PowerConnect 3424P - The server at XX.YY.ZZ.AA is taking too long to respond

Are you able to ping the stated IP address successfully from your management PC?

Did you follow all the below steps when setting up the ssh server?

PC1-3424# configure

PC1-3424(config)# ip https server

01-Jan-2000 03:03:39 %HTTP_HTTPS-W-NOCERTIFICATE: HTTPS server has

been enabled but a certificate was not found.

For certificate generation use the - 'crypto certificate

certificate-number generate key-generate' command. The service will

start automatically when a certificate is generated.

PC1-3424(config)# ip https port 443

PC1-3424(config)# crypto certificate 1 generate key-generate

Generating RSA private key, 1024 bit long modulus

PC1-3424(config)# crypto key generate dsa

Replace Existing DSA(DSS) Key [y/n]? y

The SSH service is generating a private DSA key.

This may take a few minutes, depending on the key size.

...................................................................

...................................................................

...................................................................

...................................................................

...................................................................

........................................

PC1-3424(config)# crypto key generate rsa

Replace Existing RSA Key [y/n]? y

The SSH service is generating a private RSA key.

This may take a few minutes, depending on the key size. .............

PC1-3424(config)#  exit

PC1-3424# show crypto key mypubkey dsa dsa key data:

ssh-dss AAAAB3NzaC1kc3MAAAEBANuWCXCyLe4+lcVesINmuWbSdjk/IUmC 3JIPadQSX78HgE76DeHaIbZtv2VEVag9v3P0tk2KZn6zHUfh7y1UfEi8qyI7 7SWXMrkG8ISZYfRkMiPxnIIgEprenKHxlhxnQCSmH5w2J/SnA0RFHbwVuUiu uWn4YabG+pnrHAOm/Z5cQ5i2KwQU3b/1sEfGYKeifMjPnTQ+ugApN/0pF6oh koKrelGJVcwKBrd2vCd61NAJRKqk6p2Js6KVi6f36ftmtI+cIOQcdjzcch+m gcCMEqVrjImfoMLXKGign8kIqShrQjipHIvuhLcfK7vUwos1JhrQsgR5PVVp suJ2kVsJgUkAAAAVAIsFKsqhEncFR41g249si3XNVWNpAAABAQCyhb8xdt1F

PC1-3424# show crypto key mypubkey rsa rsa key data:

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu2f/tPmbsC4zKsw5H82L9Bo2 kYEy9J2Q/N8HEjKsz5wkxzBp+q0FEokAbNO75jqClD9oh42KQpavl5PKFbTS g/Gj7eSNgBPxRvddwFoM7u/d1RN9uJIPtoss+XrCAvqkCV6P+bP/j8+findV p65aJnZqBiePR+wWQZA8qErfqjtRIY5tWnYtRr2jRmniTSBKAFWD4xaQuKiy Kr/edpFXhFgVZBwmrs5vwsabzyV4lDxvhOmT1I78BB18WnPzGsJUs/pYEvoA PHXCkyic6m+N8WJ4YKxllnDMSDvkEaAUzdqZqAAeRkUAWMjrRNXaQHCIGNVd LHakK6EjIYJLZ48rqw==

PC1-3424# show ip https

HTTPS server enabled. Port: 443

Certificate 1 is active.

Issued by : C=  , ST= , L= , CN=10.0.0.10, O= , OU=

Valid From: Jan  1 03:09:23 2000 GMT

Valid to: Dec 31 03:09:23 2000 GMT

Subject: C=  , ST= , L= , CN=10.0.0.10, O= , OU=

SHA1 Fingerprint: 3C0D1309 36014C40 22705F0A 96C0FF97 20A6B066

Certificate 2 does not exist.

Are you able to ping the switch? Telnet/SSH to the switch?

What browser are you using? Have you tried other browsers?

Sorry for the delay -- I tried the above and I am still getting the same result.

What firmware level is the switch at? What IP address has been assigned to it?

Ping - yes

Telnet - No

FF, Chrome & IE -- nothing connects

The firmware is a little out of date. Ensuring that is up to date can help with switch operability.

www.dell.com/.../powerconnect-3448

There was another forum user with a 55xx switch that exhibits similar behavior. The switch also had a similar IP address. something i suggested to them, but have not heard back on, is changing the IP address so there is not a 0 in it. So something like 10.1.1.53. Test with an IP address like that and not any behavior changes.

Thanks

SW v2.0.0.21

Boot v1.0.1.01

HW v00.00.01

IP address 10.1.0.53

I actually have three of these switches, but only looked at one as the others are in different buildings.  I suspect the others are at the same version level, but with different ip addresses --

I suspected the firmware may have been out of date (the down side to inheriting someone else's network). W/r/t to the IP address, we have other switches with a similar IP structure, but, those are 3548P and not 3424P devices.  Would that make a difference?

