014 07:34 AM
The problem is for those trying to access the management from default-vrf. All of my network is on default-vrf. What I finally had to do was get a Cat6 SFP module to plug a Cat6 cable into the mgmt port and bridge the vrf wall. Talk about a waste of money, using hardware to fix a problem introduced by firmware upgrade.