This post is more than 5 years old
15 Posts
0
54432
PowerConnect 3424P - The server at XX.YY.ZZ.AA is taking too long to respond
I get this message when I try to use the web interface on my 3424P switch. I executed the "ip https server" command and created an administrator username with level 15 access using the terminal connection.
Did I miss something?
Thanks
Tim
DELL-Willy M
802 Posts
1
July 17th, 2013 14:00
Are you able to ping the stated IP address successfully from your management PC?
Did you follow all the below steps when setting up the ssh server?
PC1-3424# configure
PC1-3424(config)# ip https server
01-Jan-2000 03:03:39 %HTTP_HTTPS-W-NOCERTIFICATE: HTTPS server has
been enabled but a certificate was not found.
For certificate generation use the - 'crypto certificate
certificate-number generate key-generate' command. The service will
start automatically when a certificate is generated.
PC1-3424(config)# ip https port 443
PC1-3424(config)# crypto certificate 1 generate key-generate
Generating RSA private key, 1024 bit long modulus
PC1-3424(config)# crypto key generate dsa
Replace Existing DSA(DSS) Key [y/n]? y
The SSH service is generating a private DSA key.
This may take a few minutes, depending on the key size.
...................................................................
...................................................................
...................................................................
...................................................................
...................................................................
........................................
PC1-3424(config)# crypto key generate rsa
Replace Existing RSA Key [y/n]? y
The SSH service is generating a private RSA key.
This may take a few minutes, depending on the key size. .............
PC1-3424(config)# exit
PC1-3424# show crypto key mypubkey dsa dsa key data:
ssh-dss AAAAB3NzaC1kc3MAAAEBANuWCXCyLe4+lcVesINmuWbSdjk/IUmC 3JIPadQSX78HgE76DeHaIbZtv2VEVag9v3P0tk2KZn6zHUfh7y1UfEi8qyI7 7SWXMrkG8ISZYfRkMiPxnIIgEprenKHxlhxnQCSmH5w2J/SnA0RFHbwVuUiu uWn4YabG+pnrHAOm/Z5cQ5i2KwQU3b/1sEfGYKeifMjPnTQ+ugApN/0pF6oh koKrelGJVcwKBrd2vCd61NAJRKqk6p2Js6KVi6f36ftmtI+cIOQcdjzcch+m gcCMEqVrjImfoMLXKGign8kIqShrQjipHIvuhLcfK7vUwos1JhrQsgR5PVVp suJ2kVsJgUkAAAAVAIsFKsqhEncFR41g249si3XNVWNpAAABAQCyhb8xdt1F
PC1-3424# show crypto key mypubkey rsa rsa key data:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu2f/tPmbsC4zKsw5H82L9Bo2 kYEy9J2Q/N8HEjKsz5wkxzBp+q0FEokAbNO75jqClD9oh42KQpavl5PKFbTS g/Gj7eSNgBPxRvddwFoM7u/d1RN9uJIPtoss+XrCAvqkCV6P+bP/j8+findV p65aJnZqBiePR+wWQZA8qErfqjtRIY5tWnYtRr2jRmniTSBKAFWD4xaQuKiy Kr/edpFXhFgVZBwmrs5vwsabzyV4lDxvhOmT1I78BB18WnPzGsJUs/pYEvoA PHXCkyic6m+N8WJ4YKxllnDMSDvkEaAUzdqZqAAeRkUAWMjrRNXaQHCIGNVd LHakK6EjIYJLZ48rqw==
PC1-3424# show ip https
HTTPS server enabled. Port: 443
Certificate 1 is active.
Issued by : C= , ST= , L= , CN=10.0.0.10, O= , OU=
Valid From: Jan 1 03:09:23 2000 GMT
Valid to: Dec 31 03:09:23 2000 GMT
Subject: C= , ST= , L= , CN=10.0.0.10, O= , OU=
SHA1 Fingerprint: 3C0D1309 36014C40 22705F0A 96C0FF97 20A6B066
Certificate 2 does not exist.
Prof.Tim.Smith
15 Posts
0
August 2nd, 2013 07:00
Sorry for the delay -- I tried the above and I am still getting the same result.
