WAN Routing

HPE MSR3012 Router login failure

 
SOLVED
Go to solution
Novis1
Occasional Advisor

HPE MSR3012 Router login failure

Hi,

I have a HP MSR3012 Router that denied my access via telnet. Each time, when I did a telnet command at the command prompt, it states login failed and after a few seconds, it states connection to host lost. I tried using ssh to enter but not able to. I also used Putty but still the same result. Is there any way to bypass it?

In addition, it doesn't allow me to key in the credentials and pop-up the login failed message on the screen.

 

 

 

8 REPLIES 8
Ivan_B
HPE Pro
Solution

Re: HPE MSR3012 Router login failure

Hi @Novis1 !

If it was working before, the possible cause is that this router had RADIUS or TACACS authentication configured without any fallback and now the authentication server is not reachable. Try to check if the router didn't lose connection to such server. Otherwise I am afraid the only way to connect to your router in this situation is to use console port. And hope you or somebody else didn't setup RADIUS on the console as well...

If console login doesn't work as well, then you need to bypass authentication by skipping current system configuration on the next reboot through the Bootrom menu, load the old config while you are logged in and change the authentication scheme and/or login credentials. Here you can find an example of this process - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00060022en_us , page 83, "Using the Skip Current System Configuration option"

 

 

I am an HPE employee

Accept or Kudo

akg7
HPE Pro

Re: HPE MSR3012 Router login failure

Hello @Novis1 ,

If console access worked then try to capture 'display logbuffer reverse'

 

Thanks!

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
Novis1
Occasional Advisor

Re: HPE MSR3012 Router login failure

Hi Ivan,

Thanks for the info.

The router is currently alive and active and I do not have any spare router. If I were to reboot the router while having the cables connected, I think it will be chaotic. Nevertheless, thanks for replying on my query, I hope I can get through from the console. 

 

Ivan_B
HPE Pro

Re: HPE MSR3012 Router login failure

I understand, any infrastructure device reboot is highly undesirable event in any network... BTW, don't you have the router's configuration saved anywhere? If you have it and if we can assume this copy is the same config as the one installed in the router we could check for possible causes for this mess with SSH and Telnet logins...

 

I am an HPE employee

Accept or Kudo

Novis1
Occasional Advisor

Re: HPE MSR3012 Router login failure

Hi akg7,

What is display logbuffer reverse and what does it do?

 

 

 

Novis1
Occasional Advisor

Re: HPE MSR3012 Router login failure

Hi Ivan, 

Unfortunately, neither I have the router config files nor the knowledge of the credentials and whatsmore, I am a newly joined employee to the company. 

akg7
HPE Pro

Re: HPE MSR3012 Router login failure

Hello @Novis1 ,

Logbuffer are the logs captured when you tried to login via telnet or ssh.

It will help to identify the reason.

 

But this is possible only when you are able to access the switch via  console.

Thanks!

 

Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
Novis1
Occasional Advisor

Re: HPE MSR3012 Router login failure

I manage to login via the console port and I saw many messages about vty failed for login from many IP addresses, hence I believe there are many attackers trying to attack the router. How do I stop it from displaying those messages?