Would it possible to provide
show configuration commands | strip-private
sudo su
#ss -tln
Is there a way to output that in txt format and email it from VyOS to my email address somehow? Otherwise, I’m up to 16 screenshots so far and a few more needed, taken off KVM console access method. It’s cumbersome. Appreciate the help though.
show configuration commands | strip-private > /tmp/config.txt
sudo su
scp /tmp/config.txt <TO SOMEWHERE>
Will that help?
Got it, thanks. Attached.
VyOS 1
https://pastebin.com/C6VjYvki
pw: 2FejZ4xDmG
VyOS 2
https://pastebin.com/zMusS00w
pw: 6Sqc1YyK7z
Just keen to know you are running ssh on port 205 and I hope you are using port parameter while doing ssh to vyos?
ssh -p205 user@VYOS
Yes, it’s been saved in my SSH software, SecureCRT. Been using it for years. Nothing has changed as far as SSH port, passwords, etc recently. Just IP reassignments among VLANs.
Ensure you are listening on port 205?
sudo su
ss -tln
It looks like definitely to me a network level issue rather than vyos. May be capturing packets on device would help as well
tcpdump -nni any port 205 and host <IPADDRESS FROM WHERE YOU INITIATE SSH>
@Bashed You did not understand me.
- I asked you to show me results of ping and traceroute to Cisco and to VyOS from your computer where you have a problem with ssh.
- I asked to run commands on each VyOS routers, not on Cisco.
I cannot ping any Cisco or VyOS device from my computer. 100% packet loss / timeouts
VyOS 1
Tracing route to vy-1-18-pe1-nj.xxxxxx.com [xxx.xxx.55.210]
over a maximum of 30 hops:
1 3 ms 1 ms 1 ms amplifi.lan [192.168.172.1]
2 * * * Request timed out.
3 12 ms 13 ms 9 ms 67.59.236.65
4 10 ms 10 ms 11 ms opti34-148.nassau.cv.net [167.206.34.148]
5 17 ms 12 ms 12 ms 451be068.cst.lightpath.net [65.19.99.104]
6 15 ms 11 ms 13 ms 64.15.2.46
7 14 ms 12 ms 12 ms 4.34.79.45
8 14 ms 11 ms 12 ms IRON-MOUNTA.edge5.Newark1.Level3.net [4.59.191.14]
9 18 ms 12 ms 13 ms 148.51.253.57
10 * * * Request timed out.
11 * * * Request timed out.
12 *
VyOS 2
Tracing route to vy-1-18-pe2.nj.xxxxxx.com [xxx.xxx.55.214]
over a maximum of 30 hops:
1 3 ms 3 ms 1 ms amplifi.lan [192.168.172.1]
2 * * * Request timed out.
3 12 ms 9 ms 9 ms 67.59.236.65
4 16 ms 10 ms 8 ms opti34-148.nassau.cv.net [167.206.34.148]
5 11 ms 11 ms 13 ms 451be068.cst.lightpath.net [65.19.99.104]
6 11 ms 12 ms 12 ms 64.15.3.124
7 12 ms 28 ms 10 ms 4.34.79.45
8 11 ms 12 ms 11 ms IRON-MOUNTA.edge5.Newark1.Level3.net [4.59.191.14]
9 20 ms 11 ms 11 ms 148.51.253.59
10 * * * Request timed out.
11 * * * Request timed out.
Cisco 1
Tracing route to xxx.xxx.19.52 over a maximum of 30 hops
1 2 ms 1 ms 1 ms amplifi.lan [192.168.172.1]
2 * * * Request timed out.
3 12 ms 10 ms 8 ms 67.59.236.65
4 15 ms 11 ms 10 ms opti34-148.nassau.cv.net [167.206.34.148]
5 14 ms 12 ms 10 ms 451be068.cst.lightpath.net [65.19.99.104]
6 13 ms 13 ms 15 ms 451be073.cst.lightpath.net [65.19.99.115]
7 19 ms 26 ms 13 ms 4.34.79.45
8 43 ms 21 ms 13 ms IRON-MOUNTA.edge5.Newark1.Level3.net [4.59.191.14]
9 12 ms 13 ms 13 ms 148.51.253.57
10 * * * Request timed out.
Cisco 2
Tracing route to xxx.xxx.19.53 over a maximum of 30 hops
1 2 ms 1 ms 1 ms amplifi.lan [192.168.172.1]
2 * * * Request timed out.
3 11 ms 9 ms 13 ms 67.59.236.65
4 13 ms 19 ms 10 ms opti34-150.nassau.cv.net [167.206.34.150]
5 * 13 ms 12 ms 64.15.4.134
6 11 ms 12 ms 12 ms 64.15.3.124
7 12 ms 19 ms 16 ms 4.34.79.45
8 12 ms 13 ms 12 ms IRON-MOUNTA.edge5.Newark1.Level3.net [4.59.191.14]
9 16 ms 11 ms 12 ms 148.51.253.57
10 * * * Request timed out.
Cisco 3
Tracing route to xxx.xxx.47.198 over a maximum of 30 hops:
1 2 ms 2 ms 3 ms amplifi.lan [192.168.172.1]
2 * * * Request timed out.
3 10 ms 9 ms 9 ms 67.59.236.65
4 12 ms 11 ms 10 ms opti34-148.nassau.cv.net [167.206.34.148]
5 15 ms 12 ms 13 ms 451be068.cst.lightpath.net [65.19.99.104]
6 14 ms 14 ms 13 ms 64.15.3.142
7 14 ms 15 ms 12 ms 4.34.79.45
8 13 ms 13 ms 15 ms IRON-MOUNTA.edge5.Newark1.Level3.net [4.59.191.14]
9 18 ms 16 ms 12 ms 148.51.253.57
10 * * * Request timed out.
Cisco 4
Tracing route to xxx.xxx.47.199 over a maximum of 30 hops:
1 1 ms 1 ms 1 ms amplifi.lan [192.168.172.1]
2 * * * Request timed out.
3 9 ms 11 ms 11 ms 67.59.236.65
4 132 ms 13 ms 10 ms opti34-150.nassau.cv.net [167.206.34.150]
5 14 ms 11 ms 15 ms 64.15.4.108
6 13 ms 14 ms 11 ms 64.15.3.142
7 13 ms 12 ms 15 ms 4.34.79.45
8 14 ms 12 ms 11 ms IRON-MOUNTA.edge5.Newark1.Level3.net [4.59.191.14]
9 13 ms 12 ms 13 ms 148.51.253.57
10 * * * Request timed out.
Ok. Now the second part.
I asked to run commands on each VyOS routers, not on Cisco.
Run show vrrp
Run show ip route Your_host_Public_IP
You did not understand again
Run show ip route Your_host_Public_IP.
Your_host_Public_IP - host where you could not get ssh access to Cisco.
Hate to bump this but I would really appreciate if I can get this resolved from this community’s help. In a bit of a hard spot with my IT guy being mia so any help is appreciated.
Have you tried capturing the packet vyos using sudo su are you seeing packets on port 205 on your router?
Not sure how but can learn quick if you give me the steps / commands to run.
I had already frwarded those
login to vyos
sudo su
tcpdump -nni any port 205
If you are able to see the packets then press CTRL+C
and then capture those packets in .pcap file
tcpdump -nni any port 205 -w /var/log/205.pcap
