15 Replies Latest reply on Oct 6, 2009 2:42 PM by Steve Welsh

    HP Procurve configuration backup using SSH problem

      Hello,

      We have an HP Procurve J4903A Switch 2824 and it is integrated with RADIUS Server for authentication.
      We are using Cat Tools 3.4 demo version and tried to configure the switch for configuraton backup using Method SSH2.
      And using Device.Backup.Running Config  Type and SSH Username/Password are supplied. When Run the backup it shows the errors:
      "Did not receive expected prompt when entering enable mode", and "Aborting: Unable to enter enable mode".

      Do anybody faced this issue with SSH? Please help me to solve this problem.

      Regards,

      Achu

        • Re: HP Procurve configuration backup using SSH problem
          Steve Welsh

          Hi Achu,

          After sending the 'enable' command, CatTools waits for one of the following prompts to be returned from the device:

          1) the device enable (privileged mode) prompt - i.e. hostname prompt ending with '#'

          2) the device non-privileged mode prompt - i.e. hostname prompt ending with '>'

          3) 'Password:'

          4) 'Username:'  (unless you have overridden this by entering a value in the 'Enable Prompt:' field of the 'Prompts' tab for the device setup in CatTools.

          It would appear from the message you are seeing in the Info log, that none of these responses are being returned by the device within the default 30 second timeout period.

          Can you confirm for me by means of a manual connection to the device (using PuTTY), what the prompt is that comes back from your device after executing the 'enable' command, and also whether there is any delay in the prompt being returned.

          Regards,

          Steve

            • Re: HP Procurve configuration backup using SSH problem

              Hello Steve,

              Thanks for your quick reply.

              Following are the prompts after executing 'enable' command:


              Please Enter Login Name:
              Please Enter Password:

              What I did now is I put the 'Please Enter Login Name:' into the 'Prompts --> Enable Prompt'.
              I think now it goes to the next level with the new 'Please Enter the Login Name,
              but shows a new error: "enable password is incorrect for device" and "Aborting: Unable to enter enable mode"

              To get more details, I have enabled the 'Enable capture mode' and the log shows:

              <NEWSESSION Kiwi CatTools 3.4.0 9/11/2009 12:56:12 AM>
              <PROTOCOL=SSH2>
              <DEVICE TYPE=HP.Switch.2500>
              <ACTIVITY TYPE=Device.Backup.Running Config>
              <ACTIVITY SCRIPT=C:\Program Files\CatTools3\Scripts\Client.Device.Backup.Running Config.txt>
              <USERS NAME FOR DEVICE=HP Switch 1>
              <C OK 12:56:13 AM><R-12:56:13 AM>We'd like to keep you up to date about:[10] 
              * Software feature updates[10]  * New product announcements[10]
               * Special events[10][10]Please register your products now at:  www.ProCurve.com[10][10]
              <R-12:56:13 AM>[27][1;24r[27][24;18H[27][2J[27][?7l[27][1;24r[27][?6l[27][24;18H[27][?25h
              [27][24;18H[27][?6l[27][1;0r[27][?7l[27][2J[27][24;18H[27][1;1H[27][2K[27][24;18H[27][2J[27]
              [?7l[27][3;23r[27][?6l[27][1;1H[27][?25l[27][1;1HProCurve J4903A Switch 2824[13][10][13]
              Firmware revision I.08.98[13][10][13][13][10][13]Copyright (C) 1991-2006 Hewlett-Packard Co.
                All Rights Reserved.[10][13][10][13]                           RESTRICTED RIGHTS LEGEND[10][13][10][13] Use,
               duplication, or disclosure by the Government is subject to restrictions[10][13] as set forth in subdivision (b)
               (3) (ii) of the Rights in Technical Data and[10][13] Computer Software clause at 52.227-7013.[10][13][10][13]   
                  HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303[10][13][10][13][27][24;1HPress any key to continue[27][23;1H[27][?25h[27][24;26H
              <W-12:56:14 AM>[13]<R-12:56:14 AM>[27][1;1H[27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13]
              [27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[10][13][27][2K[27][24;26H<R-12:56:15 AM>[27][1;24r[27][24;1H[27][24;1H[27][2K[27][24;1H[27][?25h[27][24;1H[27]
              [24;1HHP SWITCH> [27][24;1H[27][24;18H[27][24;1H[27][?25h[27][24;18H<W-12:56:15 AM>[13]<R-12:56:15 AM>[27][24;0H[27]E[27][24;1H[27][24;18H<R-12:56:15 AM>[27][24;1H[27][2K[27][24;1H[27][?25h[27][24;1H[27][1;24r[27][24;1H[27][1;24r[27][24;1H[27][24;1H[27][2K[27][24;1H[27][?25h[27][24;1H[27]
              [24;1HHP SWITCH> [27][24;1H[27][24;18H[27][24;1H[27][?25h[27][24;18H<W-12:56:15 AM>
              enable<R-12:56:15 AM>enable<W-12:56:15 AM>[13]<R-12:56:15 AM><R-12:56:15 AM>
              Please Enter Login Name: <W-12:56:15 AM>xyzabcd[13]<R-12:56:15 AM>x<R-12:56:16 AM>yzabcd[13][10][13]Please Enter Password:


              My username is 'switch' and password is 'xyzabcd', it seems to be enable mode passes my password first instead of username and nothing is passing for password.

               

              Regards,

              Achu

                • Re: HP Procurve configuration backup using SSH problem
                  Steve Welsh

                  Hi Achu,

                  Do you have the device Enable username set in the 'AAA Username' field?  If not, try this and see if this works.

