This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ICX8200 configuration for ping/SSH

Go to solution
Goalmaster6
New Contributor II

‎04-18-2024 07:33 AM - edited ‎04-18-2024 07:36 AM

Hi all, 

I am a newbie to Ruckus equipment and even more specifically Fastiron 10. We have some 8200 switches in which they are functioning correctly, but I am unable to ping/ssh them. We are inside a shared building and VLAN 1 does nothing on their network, but their equipment has been set to pass through our VLANS. 

For whatever reason, no matter what I try we are unable to SSH/ping the switch from anywhere in the building, but everything else works like WiFi etc. 

Config is very basic, as we are just using the 8200s to for L2 switching. The core switches are doing the L3. We aren't using a management port, so I am hoping to just use one of the other ports for access into the switch. 

Please see config below, and hopefully someone can point me in the right direction to get this working. 

Current configuration:
!
ver 10.0.00T253
!
stack unit 1
module 1 icx8200-c08pf-port-management-module
module 2 icx8200-2-sfp-plus-port-20g-module
stack-port ethernet 1/2/1
stack-port ethernet 1/2/2
!
!
!

!
!
!
!
vlan 1 name DEFAULT-VLAN by port
!
vlan 96 name NETWORK by port
tagged ethe 1/1/1
untagged ethe 1/1/8
!
vlan 97 name SERVERS by port
tagged ethe 1/1/1
!
vlan 99 name USERS by port
tagged ethe 1/1/1
untagged ethe 1/1/2 to 1/1/7
!
vlan 100 by port
tagged ethe 1/1/1 ethe 1/1/8
!
!
!
!
!
ip route 0.0.0.0/0 10.20.96.1
!
!
ip dns domain-list 
ip dns server-address 
ip tftp blocksize 8192
!
!
!
!
!
!
!
interface management 1
!

!

!

!
interface ve 1
ip address 10.20.96.20 255.255.255.0

We have some older switches running fastiron8, and these can be pinged/ssh into no problem, so I believe the issue is local to the 8200s. 

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Goalmaster6
New Contributor II
In response to BenBeck

‎04-19-2024 04:58 AM

Hi Ben,

I've fixed it within the last hour! My IP was on the wrong ve, needed to be on ve 96 instead of ve 1. Everything is working as expected now! 

 

View solution in original post

9 REPLIES 9

Go to solution
Chandini
RUCKUS Team Member

‎04-18-2024 07:42 AM

Hi Goalmaster6

Thank you for reaching us.

  • Could you let us know if you have access to switch on console ?

Would you be able to share the below outputs from the switch

  • traceroute <ip of the device you are trying to SSH from>
  • ping <ip of the device you are trying to SSH from>
  • ping 10.20.96.1
  • show ip ssh config
  • show ip ssh

Also I would suggest you to upgrade the 8200 switch to 10.0.10c_cd2 version as looks like you are running 10.0.00 version

Below is the software version 10.0.10c_cd2

Thanks

0 Kudos

Go to solution
Goalmaster6
New Contributor II
In response to Chandini

‎04-18-2024 07:49 AM - edited ‎04-18-2024 07:49 AM

Hi Chandini

Yes I have access to the switch on console. 

Ping fails, and traceroute to the default gateway 10.20.96.1 replies with * * * for everything. 

8200#show ip
Global Settings
ttl: 64, arp-age: 10, bootp-relay-max-hops: 4
router-id : 10.20.96.20
enabled : UDP-Broadcast-Forwarding Source-Route Load-Sharing RARP VSRP arp-port-move-syslog
disabled: Route-Only Directed-Broadcast-Forwarding BGP4 IRDP Proxy-ARP RIP OSPF VRRP VRRP-Extended ICMP-Redirect add-host-route-first

8200#show ip ssh

SSH-v2.0 enabled.
No SSH sessions are currently established

8200#show ip ssh config
SSH server : Enabled
SSH port : tcp\22
Host Key : RSA 2048
Encryption : aes256-cbc,aes192-cbc,aes128-cbc,aes256-ctr,aes192-ctr,aes128-ctr,3des-cbc
Authentication methods : Password, Public-key, Interactive
Login timeout (seconds) : 120
Idle timeout (minutes) : 0
SCP : Enabled
SSH Client Keys :
Client Rekey : 500000K 30m (KB, Minute)
Server Rekey : 500000K 30m (KB, Minute)

 

0 Kudos

Go to solution
BenBeck
Moderator
Moderator

‎04-18-2024 07:45 AM

Hey @Goalmaster6,

Firstly, I would recommend you upgrade this switch to 10010c_cd2. 10.0 flat is the very first code ever for this platform. As for your issue, I see you have an IP address on VE1 and a route. As long as that is pingable, you should be good there. It looks like you need a username and an authentication method list. It should be something like this:

enable

conf t

username <username> password <password>

aaa authentication login default local

 

Hope that helps! Please let me know if that works. 

 

Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us
0 Kudos

Go to solution
Goalmaster6
New Contributor II
In response to BenBeck

‎04-18-2024 07:51 AM - edited ‎04-18-2024 08:05 AM

Hi Ben,

 

No, the IP address on VE1 isn't pingable, but it is pingable from a device which is connected to the wireless AP which goes through the switch, back to the core.

0 Kudos
Copyright © 2024 Khoros, LLC