3 Replies Latest reply on Aug 26, 2016 1:19 AM by Amol Kotwal

    Device Snapshots failing from BNA

    Amol Kotwal

      Hi Experts,

       

      We are adding some switche devices to BNA.

      While taking snapshot of the devices we are getting below error:-

       

      We are able to take manual snapshot successfully.

       

       

      Your help would be appreciated.

       

      Thanks & Regards,

      Amol Kotwal

        • 1. Re: Device Snapshots failing from BNA
          James Smith

          The issue is the BNA SSH client was unable to establish a connection. Since we're FIPS compliant Some older devices fail connection due to not supporting the more secure algorithms. Also We deprecated support for SSH-1 and only support SSH-2.

           

          Suggestions:

           

          From the application server try to manually connect to the device using SSH -2.

           

          If the above succeeds then try:

           

          In the <BNA-Data>\global.properties.imported search for 'fips' and you'll find this parameter:
          --------------------------------------------
          # Flags whether we will use strict FIPS-140 compliant encryption algorithms or
          # not in our JCE provider.  If set to true, then SSH connections made by BNA
          # to non-compliant network devices will fail, and certain SSH connections made by
          # a non-compliant external client to the BNA proxy server will also fail.
          #     Default = true
          #
          #fipsMode=true
          --------------------------------------------

          Try disabling by removing the '#' character and changing the 'true' to 'false' like this:

          ---------------------------------------------
          # Flags whether we will use strict FIPS-140 compliant encryption algorithms or
          # not in our JCE provider.  If set to true, then SSH connections made by BNA
          # to non-compliant network devices will fail, and certain SSH connections made by
          # a non-compliant external client to the BNA proxy server will also fail.
          #     Default = true
          #
          fipsMode=false
          -------------------------------------------

           

          Restart the webservice then re-try the snapshot job.

          1 of 1 people found this helpful
          • 2. Re: Device Snapshots failing from BNA
            Amol Kotwal

            Thanks James for your response. I will try your suggestion and check how it goes.

            • 3. Re: Device Snapshots failing from BNA
              Amol Kotwal

              That solution works like a charm. Thanks for your answer, much appreciated.