                  Steve

                    • Re: HP Procurve configuration backup using SSH problem

                      Hi Steve,

                      Yes I am using the "Enable Mode uses AAA username/password fields" but it doesn't seems to be working and if I give correct AAA username and Password on the consecutive fields, it always passes AAA Password as username in the Enable Mode.For testing I interchange the username and passwords and I am correct that it pass AAA Password field value as Username to the Enable Mode. If you check the previous log I posted you can find that:

                       

                      [24;1HHP SWITCH> [27][24;1H[27][24;18H[27][24;1H[27][?25h[27][24;18H<W-12:56:15 AM>
                      enable<R-12:56:15 AM>enable<W-12:56:15 AM>[13]<R-12:56:15 AM><R-12:56:15 AM>
                      Please Enter Login Name: <W-12:56:15 AM>xyzabcd[13]<R-12:56:15 AM>x<R-12:56:16 AM>yzabcd[13][10][13]Please Enter Password:


                      My username is 'switch' and password is 'xyzabcd', and please check the bold letters as it pass xyzabcd and x yzabcd as Login Name.

                       

                      Thanks

                      Achu

                        • Re: HP Procurve configuration backup using SSH problem
                          Steve Welsh

                          Hi Achu,

                          Within the device setup, try removing the text you entered (Please Enter Login Name:) from within the 'Prompts --> Enable Prompt' field and enter it instead within the 'Prompts --> Username Prompt' field.

                          This should fix the problem.

                          When using 'Username/Password' authentication for enable mode, the 'Username Prompt' field is checked to see if there is an override for the default 'Username:' prompt.    The 'Enable prompt' override field should be used when password only authentication is setup on the device for entering enable mode.

                          Please let me know how you get on.

                          Steve

                            • Re: HP Procurve configuration backup using SSH problem

                              Hi Steve,

                              It works! Thanks a lot.

                              And I tried the backup of running configuraiton for the first time and it save in a text file in Config folder, then I went and changed the switch configuration and run the backup again, I found that all backups are overwriting to the same file whether it has changes or not. Why it is not making multiple copies of the configuration file? Also how I can restore the configuration file back to the switch?

                              I really appreciate your help to solve the issue.

                              Regards,

                              Achu

                              • Re: HP Procurve configuration backup using SSH problem

                                Hello Steve,

                                I would like to get help for one more HP Procurve Switch backup. The model is J4904A Switch 2848. What I can see on the ssh console is, After initial login with ssh username and password, I am getting a new screen on this switch like:

                                ==========================- TELNET - OPERATOR MODE -============================
                                                                   Main Menu

                                   1. Status and Counters...
                                   2. Event Log
                                   3. Command Line (CLI)
                                   0. Logout


                                Provides the menu to display configuration, status, and counters.
                                To select menu item, press item number, or highlight item and press <Enter>.

                                I need to eneter number 3. How I can pass this screen to the enable mode?

                                 

                                Regards,

                                Achu

                                  • Re: HP Procurve configuration backup using SSH problem
                                    Steve Welsh

                                    Achu,

                                    For HP switches, we used to suggest reconfiguring the device to automatically enter CLI mode by doing the following:

                                    - go to command line
                                    - type 'setup'
                                    - under Logon Default set to CLI
                                    - save changes

                                    You may want to see if this works on your HP device?

                                    Steve

                                      • Re: HP Procurve configuration backup using SSH problem

                                        Hi Steve,

                                        I changed Logon Default to CLI and now it is back to the normal CLI mode after login. It also works very well. Thanks a lot for your great help to solve all the issues I faced with HP Procurve switches. I would like to know how I can restore a configuration file I backup and how I can restore a specific date backup file? 

                                        Thanks a lot,

                                        Achu 

                                          • Re: HP Procurve configuration backup using SSH problem
                                            Steve Welsh

                                            You are most welcome Achu.

                                            With regards to your question on restoring configuration files, the backup files created by the 'Device.Backup.Running config' activity are just plain text files.  

                                            Depending on which device it is, you may be able to restore the configuration via TFTP.   I'd recommend checking your device user manual to see the recommended method to restore configurations.

                                            You may then be able to use the 'Device.CLI.Send commands' activity to facilitate this (a Cisco example is given here at: http://www.kiwisyslog.com/help/cattools/act_devclisendcmd_howtoupload.htm)

                                            The \Configs folder will contain the most recent backed up device configuration files.  The \Dated Configs folder will contain previous device configurations.  You'd just need to copy whichever one you want to restore into the \TFTP folder, then issue the relevant TFTP commands.

                                            Please note: I'd also recommend verifying that the file created by the 'Device.Backup.Running config' activity contains the FULL device configuration before trying to restore it.  In some cases on certain devices, only the changed lines are exported.  For other devices it may be that VLAN data is not exported (Cisco - VLAN.dat file for example).  In these cases you may have to perform a backup via TFTP instead to capture the full device configuration which can then be restored.   Use the 'Device.Backup.TFTP' or 'Device.CLI.Send commands' activities to facilitate this.

                                            Hope this helps.

                                            Steve

                                              • Re: HP Procurve configuration backup using SSH problem

                                                Hello Steve,

                                                I was setting up a new machine for cattools and when configured to backup the same first HP procurve switch for device backup, there is another issue, The Info log shows:

                                                Backup Runing Config results: Failed to receive 'Running configuration' line in device config file

                                                and Error shows: Failed to receive 'Running configuration' line in device config file.

                                                The Debug Log shows:

                                                WFMDRetVal=1 Waiting for: "Running configuration"
                                                WFMDRetVal=2 Waiting for: "Building configuration..."

                                                WFMDBuffer="show runninginvalid input: running[10][13]switch> " ===============

                                                Please help me

                                                Thanks

                                                Achu