3 Replies Latest reply on Nov 30, 2017 6:50 AM by Bayu Wibowo

    SSH to VM behind ESG/DLR stops working (diagram included) -- "software caused connection abort"

    5mall5nail5 Enthusiast

      Hi all -

       

      I am playing with NSX in a lab.  I have the following scenario setup:

       

      NSX Diagram.jpg

       

      I'd like to get OSPF working with the pfSense, but for now I have static routes which work fine.  I have route redistribution setup for connected and static.  When I do "show ip route" on the ESG I see:

       

      kcloud1esg1-0> show ip route

       

      Codes: O - OSPF derived, i - IS-IS derived, B - BGP derived,

      C - connected, S - static, L1 - IS-IS level-1, L2 - IS-IS level-2,

      IA - OSPF inter area, E1 - OSPF external type 1, E2 - OSPF external type 2,

      N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       

      Total number of routes: 5

      S       0.0.0.0/0            [0/0]         via 192.168.50.1

      C       10.250.250.0/24      [0/0]         via 10.250.250.1

      O   E2  10.251.251.0/24      [110/0]       via 10.250.250.2

      O   E2  10.252.252.0/24      [110/0]       via 10.250.250.2

      C       192.168.50.0/24      [0/0]         via 192.168.50.254

       

      I have the firewall turned off and all of my VMs are in the "Exclusion List" within the NSX Manager (not entirely sure what this does yet but it seemed to be something I might want to use up front).

       

      I can SSH to 10.251.251.200 from 192.168.50.19 - I connect.  I can ping google from 10.251.251.200 and I can update the Linux VM, no problem.  However, after a somewhat random amount of time between 15 - 45 seconds, SSH will drop and I cannot figure out why!  If I restart the putty session it re-establishes just fine.. but will drop again.

       

      Any thoughts?

       

      Edit:  I should mention I am running NSX 6.3.5, but this occurred on 6.3.3 as well.

       

      Edit 2:  In an effort to not be defeated by this, I've performed a packet capture from the desktop I am SSH'ing from.  Got some yucky stuff just prior to the SSH drop:

       

      wireshark.jpg

       

      Thanks!