Prof.Tim.Smith
15 Posts
0
August 2nd, 2013 08:00
Ping - yes
Telnet - No
FF, Chrome & IE -- nothing connects
Prof.Tim.Smith
15 Posts
0
August 2nd, 2013 09:00
SW v2.0.0.21
Boot v1.0.1.01
HW v00.00.01
IP address 10.1.0.53
I actually have three of these switches, but only looked at one as the others are in different buildings. I suspect the others are at the same version level, but with different ip addresses --
Prof.Tim.Smith
15 Posts
0
August 2nd, 2013 09:00
I suspected the firmware may have been out of date (the down side to inheriting someone else's network). W/r/t to the IP address, we have other switches with a similar IP structure, but, those are 3548P and not 3424P devices. Would that make a difference?
Thanks for the quick response...
Tim
Prof.Tim.Smith
15 Posts
0
August 2nd, 2013 12:00
I have not yet tried the firmware update -- I would be using Xmodem (I do not have a TFTP set up yet), and the intructions said it may take an hour to complete.
In the mean time, here is the running config (if it helps)
spanning-tree mode rstp
interface range ethernet e(1-24)
spanning-tree portfast
exit
interface ethernet g1
description "1Gbps Fiber Feed from Server Room"
exit
interface ethernet g4
description "Backup Server in Sprinkler Room"
exit
interface range ethernet e(1-23)
switchport mode general
exit
interface ethernet g1
switchport mode trunk
exit
vlan database
vlan 11,254,531-532
exit
interface ethernet e1
switchport general pvid 531
exit
interface ethernet e2
switchport general pvid 531
exit
interface ethernet e3
switchport general pvid 531
exit
interface ethernet e4
switchport general pvid 531
exit
interface ethernet e5
switchport general pvid 531
exit
interface ethernet e6
switchport general pvid 531
exit
interface ethernet e7
switchport general pvid 531
exit
interface ethernet e8
switchport general pvid 531
exit
interface ethernet e9
switchport general pvid 531
exit
interface ethernet e10
switchport general pvid 531
exit
interface ethernet e11
switchport general pvid 531
exit
interface ethernet e12
switchport general pvid 531
exit
interface ethernet e13
switchport general pvid 531
exit
interface ethernet e14
switchport general pvid 531
exit
interface ethernet e15
switchport general pvid 531
exit
interface ethernet e16
switchport general pvid 531
exit
interface ethernet e17
switchport general pvid 531
exit
interface ethernet e18
switchport general pvid 531
exit
interface ethernet e19
switchport general pvid 531
exit
interface ethernet e20
switchport general pvid 531
exit
interface ethernet e21
switchport general pvid 531
exit
interface ethernet e22
switchport general pvid 531
exit
interface ethernet e23
switchport general pvid 531
exit
interface ethernet g4
switchport access vlan 11
exit
interface ethernet g1
switchport trunk allowed vlan add 11
exit
interface range ethernet e(1-23)
switchport general allowed vlan add 254
exit
interface ethernet g1
switchport trunk allowed vlan add 254
exit
interface range ethernet e(1-23)
switchport general allowed vlan add 531 untagged
exit
interface ethernet g1
switchport trunk allowed vlan add 531
exit
interface ethernet e24
switchport access vlan 532
exit
interface ethernet g1
switchport trunk allowed vlan add 532
exit
interface vlan 11
name Servers
exit
interface vlan 254
name "Phone VLAN"
exit
interface vlan 1
ip address 10.1.0.53 255.255.255.0
exit
ip default-gateway 10.1.0.254
hostname Gym
line console
speed 115200
exit
management access-list admin
permit ip-source 10.1.1.1
permit ip-source 10.1.0.0 mask 255.255.255.0
exit
management access-list allowHTTPS
permit service https
permit service telnet
exit
management access-class admin
logging 10.1.1.1
username user1 password ...... level 15 encrypted
username user2 password ...... level 15 encrypted
ip ssh server
snmp-server community 93a168 rw 10.1.1.1 view DefaultSuper
ip https server
I have a total of 7 3424P servers -- all with the same behavior
Does the running config provide any clues?
Thankd
Tim
Prof.Tim.Smith
15 Posts
0
August 6th, 2013 07:00
I ran the commands from the last post, and now I am unable to get a serial connection to the switch through the COM port -- I am getting the error message
Cannot authenticate user
Bad configuration or inaccessible server, prevent authentication
Please reconfigure or use Password Recovery
I think I screwed something up (no surprise!) -- is the recoverable, or do I need to do a factory reset? I am planning on upgrading the firmware on the device so I can properly configure it through the web interface
Thanks
Tim
Prof.Tim.Smith
15 Posts
0
August 9th, 2013 07:00
That did it! Thanks. We are going to update the firmware on the switch which should alleviate the rest of the issues with it.