I have a team onsite this week inspecting us. We found out yesterday that Retina is unable to access several of our switches. Said switches are able to be pinged from workstations on both of our main VLANs, I can SSH to them from any computer which is included in the ACL (and yes, the Retina server is in the ACL). Users can login to and access all network resources without issue. Each switch is configured with a management IP on the same VLAN. I have created a full-permissions user on each switch specifically for scanning use.

All switches are running the same code (12.2(58)se2). I was just able to SSH from one switch to another (with the user account made for the Retina scan), all through the stack of switches experiencing the problem. While doing so, I did a “show log | incl <IP of the Retina server>. 90% of the switches had no records for that IP (thus no attempted connections). The few that did have record of it, reflected a connection over 24 hours ago- and we’ve just tried it several times within the last 6 hours (it was 0300 when I sent this email to coworkers that I'm snipping into this post).

All switches are using SSH V2. The Retina server isn't giving a "failure to login" error- it's just not seeing the switches at all.

Basically what it looks like is I've hidden the switches rather well- and I wasn't trying.

Anyone seen anything like this?

Have the team double check the Retina appliance's IP configuration. Perhaps gateway or mask error?

Retina device works great- it can see anything except for those few switches...

Team came in this morning and I had them scan again. They can see everything.

I have changed NOTHING. This was resolved by rebooting the infrastructure. When the heck did Cisco hire Microsoft to do their software engineering?

Without knowing the specifics of the ip addresses involved, a gateway or netmask error could produce the behavior you described.

Did you reboot the Retina or did they do it? Perhaps they changed something unannounced to you.

All the switchgear is on the same subnet.

I rebooted the switchgear, not the Retina.

:shrugs: Chalk it up to the "Microsoft fix"