That's very strange, i have deleted the interface vlan 30 and the vlan 30, configured the same with vlan 300 and now it work. It seem the eve-ng don't like vlan number 30.
Original Message:
Sent: Jul 28, 2025 05:49 AM
From: cbrasolin
Subject: Issues with CX Simulator on Eve-NG
I have problems too with CX in VSX configuration on eve-ng.
The VSX status is ok, i have configured the interface vlan 30 con active gateway like tihis:
interface vlan 30
vsx-sync active-gateways
vrf attach LAB1
ip address 10.0.30.2/24
active-gateway ip mac 12:00:00:00:00:30
active-gateway ip 10.0.30.1
The other peer has IP 10.0.30.3/24.
10.0.30.2 doesn't ping 10.0.30.3 and viceversa. I have connected 2 virtual PC on vlan 30, one on each VSX (10.0.30.10 and 10.0.30.11). The PC can ping the interface vlan on his connected VSX but is not able to ping the physical IP of the other VSX neither the other PC.
The mac-address table is OK, i see both PC mac-address on both VSX, but the arp table is populated only with the local PC. By looking the captured traffic on the ISL lacp link, i don't see the arp request exiting the interface.
Setting the interface as E1000 doesn't solve.
Original Message:
Sent: Feb 10, 2025 03:34 PM
From: MatazaNz
Subject: Issues with CX Simulator on Eve-NG
I just gave this a shot, and it worked. Thanks heaps! It's not super quick, but does definitely work, while virtio-net-pci does not.
I'll continue evaluating both environments, however, this is no longer a hangup on EVE NG.
------------------------------
Trent Hansen | ACMA | ACMP | APS Central | APS Security Services Edge
Original Message:
Sent: Feb 09, 2025 09:10 AM
From: Drannor
Subject: Issues with CX Simulator on Eve-NG
I ran into similar issue on EVE-NG. I solved it by changing the type on NIC in the object configuration to E1000 instead.
Hope it helps.
Best regards
Stéphane Duchesne
Original Message:
Sent: 2/8/2025 7:45:00 PM
From: MatazaNz
Subject: RE: Issues with CX Simulator on Eve-NG
First, keep in mind that AOS-CX is a simulator and is not primarily designed for testing with real traffic.
Yes, I am aware of this. I am not using the simulator for a real network. I am using it to build out proof of concept network designs, as well as learn the CX platform. The design I am currently working on requires testing web access and restrictions.
Are you running the AOS-CX simulator in GNS3
As per my original post, I am running under both EVE NG and GNS3. The issue I am running into is under EVE NG. GNS3 has no issues thus far. I am evaluating both simulation platforms as part of this too, to decide which I want to use long term. EVE NG is much nicer in some points, but this issue I am experiencing may be a blocker.
you might try changing your gateway to use a port other than 80 or 443 to see if that resolves the issue
This is affecting more than just HTTP/HTTPS. I also cannot use DNS, queries just time out. Bypassing the Aruba CX switch (Either by directly connecting to the firewall, or by using a Cisco switch) restores this functionality.
If this is a known issue under EVE NG, then I will make note of this and move forward with GNS3 instead.
Original Message:
Sent: Feb 03, 2025 03:14 AM
From: mkk
Subject: Issues with CX Simulator on Eve-NG
First, keep in mind that AOS-CX is a simulator and is not primarily designed for testing with real traffic.
- Are you running the AOS-CX simulator in GNS3?
- you might try changing your gateway to use a port other than 80 or 443 to see if that resolves the issue.
Most likely a EVE-NG issue, I had this before with a Fortigate VM appliance in EVE-NG.
------------------------------
Marcel Koedijk | MVP Expert 2024 | ACEP | ACMP | ACCP | ACDP | Ekahau ECSE | Not an HPE Employee | Opinions are my own
Original Message:
Sent: Feb 02, 2025 08:16 PM
From: MatazaNz
Subject: Issues with CX Simulator on Eve-NG
I've been having really odd issues with AOS CX switches under Eve-NG.
I've set up a lab with a VSX cluster, MCLAG to an OPNsense firewall and MCLAGs to some access switches.
