Comware

Hello,
I cannot access the HP Aruba 2530-24G Switch by http, ssh and telnet.
If I ping the ip of the switch, which is 192.168.50.2, but I don't have access to any service.

I did a scan with Nmap and I see that I have ports 80,22,23 open but in "tcpwrapped"

I also checked that http and ssh are active.

I already have console access, but I would like to know where to start to solve the problem.

Sorry I'm a beginner at this, but I'd like to learn.

attached images:

https://ibb.co/7Y6Frf0 

https://ibb.co/C7FZQMx 

https://ibb.co/gJbn3tt 

Yes, 192.168.50.2 is the management ip

This is the software version:

HP-2530-24G(config)# show version

Image stamp:
/ws/swbuildm/rel_ajanta_qaoff/code/build/lakes(swbuildm_rel_ajanta_qaoff_rel_aj
anta)
Nov 1 2019 19:14:19
YA.16.10.0002
446
Boot Image: Primary

Boot ROM Version: YA.15.20

HP-2530-24G(config)# show flash
Image Size (bytes) Date Version
----------------- ------------ -------- --------------
Primary Image : 15058183 11/02/19 YA.16.10.0002
Secondary Image : 15058183 11/02/19 YA.16.10.0002

Boot ROM Version
----------------
Primary Boot ROM Version : YA.15.20

Default Boot Image : Primary

If it is a new switch with factory default settings, it gets its IP address via dhcp.  Look on your DHCP server to see what IP address it is (or scan the subnet with softperfect Netscan, have it show the vendors, and show devices listening on port 22 and 80) and look for it there.  Then you can ssh to that IP or go to it's address via http.

Check this video may be its help you.

(242) HP Aruba 2530 Switch Console & HTTP Web Access Setup - YouTube

Hello,

the switch is already in production.
That is the reason why I want to recover http and ssh access by the only access method I have now, which is the console.

Are you able to connect switch through  console cable or not?

I am connected by console.

I have this output:

HP-2530-24G(config)# ip ssh
HP-2530-24G(config)# show ip ssh

SSH Enabled : Yes Secure Copy Enabled : Yes
TCP Port Number : 22 Timeout (sec) : 120
Host Key Type : RSA Host Key Size : 2048

Ciphers : aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,
aes192-cbc,aes128-ctr,aes128-cbc,3des-cbc
MACs : hmac-sha1-96,hmac-md5,hmac-sha1,hmac-md5-96

Ses Type | Source IP Port
--- -------- + ---------------------------------------------- -----
1 console |
2 inactive |
3 inactive |
4 inactive |
5 inactive |
6 inactive |

Hello,

Can you share the 'show log' output from the device?

Thanks!

I ran the command you indicated:

