Operational Defect Database
BugZero updated this defect 58 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
VMware | 379046
Ionix NCM/VoyenceControl: Login over TACACS protocol to Cisco CatOS switches fails when using CutThru proxy
Last update date:
3/22/2024
Affected products:
Smart Assurance - NCM
Affected releases:
No affected releases provided.
Fixed releases:
No fixed releases provided.
Description:
Symptoms
Ionix Network Configuration Manager (Ionix NCM) login over TACACS protocol to Cisco CatOS switches fails when using CutThru proxyIonix NCM/VoyenceControl login over TACACS protocol to Cisco CatOS switches fails when using CutThru proxyIonix NCM/VoyenceControl login over TACACS protocol to Cisco CatOS switches fails and CutThru logs show the following: Oct 04 15:13:03 163160/cutthru(2715)#4: DASL: termLogin: WARNING - Telnet No Login or Device Prompt detected Oct 04 15:13:03 163160/cutthru(2715)#4: DASL: termLogin: Sending new line Oct 04 15:13:03 163160/cutthru(2715)#4: DASL: termLogin: Waiting on device prompts Oct 04 15:13:03 163160/cutthru(2715)#1: State match:[1007][[^%].*([Ii]ncorrect"[Ii]nvalid"[Bb]ad.*assord"[Ww]rong[^l]"Permission denied"Backup authentication"Authentication failed)] ROSECUTION~~~~~~~username:~~~~[
Cause
The above problem symptoms occur because the driver does not detect the "username:" prompt and tries to send a newline. This behaves like entering a blank username, and error prompt is generated. The prompts for CatOS are defined in the following location on the VoyenceControl server: /opt/voyence/package/pkgxml/CiscoCatOSSwitch/CiscoCatOSSwitchPrompts.xml <LoginPromptState> <ID>1004</ID> <Expr><![CDATA[ ?Username ?:"[Ii][Dd]:]]></Expr> </LoginPromptState> <PasswordPromptState> <ID>1005</ID> <Expr><![CDATA[assword:"Staff-Only]]></Expr> </PasswordPromptState> The pattern "?Username ?:"[Ii][Dd]:" is not able to match "username:".
Resolution
If you encounter this issue, you must create a custompackage entry for the CatOS prompts file and modify it as follows: On the Ionix NCM/VoyenceControl device server(s), copy the CiscoCatOSSwitchPrompts.xml file found here: /opt/voyence/package/pkgxml/CiscoCatOSSwitch/CiscoCatOSSwitchPrompts.xml Paste the CiscoCatOSSwitchPrompts.xml file copied in the preceding step to the following location: /opt/voyence/custompackage/pkgxml/CiscoCatOSSwitch/CiscoCatOSSwitchPrompts.xml Note: If any of the above directory structure under /opt/voyence/custompackage/ is missing, you must create it before pasting the CiscoCatOSSwitchPrompts.xml file. Edit the custompackage file and change the LoginPromptState pattern so that it matches the following: <LoginPromptState> <ID>1004</ID> <Expr><![CDATA[ ?[Uu]sername ?:"[Ii][Dd]:]]></Expr> </LoginPromptState> This creates a character class to match either`U or `u for that character position. Attempt the CutThru login again. There should be no need to restart any services as the prompt file lookup is dynamic.If the login still fails with the same messages in the logs, restart VoyenceControl and try again.If the issue is still not resolved, ensure that the credentials marked for CUT THRU are correct in the Device Properties > Communication tab of VoyenceControl. There are separate credential assignments for normal management and CutThru.
