Symptom
When trying to connect via Netconf to the Loopback IP of the PE router working in L3VPN setup the connection is immediately refused by router.
C:\Users\calo>ssh user2@ -p 830 netconf
ssh: connect to host port 830: Connection refused
debug ip tcp transactions show that TCP-RST flag is send immediately after connection attempt was done.
*DATE: TCP: connection attempt to port 830
*DATE: TCP: sending RST, seq 0, ack 2995910472
*DATE: TCP: sent RST to :56508 from :830
*DATE: Released port 0 in Transport Port Agent for TCP IP type 0 delay 0
*DATE: TCP0: state was LISTEN -> CLOSED [0 -> UNKNOWN(0)]
*DATE: TCB 0x7E65EDD4 destroyed
Connection to IPs of physical or mgmt interfaces are accepted. SSH to the loopback interface (connection to port 22) is working with no issues.
Conditions
ASR900 router working as a PE router in L3VPN network. The netconf packets are never leave the MPLS network.
Workaround
Use IP of physical or mgmt interface to login via netconf-yang