HP-2530-24G(config)# show log -r
Keys: W=Warning I=Information
M=Major D=Debug E=Error
---- Reverse event Log listing: Events Since Boot ----
W 07/22/21 16:37:05 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:32:05 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:27:05 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 16:27:05 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 16:27:02 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 52.43.137.217.
I 07/22/21 16:27:02 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 16:27:02 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 16:22:02 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:17:02 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:12:02 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:07:02 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:02:02 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 16:02:02 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 16:01:59 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 52.43.137.217.
I 07/22/21 16:01:59 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 16:01:59 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 15:56:59 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:51:59 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:46:59 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:41:59 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:36:59 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 15:36:59 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 15:36:56 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 34.217.246.112.
I 07/22/21 15:36:56 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 15:36:56 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 15:31:56 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:26:56 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:21:56 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:16:56 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:11:56 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 15:11:56 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 15:11:53 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 52.43.137.217.
I 07/22/21 15:11:53 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 15:11:53 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 15:06:53 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 15:01:53 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 14:56:53 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 14:51:53 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 14:46:53 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 14:46:53 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 14:46:50 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 34.217.246.112.
I 07/22/21 14:46:50 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 14:46:50 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 14:41:50 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 14:36:50 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 14:31:50 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 14:28:56 00076 ports: port 15 is now on-line
I 07/22/21 14:28:55 00077 ports: port 15 is now off-line
W 07/22/21 14:26:50 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 14:26:22 00076 ports: port 15 is now on-line
I 07/22/21 14:26:20 02711 console: USB console cable connected
I 07/22/21 14:22:39 00828 lldp: PVID mismatch on port 7(VID 50)with peer device
port Ethernet0/48(VID 1)(56202)
W 07/22/21 14:21:50 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 14:21:50 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 14:21:47 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 34.217.246.112.
I 07/22/21 14:21:47 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 14:21:47 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 14:16:47 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 14:11:47 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 14:06:47 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 14:05:33 00828 lldp: PVID mismatch on port 5(VID 50)with peer device
port GigabitEthernet1/0/23(VID 1)(56174)
W 07/22/21 14:01:47 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 13:58:54 00828 lldp: PVID mismatch on port 3(VID 50)with peer device
port Ethernet0/24(VID 1)(56186)
W 07/22/21 13:56:47 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 13:56:47 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 13:56:44 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 34.217.246.112.
I 07/22/21 13:56:44 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 13:56:44 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
I 07/22/21 13:54:26 00828 lldp: PVID mismatch on port 2(VID 50)with peer device
port Ethernet0/24(VID 1)(56184)
W 07/22/21 13:51:44 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:46:44 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:41:44 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:36:44 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:31:44 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 13:31:44 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 13:31:40 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 34.217.246.112.
I 07/22/21 13:31:40 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 13:31:40 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 13:26:40 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:21:40 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:16:40 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:11:40 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 13:06:40 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 13:06:40 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 13:06:37 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 52.43.137.217.
I 07/22/21 13:06:37 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 13:06:37 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 13:01:37 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:56:37 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:51:37 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:46:37 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:41:37 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 12:41:37 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 12:41:34 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 34.217.246.112.
I 07/22/21 12:41:34 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 12:41:34 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 12:36:34 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:31:34 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:26:34 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:21:34 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:16:34 03443 system: The event log buffer is 80% full.
W 07/22/21 12:16:34 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 12:16:34 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 12:16:30 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 54.70.29.7.
I 07/22/21 12:16:30 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 12:16:30 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 12:11:30 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:06:30 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 12:01:30 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:56:30 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:51:30 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 11:51:30 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 11:51:27 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 52.43.137.217.
I 07/22/21 11:51:27 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 11:51:27 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 11:46:27 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:41:27 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:36:27 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:31:27 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:26:27 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 11:26:27 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 11:26:24 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 52.43.137.217.
I 07/22/21 11:26:24 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.
W 07/22/21 11:26:24 05607 activate: Connection with EST server failed for 5
retries. Re-connecting with activate server for EST provisioning.
W 07/22/21 11:21:24 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:16:24 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:11:24 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:06:24 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 11:01:24 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
I 07/22/21 11:01:24 05601 activate: EST provision with activate server
successful. Establishing connection with EST server.
I 07/22/21 11:01:21 05226 activate: Successfully resolved the Activate server
address device.arubanetworks.com to 54.69.104.131.
I 07/22/21 11:01:21 05252 central: Maximum retries limit have been reached to
contact Aruba Central server.Contacting back to Activate server for
reprovisioning.

Since you don't provide the URL to replicate the problem I can only speculate what the reason might be. But chances are high that your server is misconfigured and does not sent the required chain (intermediate) certificates, i.e. some chain certificate is missing. Desktop browsers often work around this issue but other clients will usually fail.

To verify my speculation check your site against SSLLabs and look out for reported chain issues.

Update: according to the comments of the OP at this question I was right. SSLLabs complained about "This server's certificate chain is incomplete" and also set the grade to B because of this.

Certificate Enrollment Using EST (arubanetworks.com)

Hello @LuisRM ,

There are lot of below errors:

W 07/22/21 16:37:05 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:32:05 05604 activate: EST enrollment with server failed because of
CACERTS curl error.
W 07/22/21 16:27:05 05604 activate: EST enrollment with server failed because of
CACERTS curl error.

What is the status of the device in Aruba Central?

Have you checked if everything is fine from firewall side, no blocking?

Is there any possibility to reboot the switch or uprgade to latest software version?

Please share 'show activate provision' output?

Thanks!