Thanks for the quick response...

Tim

The 3548 uses similar firmware to 3424. The IP address is a similarity between the different cases. If it is not something you can test out, i will see if there is a way for me to test.

I have not yet tried the firmware update  -- I would be using Xmodem (I do not have a TFTP set up yet), and the intructions said it may take an hour to complete.

In the mean time, here is the running config (if it helps)

spanning-tree mode rstp

interface range ethernet e(1-24)

spanning-tree portfast

exit

interface ethernet g1

description "1Gbps Fiber Feed from Server Room"

exit

interface ethernet g4

description "Backup Server in Sprinkler Room"

exit

interface range ethernet e(1-23)

switchport mode general

exit

interface ethernet g1

switchport mode trunk

exit

vlan database

vlan 11,254,531-532

exit

interface ethernet e1

switchport general pvid 531

exit

interface ethernet e2

switchport general pvid 531

exit

interface ethernet e3

switchport general pvid 531

exit

interface ethernet e4

switchport general pvid 531

exit

interface ethernet e5

switchport general pvid 531

exit

interface ethernet e6

switchport general pvid 531

exit

interface ethernet e7

switchport general pvid 531

exit

interface ethernet e8

switchport general pvid 531

exit

interface ethernet e9

switchport general pvid 531

exit

interface ethernet e10

switchport general pvid 531

exit

interface ethernet e11

switchport general pvid 531

exit

interface ethernet e12

switchport general pvid 531

exit

interface ethernet e13

switchport general pvid 531

exit

interface ethernet e14

switchport general pvid 531

exit

interface ethernet e15

switchport general pvid 531

exit

interface ethernet e16

switchport general pvid 531

exit

interface ethernet e17

switchport general pvid 531

exit

interface ethernet e18

switchport general pvid 531

exit

interface ethernet e19

switchport general pvid 531

exit

interface ethernet e20

switchport general pvid 531

exit

interface ethernet e21

switchport general pvid 531

exit

interface ethernet e22

switchport general pvid 531

exit

interface ethernet e23

switchport general pvid 531

exit

interface ethernet g4

switchport access vlan 11

exit

interface ethernet g1

switchport trunk allowed vlan add 11

exit

interface range ethernet e(1-23)

switchport general allowed vlan add 254

exit

interface ethernet g1

switchport trunk allowed vlan add 254

exit

interface range ethernet e(1-23)

switchport general allowed vlan add 531 untagged

exit

interface ethernet g1

switchport trunk allowed vlan add 531

exit

interface ethernet e24

switchport access vlan 532

exit

interface ethernet g1

switchport trunk allowed vlan add 532

exit

interface vlan 11

name Servers

exit

interface vlan 254

name "Phone VLAN"

exit

interface vlan 1

ip address 10.1.0.53 255.255.255.0

exit

ip default-gateway 10.1.0.254

hostname Gym

line console

speed 115200

exit

management access-list admin

permit ip-source 10.1.1.1

permit ip-source 10.1.0.0 mask 255.255.255.0

exit

management access-list allowHTTPS

permit service https

permit service telnet

exit

management access-class admin

logging 10.1.1.1

username user1 password ...... level 15 encrypted

username user2 password ...... level 15 encrypted

ip ssh server

snmp-server community 93a168 rw 10.1.1.1 view DefaultSuper

ip https server

I have a total of 7 3424P servers -- all with the same behavior

Does the running config provide any clues?

Thankd

Tim

I looks like there may be some commands missing. I would go back through the config and make sure SSH,HTTP,HTTPS, crypto commands are in place. Here are some examples taken from the user guide.

Page 69

Configuring an Initial SSH password

To configure an initial SSH password, enter the following commands:

console(config)# aaa authentication login default line

console(config)# aaa authentication enable default line

console(config)# line ssh

console(config-line)# login authentication default

console(config-line)# enable authentication default

console(config-line)# password jones.

• When initially logging onto a device through a SSH session, enter jones at the

password prompt.

• When changing a device’s mode to enable, enter jones.

Configuring an Initial HTTP Password

To configure an initial HTTP password, enter the following commands:

console(config)# ip http authentication local

console(config)# username admin password user1 level 15

Configuring an initial HTTPS password:

To configure an initial HTTPS password, enter the following commands:

console(config)# ip https authentication local

console(config)# username admin password user1 level 15

Enter the following commands once when configuring to use a terminal, a Telnet, or an SSH

session in order to use an HTTPS session.

NOTE: In the Web browser enable SSL 2.0 or greater for the page content to be displayed.

console(config)# crypto certificate generate key_generate

console(config)# ip https server

That did it!  Thanks.  We are going to update the firmware on the switch which should alleviate the rest of the issues with it.