ONTAP Discussions

Getting "Access Denied" while accessing with mgmt interface IP in ONTAP9.0

Rinku02Bansal
3,187 Views

Hi , 

 

We have cluster  setup of 2 node cluster across 2 VM's - I attempt to SSH into the mgmt interface via PuTTY and I receive "Access Denied" even m putting correct password . I also tried with system manager , getting same error . Am not able to figure out what's wrong with this. Moreover , we are able to take ssh session with node interface IP.Below are some finding.

 

login as: admin
You are accessing ViPR. By using this system you consent to the owning organization's terms and conditions.
Using keyboard-interactive authentication.
Password:
Access denied
Using keyboard-interactive authentication.
Password:
Access denied

 

 

cluster90::security login> show                                                               <--Taken output by accessing node interface

Vserver: cluster90
Authentication Acct Is-Nsswitch
User/Group Name Application Method Role Name Locked Group
---------------- ----------- --------- ---------------- ------ -----------
admin ssh password admin no no

 

 

 

cluster90::> system services firewall policy show    <-- Firewall allowed to ssh 
Vserver Policy Service Allowed
------- ------------ ---------- -------------------
cluster90
data
dns 0.0.0.0/0
ndmp 0.0.0.0/0
ndmps 0.0.0.0/0
cluster90
intercluster
https 0.0.0.0/0
ndmp 0.0.0.0/0
ndmps 0.0.0.0/0
cluster90
mgmt
dns 0.0.0.0/0
http 0.0.0.0/0
https 0.0.0.0/0
ndmp 0.0.0.0/0
ndmps 0.0.0.0/0
ntp 0.0.0.0/0
snmp 0.0.0.0/0
ssh 0.0.0.0/0
14 entries were displayed.

 

 

cluster90::> cluster show
Node Health Eligibility
--------------------- ------- ------------
cluster90-01 true true
cluster90-02 true true
2 entries were displayed.

 

Donot know what thing is blocking access. Any help/advice is appreciated.

 

Thanks



 

 

 

 

2 REPLIES 2

csalitros
3,145 Views

Did you change any of the settings under the ssh configs?

::> security ssh show

 

What firewall polucy is applied to the specific LIFs?

::> net int show -fields firewall-policy

 

 

Rinku02Bansal
3,121 Views

Hello csalitros,

 

We haven't changed anything on security ssh & also not configured on firewall side. With same Configuration, other Cluster Simulator setup(ontap9.2) working fine but facing issue in Ontap9.0

 

cluster90::> security ssh show
Vserver Ciphers Key Exchange Algorithms MAC Algorithms
--------------- ---------------- -------------------------- --------------
cluster90 aes256-ctr, diffie-hellman-group- hmac-sha1,
aes192-ctr, exchange-sha256, hmac-sha1-96,
aes128-ctr, diffie-hellman-group- hmac-sha2-256,
aes256-cbc, exchange-sha1, hmac-sha2-512,
aes192-cbc, diffie-hellman-group14- hmac-sha1-etm,
aes128-cbc, sha1, ecdh-sha2-nistp256, hmac-sha1-96-
3des-cbc, ecdh-sha2-nistp384, etm,
aes128-gcm, ecdh-sha2-nistp521, hmac-sha2-256-
aes256-gcm curve25519-sha256 etm,
hmac-sha2-512-
etm, hmac-md5,
hmac-md5-96,
hmac-
ripemd160,
umac-64,
umac-128,
hmac-md5-etm,
hmac-md5-96-
etm,
hmac-
ripemd160-etm,
umac-64-etm,
umac-128-etm

cluster90::> net int show -fields firewall-policy
(network interface show)
vserver lif firewall-policy
------- ------------------ ---------------
Cluster cluster90-01_clus1
Cluster cluster90-01_clus2
Cluster cluster90-02_clus1
Cluster cluster90-02_clus2
cluster90
cluster90-01_mgmt1 mgmt
cluster90
cluster90-02_mgmt1 mgmt
cluster90
cluster_mgmt mgmt
7 entries were displayed.

 

Public