I can receive DHCP on an Ubuntu client connected to one of the access switches, both through VLAN 1 and VLAN 100. I can successfully ping the gateway, and out to 8.8.8.8. However, I cannot access the gateway over HTTP/HTTPS, nor can I reach DNS at 8.8.8.8 or 1.1.1.1. All interfaces in OPNsense are set up as any/any/allow. I have set up this exact same scenario in GNS3 (Same configs 1:1) without issues. Under Eve, I tried a single AOS switch simply connected to a standard interface on the firewall, also no DNS or HTTP traffic, yet pings work. If I replace the AOS switches with Cisco, I have no issues either, which leads me to believe this odd behaviour is relared to the AOS CX simulator itself.
I am running the latest 10.15 version of the AOS CX image.
Below are the configs currently loaded on the switches. Any insight would be appreciated, thank you!
Core 1
hostname Core-SW1
!
vrf KA
!
vlan 1
vlan 100
vsx-sync
!
interface mgmt
no shutdown
ip dhcp
interface lag 1 multi-chassis
description Access-SW1 VSX LAG
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface lag 2 multi-chassis
description Access-SW2 VSX LAG
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface lag 10 multi-chassis
description To Firewall
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface lag 256
description ISL
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
lacp mode active
interface 1/1/1
description To Access-SW1
no shutdown
mtu 9100
lag 1
interface 1/1/2
description To Access-SW2
no shutdown
mtu 9100
lag 2
interface 1/1/3
description To Firewall
no shutdown
lag 10
interface 1/1/7
description Keepalive
no shutdown
vrf attach KA
ip address 192.168.0.0/31
interface 1/1/8
description ISL link
no shutdown
mtu 9198
lag 256
interface 1/1/9
description ISL link
no shutdown
mtu 9198
lag 256
vsx
system-mac 02:01:00:00:01:00
inter-switch-link lag 256
role primary
keepalive peer 192.168.0.1 source 192.168.0.0 vrf KA
vsx-sync aaa acl-log-timer bfd-global bgp control-plane-acls copp-policy dhcp-relay dhcp-server dhcp-snooping dns icmp-tcp lldp loop-protect-global mac-lockout mclag-interfaces neighbor ospf qos-global route-map sflow-global snmp ssh stp-global time vsx-global
Core 2
hostname Core-SW2
!
vrf KA
!
ssh server vrf mgmt
vlan 1
vlan 100
vsx-sync
!
interface mgmt
no shutdown
ip dhcp
interface lag 1 multi-chassis
description Access-SW1 VSX LAG
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface lag 2 multi-chassis
description Access-SW2 VSX LAG
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface lag 10 multi-chassis
description To Firewall
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface lag 256
description ISL
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed all
lacp mode active
interface 1/1/1
description To Access-SW1
no shutdown
mtu 9100
lag 1
interface 1/1/2
description To Access-SW2
no shutdown
mtu 9100
lag 2
interface 1/1/3
description To Firewall
no shutdown
lag 10
interface 1/1/7
description Keepalive
no shutdown
vrf attach KA
ip address 192.168.0.1/31
interface 1/1/8
description ISL link
no shutdown
mtu 9198
lag 256
interface 1/1/9
description ISL link
no shutdown
mtu 9198
lag 256
vsx
system-mac 02:01:00:00:01:00
inter-switch-link lag 256
role secondary
keepalive peer 192.168.0.0 source 192.168.0.1 vrf KA
vsx-sync aaa acl-log-timer bfd-global bgp control-plane-acls copp-policy dhcp-relay dhcp-server dhcp-snooping dns icmp-tcp lldp loop-protect-global mac-lockout mclag-interfaces neighbor ospf qos-global route-map sflow-global snmp ssh stp-global time vsx-global
Access 1
hostname Access-SW1
!
vlan 1,100
interface mgmt
no shutdown
ip dhcp
interface lag 1
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface 1/1/1
no shutdown
no routing
vlan access 100
interface 1/1/8
description to Core-SW1
no shutdown
lag 1
interface 1/1/9
description to Core-SW2
no shutdown
lag 1
Access 2
hostname Access-SW2
!
vlan 1,100
interface mgmt
no shutdown
ip dhcp
interface lag 1
no shutdown
no routing
vlan trunk native 1
vlan trunk allowed 100
lacp mode active
interface 1/1/1
no shutdown
no routing
vlan access 100
interface 1/1/2
description To Ubuntu Client
no shutdown
no routing
vlan access 100
interface 1/1/8
description to SW1
no shutdown
lag 1
interface 1/1/9
description to SW2
no shutdown
lag 1