CommScope RUCKUS Community Forums

tomer_iyar · ‎07-11-2019

Hi,
i have installed an ICX7150-C12-2X1G POE 12-port - Version:10.1.15T225
and i am trying to connect it to my Smartzone vSZ-H - 5.1.1.0.598

i have followed the guide and configure the switch with the "sz Active-list command
and i have verified there is connectivity between both devices on all ports, but this doesnt seem to work for me

SSH@GroupA#show sz status

============ SZ Agent State Info ===================
Config Status: None Operation Status: Enabled
State: SZ QUERY Prev State: INIT Event: SZ QUERY RESPONSE

SWR List : None
Active List : 10.31.3.8
DHCP Option 43 : No
DHCP Opt 43 List : None
Passive List : None
Merged List : 10.31.3.8
Merged Idx: 0 IP : 10.31.3.8
Switch registrar host: sw-registrar.ruckuswireless.com
Switch registrar discovery retry count: 7
Switch registrar host resolve failure count: 7

SZ IP Used : 10.31.3.8
SZ Query Status :
In Progress. Response Not Received.

sz logs
-------------------------
Jan 1 19:48:35:https_connmgr_send_request>Entered.
Jan 1 19:48:35:sz_execute_state_machine>Exit with state/event: SZ QUERY/5, TIMER/2002 RC: 1
Jan 1 19:48:35:sz_execute_state_machine>Entering with state/event: SZ QUERY/5, SZ QUERY RESPONSE/2007
Jan 1 19:48:35:sz_parse_sz_query_response -- Status: 600 <<
Jan 1 19:48:35:sz_fsm_sz_query_state>Moving to IP:10.31.3.8 because of retry count: 36
Jan 1 19:48:35:sz_execute_state_machine>Exit with state/event: SZ QUERY/5, SZ QUERY RESPONSE/2007 RC: 1
Jan 1 19:48:35:HTTP Request Error:Http remote connection close called.

any ideas? thanks.

simon_pollard · ‎07-15-2019

What does the show sz logs look like now?

tomer_iyar · ‎07-15-2019

Build String: size 205
============
{"serial_number":"FEK3210Q06M", "ipaddress":"10.31.3.210", "macaddress":"d4:c1:9e:9a:f0:f4", "switch/stack/spx":"switch", "numOfUnits":2, "firmware_version":"SPS08090b.bin", "switch_model":"ICX7150-C12P"}
==============

Jul 15 15:31:27:https_connmgr_send_request>Entered.
Jul 15 15:31:27:sz_execute_state_machine>Exit with state/event: SZ QUERY/5, TIMER/2002 RC: 1
Jul 15 15:31:27:sz_execute_state_machine>Entering with state/event: SZ QUERY/5, SZ QUERY RESPONSE/2007
Jul 15 15:31:27:sz_parse_sz_query_response -- Status: 600 <<
Jul 15 15:31:27:sz_execute_state_machine>Exit with state/event: SZ QUERY/5, SZ QUERY RESPONSE/2007 RC: 1
Jul 15 15:31:27:HTTP Request Error:Http remote connection close called.
End i/max/iter 438/438/0

simon_pollard · ‎07-15-2019

The switch is still declaring itself as two units;

{"serial_number":"FEK3210Q06M", "ipaddress":"10.31.3.210", "macaddress":"d4:c1:9e:9a:f0:f4", "switch/stack/spx":"switch", "numOfUnits":2, "firmware_version":"SPS08090b.bin", "switch_model":"ICX7150-C12P"}

The second switch needs to be removed from the config.

It might be worth resetting the C12P to factory default and starting again, whichever is easiest for you.

hashim_bharooc1 · ‎07-16-2019

hey Tomer,
So one thing is issue with NTP, We need NTP for the certificates not work.

What about:
"dm verify-device-certs"
"show License"

Thanks
Hashim

b8 · ‎12-31-2019

I'm having an issue connecting my ISC 7450 switch to my vSZ. I think the issue is because I dont have a legit certificate on my vSZ as I see this error in my connection logs. Is it possible to override this cert check for my homelab use? I'm keen to resolve this soon as Id like to experiment with this feature before my complimentary switch license period expires.

Dec 27 22:36:45:I:SZAgent: Failed to connect to management device at 192.168.10.19 Error: HTTP Response Code 400

In case Im wrong, other details that look pertinent to the issue include

dm verify-device-certs
Commencing sanity check for device certs ...
Verifying files on Non-TPM Platform ...
Successfully verified
The device key pair is valid
The Encrypt/Decrypt test is successful
Successfully verified device certs


show license
Unit  License Name    L3 Premium Port Speed Upgrade   Speed    Ports    MACsec
1     l3-prem-macsec  Yes        NA                   NA       NA       Yes


SSH@icx7450#show stack

***** Warning! stack is not enabled. *****

T=5d1h48m0.7: alone: standalone, 😧 dynamic cfg, S: static
ID   Type          Role    Mac Address    Pri State   Comment
1  S ICX7450-32ZP  alone   609c.9f1d.dc90   0 local   None:0


     +---+
  4/1| 1 |
     +---+
Current stack management MAC is 609c.9f1d.dc90


show ntp status
 Clock is synchronized, stratum 3, reference clock is 192.168.10.1
 precision is 2**-16
 reference time is 3786812526.1705005662 (12:22:06.1705005662 GMT-08 Tue Dec 31 2019)
 clock offset is 1.2229 msec, root delay is 0.8835 msec
 root dispersion is 21.5554 msec,  peer dispersion is 12.5557 msec
 system poll interval is 64,  last clock update was 143 sec ago
 NTP server mode is disabled, NTP client mode is enabled
 NTP master mode is disabled, NTP master stratum is 8
 NTP is not in panic mode

Dec 31 12:06:11:https_connmgr_send_request>Entered.
Dec 31 12:06:11:sz_execute_state_machine>Exit with state/event: SZ QUERY/5, TIMER/2002 RC: 1
Dec 31 12:06:14:sz_execute_state_machine>Entering with state/event: SZ QUERY/5, SZ QUERY RESPONSE/2007
Dec 31 12:06:14:sz_parse_sz_query_response -- Status: 400 <<
Dec 31 12:06:14:sz_fsm_sz_query_state>Moving to IP:192.168.10.19 because of retry count: 12
Dec 31 12:06:14:sz_execute_state_machine>Exit with state/event: SZ QUERY/5, SZ QUERY RESPONSE/2007 RC: 1
Dec 31 12:06:29:sz_execute_state_machine>Entering with state/event: SZ QUERY/5, TIMER/2002
Dec 31 12:06:29:

Build String: size 206
============
{"serial_number":"xxxxxxxxxxxx", "ipaddress":"192.168.10.7", "macaddress":"60:9c:9f:1d:dc:90", "switch/stack/spx":"switch", "numOfUnits":1, "firmware_version":"SPR08090d.bin", "switch_model":"ICX7450-32ZP"}
==============

CommScope RUCKUS Community Forums

failed to connect ICX 7150 to SZ