Re: Initial config on Smart-1 600-S

jamesdean-1

Hi all,

I know this is probably impossible but just trying to save some leg work and money.

We have a Smart-1 600-S located overseas, it has been factory reset and is connected to a switch using eth1 interface. I tried putting that switchport into an access vlan with 192.168.1.2 on the switch, but I could not access 192.168.1.1. I have then come to realise, that likely only mgmt port will be accessible on 192.168.1.1, is this correct? Can any genius come up with a way I can access this device remotely on eth1 after factory reset? It will take a month to get someone onsite even for a simple thing like plugging a cable in unfortunately.

TIA

PhoneBoy

If you can't reach the device by IP, you should be able to reach it via Console and/or LOM.
Are either of those options?
If so, you can see what interface 192.168.1.1 is actually assigned to and change it via clish commands.

Otherwise, without some sort of console access to the appliance, you're going to have a hard time fixing it remotely.

jamesdean-1

Unfortunately not, this device just has two cables in it, one the power cord, and the other is the ethernet between eth1 on the smart1 and the cisco switch. All I know is it was factory reset, so I have to assume its now got 192.168.1.1, but from the documentation I believe that is only accessible via mgmt port, there is no-one near this device to plug into the console port for us

the_rock

Im afraid you might be out of luck : - (. What @PhoneBoy is true about LOM card, but after its factory reset, that would also need to be configured.

You are correct that mgmt IP by default would have that IP address, 192.168.1.1

So there is absolutely no one that could physically connect to the appliance and console into it?

Andy

jamesdean-1

Ok thanks, we suspected as much, we do have a remote hands arrangement, just a language barrier and a several weeks of raising purchase orders to deal with to get them there 😛

the_rock

Fair enough. Hope it all works out.

Andy

JozkoMrkvicka

LOM config stays even you do factory reset of OS. You have to reset LOM IP/credentials to default values manually using CLI or WebUI.

Kind regards,
Jozko Mrkvicka

the_rock

Are you 100% sure about that? Because I was on the phone once with customer and TAC as well and they had to do factory reset of 6200 appliance and all settings were wiped out, including LOM as well. I will say though, I cant recall if it gave them an option to preserve the config for LOM, as I did see that before.

Andy

JozkoMrkvicka

It is impossible just to move cable from eth1 to Mgmt ? Then you should be able to reach 192.168.1.1/24.

Kind regards,
Jozko Mrkvicka

oa_munich

Probably not helpful at this stage, but I keep a PiKVM https://github.com/pikvm/pikvm at all remote sites with a console, HDMI and a USB-C cable, as well as a 5G/LTE modem around, so that the local staff could connect the device to pretty much any box. I have it initiate a VPN connection and can ssh into the box once connected. Pays for itself with a single site fall out, saved us from a few last minute weekend flights.

jamesdean-1

Well this was a disaster, we got someone on site, plugged into via console and all the network config was still in place (and credentials), I enabled mgmt port and put 192.168.1.1 on it, then got them to connect via browser and it asked to go through first time wizard which we did, it completed fine, went back to console and confirmed the IP address was still there on bond1, however I could not ping it from the gateway in the same subnet, I tried setting management interface to eth1 which it did not allow me to do (was now set as mgmt) and unfortunately the tech had to bolt and I did not get any further.

bond1 is up, both members, lacp is formed and the switch sees the lacp packets, however I am not learning any mac address from the interfaces. Since I know the mac of that interface, I added both a static mac and arp entry to the router but still no joy.

The reason for not connecting mgmt to the switch was they aren't allowed to connect or move any cabling. Ill need to get them back onsite, however I am not really sure what I am going to do next time, why wont bond1 with a valid IP and mask on it respond to something in the same subnet? config is identical to our other device.

the_rock

I would check routing, make sure arp is there, see why connection fails...verify interface is configured properly.

Andy

jamesdean-1

Unfortunately ARP is not there, I am on the switch which is in the same subnet and I do not have an ARP, I took a screenshot of the interface config on the smart-1 so I know that is correct. Interfaces are up, vlan is forwarding but not learning a mac, it's very bizarre. Gave it a reboot as well.

the_rock

No luck after reboot either??

jamesdean-1

No the reboot didn't achieve anything, I was hoping that the device just didn't respond on any interface other than Mgmt until the first time wizard was completed, so that was completed, no difference, then rebooted, no difference.

the_rock

Then Im really not sure unless I saw it for myself. If someone was on site, say they tried connecting directly to mgmt interface with IP from same subnet on their laptop, would be easy to tell based on whether that works.

Andy

jamesdean-1

Yep that does work, mgmt port was connected to his laptop and we could browse to 192.168.1.1 and it prompted to run through the first time wizard, I then verified via console connection the IP address for bond interface was still there. I'm going to arrange a cable to be installed from mgmt to the switch so I should be able to ssh to the device and work on it remotely

the_rock

Sounds totally reasonable and logical to me @jamesdean-1

Andy

Are you a member of CheckMates?

Initial config on Smart-1 600-S