Troubleshooting MVE When Down or Unavailable
If your MVE is down or unavailable, step through these troubleshooting actions.
Tip
You can verify MVE status from the Megaport Portal. On the Services page in the Portal, find the MVE and mouse over its icon. A message displays the status of the service. (The color of the icon also indicates the service status.)
Troubleshooting actions
Action | Steps |
---|---|
Ping test to MVE | Run pingA ping test transmits data packets to a specific IP address and either confirms or denies connectivity between IP-networked devices. tests from MVE to the following destinations:
|
Verify MVE remote access configurations |
|
Verify a Cisco configuration | Check if Megaport API call communication is allowed The Cisco vManage console uses Megaport API calls to synchronize and authenticate the MVE. If you use a vManage console that does not allow this API call, for example, an on-premises vManage, you might need to open ports on the customer firewall protecting the on-premises vManage. For more information, see Firewall Ports for Cisco SD-WAN Deployments. Ensure internet access is granted (vManage) For an edge device to come online, it needs internet access through the Transport & Management VPN. To check the configuration details in vManage:
|
Verify a Fortinet configuration | Ensure SSH access is granted Try to connect using SSH to the Fortinet MVE instance using the private key generated when ordering and the public IP address assigned by Megaport. The default username is admin .For example: ssh -i ~/.ssh/mp1-mve-sa-sandbox admin@162.43.xx.x Note the key pasted in the Megaport Portal is the public key and the key used for SSH is the private one. If you cannot connect with SSH to the MVE while the VM is up, you might need to delete and re-generate the MVE. Ensure HTTPS access is allowed Self-hosted web access to the FortiGate is delivered through a secure HTTPS session. The MVE blocks all access to the public IP addresses assigned to the device until you SSH into it and grant HTTPS access. You can verify if access is allowed with the following command: show system interface |
Verify a Versa configuration | Verify the remote access configuration in Versa Director:
|
Verify a VMware configuration | Verify the device configuration is correct in Orchestrator:
|
Verify ACL/FW rules on customer devices | During some troubleshooting sessions where the circuit is up but you cannot ping between Layer 3Layer 3 of the OSI model is the network layer. It translates logical network address into physical machine address (IP addressing). Layer 3 routers analyze traffic based on address details and forward appropriately, requiring knowledge of the details generally exchanged in BGP sessions for routing table exchanges. endpoints, there might be a firewall or ACL in between. It is essential to know the source of the ping and its destination and the path, and any intermediate devices it traverses. Megaport will require a network diagram and the traceroute result before investigation and troubleshooting. Inaccurate information might lead to wrong troubleshooting results and inappropriate solutions. Perform these checks before raising a support request:
|
Next steps
If the troubleshooting actions do not resolve your issue, contact support. Before contacting support for assistance, collect the following information.
- Provide details of all troubleshooting steps.
For instance, if loops were placed, note where they were located and their direction.
Note
WFor more information on when a field service technician is needed onsite at the data center, see Customer Field Services.