No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


After a VPN Instance Is Configured on the Interface Connecting an NE40E to eSight, Configuration Backup Fails on eSight

Publication Date:  2019-04-19 Views:  172 Downloads:  0

Issue Description

A customer uses eSight to back up configurations for network devices. It is found that switch configurations can be properly backed up, but other devices, such as routers, cannot.

Handling Process

1. Check that network devices are managed by eSight, indicating that eSight is properly interconnected with the NEs.

2. Check that the management address of the switch is on the same network segment as that of the router. This indicates that the switch can be backed up properly and the backup function (backup through FTP) on the eSight is normal.

3. On the router, use FTP to communicate with the eSight server. It is found that the login and ping fail.

4. Check the configuration of the management interface on the router. It is found that a VPN instance is bound to the management interface. With the VPN instance, FTP can be used to communicate with the eSight server.

Root Cause

Many services are running on the router. Therefore, multiple static routes and default routes need to be configured on the router. To prevent interference between services, VPN multi-instance is configured, and a VPN instance is bound to the management interface of the router.

When eSight uses FTP to back up configurations, the eSight server sends a command FTP X.X.X.X (eSight address) to a device so that the device can log in to eSight. The configuration file can be uploaded to back up configurations. However, the delivered command does not contain a VPN instance. Therefore, data backup fails.

Switch configurations can be successfully backed up because switches are used for access and are configured with a Layer 3 interface for management. Therefore, no VPN instance is bound to the Layer 3 interface of the switch.


In the system view of a device, run the set net-manager vpn-instance XXX-XXXX command to configure the default VPN instance used for the NMS to manage devices. The device uses this default VPN instance to communicate with the NMS.

After the set net-manager vpn-instance command is run to configure a VPN instance, this VPN instance is used by the FTP client, SFTP client, SCP client, TFTP client, information center (IC) module, SNMP module, and TACACS module.