DX NetOps

Hi,

I've got Spectrum 10.2.1 installed at my customer on 4 Windows 2012R2 machines (2 SS, 1 OC, 1 Jasper) and customer is using NCM to fetch configurations from monitored devices. I'm using custom device families to fetch configurations from Cisco ASA firewalls, BlueCoat devices,... So I've created a new device family for Cisco APIC devices, used the script from Cisco ASA device family and it doesn't work. I get SPC-OCC-10746 error. SPC-NCM-20007: Connection error: Use of uninitialized value in concatenation (.) or string at C:\Windows\TEMP\script_23 line 115. Host 10.1.1.1: Login has failed. Output: .

When I login to this device through Spectrum (right click - SSH), I log in successfully. The same is ok when I log in by using Putty for example, from Spectroserver.

When I try to capture configuration from command line with this script, I get the same login error. So there is some problem in the script itself, in the way it tries to log in to the device. How can I determine what's causing this and what should I change to get the script working for Cisco APIC? Just to repeat, this script is working for other custom device families. I'm attaching the script.

I've found some information about arguments which are used under "my $ssh = Net::SSH::Expect->new ( host => $deviceIP," and tried to use these for example:

ssh_option => '-1 -c 3DES' // tried to change authentication mode

debug => 1 // tried to turn on debugging

protocol => '1' // tried to change SSH version

But none of these worked.

Do you maybe have some advice or hint?

Regards

Doest the device support SSH v2.x?

Did you try to copy/paste the whole script in an external file and run it manually with the appropriate arguments? With the Perl debugger? Should help a lot!

Device is using SSHv2.

I've turned on Perl debugger but I don't know how to interpret its output.

I've looked into Wireshark and I see that keys are exchanged during establishing SSH session but then communication becomes encrypted and it stops. I don't know why.

Maybe there is some issue with Net::SSH:Expect module which is used in the script. I really cannot find a difference between other devices where script is successfully used and this one which keeps failing.

Script is attached in my first post.

When I run the script manually, I get this:

e:\Temp>perl script.pl 10.1.1.1 user pass1 pass2 10 10
Use of uninitialized value in concatenation (.) or string at script.pl line 115.

Host 10.1.1.1:
Login has failed. Output:

If this is the case, how come this script works on all other devices? The same password (it includes some special characters) is used.

Device is reachable because I can log in through Spectrum, through command line, through Putty.

When I try to use the script with pass which doesn't contain special characters (a fake password obviously), I get this output:

Host 10.1.1.1:
Login has failed. Didn't see device prompt as expected.

I'm using Perl provided with Spectrum.

I've tested script behavior by using user/pass which doesn't contain any special characters and it failed again with the same error message. When I try to access this device from Spectrum with the same credentials, it succeeds. So special characters are not the issue here.

Deleting known_hosts entry doesn't help. I'm searching for other options.