Crazy error message when SSH’ing from vManage to vEdge

Back story here is I did a factory reset on the software via the command line (#request reset configuration).  After the reload and new ZTP pull I tried to connect to the vEdge via SSH from the vManage command line.

I got the following error:

# request execute ssh username@x.x.x.x





Someone could be eavesdropping on you right now (man-in-the-middle attack)!

It is also possible that a host key has just been changed.


This is caused by the SSH hash changing after the new config was applied.  This is to be expected.  I had to have support fix it.  I will update this post when I get a clear response on what they did to fix it.

You have to love the “SOMEONE IS DOING SOMETHING NASTY”.  Never in my wildest dreams did I think I’d see that in production code. 🙂

Cool power off command

Unlike Cisco routers, you power off your Viptela router via the command line.

Why would I not just pull the plug like with Cisco devices?  Excellent question.  It turns out that just pulling the plug “MAY CAUSE DISK CORRUPTION”.  Therefore use the poweroff command.

The shutdown will look like the following:

# poweroff
Are you sure you want to power off the system? [yes,NO] y
Stopping processes and shutting down
Broadcast message from root@vedge (Mon Nov  9 22:28:47 2015):

The system is going down for system halt NOW!
INIT: Switching to runlevel: 0
Stopping viptela daemon: sysmgr.
Deconfiguring network interfaces... done.
Sending all processes the TERM signal...
Sending all processes the KILL signal...
Unmounting remote filesystems...
Deactivating swap...
Unmounting local filesystem...
System halted.

Read more about from Viptela documentation Power Off Command



How to capture traffic on an interface

Yes you are able to capture traffic on an interface of an Viptela router.

Just type the following command:
#tcpdump vpn 0 interface ge0/1 options “-v -n host”
tcpdump -i ge0_1 -s 128 -v -n host in VPN 0
tcpdump: listening on ge0_1, link-type EN10MB (Ethernet), capture size 128 bytes
19:17:47.492894 IP (tos 0x0, ttl 44, id 22942, offset 0, flags [DF], proto TCP (6), length 52)

The above command will show you all the traffic from  and to the host with IP address

You can also change that above command slightly and you’ll be able to see different protocol traffic.  The following command will show protocol 17 traffic.

# tcpdump vpn 0 interface ge0/1 options “-v -n proto 17”
tcpdump -i ge0_1 -s 128 -v -n proto 17 in VPN 0
tcpdump: listening on ge0_1, link-type EN10MB (Ethernet), capture size 128 bytes
19:17:12.988857 IP (tos 0xc0, ttl 64, id 35275, offset 0, flags [DF], proto UDP (17), length 156) > UDP, length 128
19:17:12.988953 IP (tos 0x0, ttl 64, id 26577, offset 0, flags [DF], proto UDP (17), length 44) > UDP, length 16