Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gingerwerewolf
Contributor

WebUI & SSH bouncing between Appliances Maestro

Hey all

Im pretty sure that it something I have missed or done wrong, but your assistance would be much appreciated

First of all, all devices on R81.10 JHF 95

Its a Maestro Setup, 5 Appliances (6200's) set up in 2 Security Groups

SG 1 set up with 3 devices about a year ago - works fine - All SSH and WebUI connectivity

SG 2 set up recently with the other 2 (which were brand new devices)- and in all aspects other than the WebUI and or SSH it is working fine. (Or I think it is)

SG2 has an issue where when I connect via SSH it nearly always is displaying a security issue, that the Key has changed. This then becomes noticable on the connection, as the member that I am connected to is different

When I try to connect to SG2 via the WebUI, it attempts to connect and then bounces me back to the logon screen. If Im lucky I can get in, and then it will keep saying "Server has disconnected"

My gut feeling is that the WebUI, like the SSH connection, is constantly swapping from Member to member and as such getting kicked out.

Any assistance on how to fix or bypass this issue would be very much appreciated. 

0 Kudos
4 Replies
Dario_Perez
Employee Employee
Employee

Do you have the mgmt/magg is connected to Cisco ACI? If Does disable the endpoint rouge detection 

(1)
Gingerwerewolf
Contributor

No it is not, though that is a great catch for the future, thank you!

 

0 Kudos
emmap
Employee
Employee

It sounds like you're connecting to an uplink interface, and you have l4 enabled for distribution (it's enabled by default). If so, this is expected behaviour. If you disable l4 in your distribution config, the distribution will only look at your IP addresses (and not your source port, which will change every time you make a new connection) and hence you'll always get to the same SGM (assuming they're all active) when you log in.

Gingerwerewolf
Contributor

I think this is what I have missed. Ill give it a try and let you know.

Thank you for taking the time to reply!

0 Kudos