Enabling AppFlow from NetScaler MAS fails with the error message:
Execute Commands failed.

Config logs (/var/mps/log/mps_config.log): 

Wednesday, 10 Jan 18 11:55:20.075 -0500 [Error] [[#1]] SSH Command Timed out on <NSIP>
Wednesday, 10 Jan 18 11:56:20.080 -0500 [Error] [Main] SSH: Failed to connect on <NSIP>
Wednesday, 10 Jan 18 11:56:20.081 -0500 [Error] [Main] Error in SSH request on <NSIP>
Reason: SSH: Failed to connect on <NSIP>
Wednesday, 10 Jan 18 11:56:20.081 -0500 [Error] [Main] In executeSSHCommands, after processRequests: Error in SSH request on <NSIP>
Reason: SSH: Failed to connect on <NSIP>
Wednesday, 10 Jan 18 11:56:20.124 -0500 [Error] [Main] Command failed on <NSIP> Error in SSH request on <NSIP>
Reason: SSH: Failed to connect on <NSIP>
Wednesday, 10 Jan 18 11:56:20.130 -0500 [Error] [Main] Error is executing task: [Command failed on <NSIP> Error in SSH request on <NSIP>
Reason: SSH: Failed to connect on <NSIP>] 
Wednesday, 10 Jan 18 11:56:20.148 -0500 [Error] [Main] InsightUtil::ExecuteCommands failed: [Command failed on <NSIP> Error in SSH request on <NSIP>
Reason: SSH: Failed to connect on <NSIP>] 

Inventory logs (/var/mps/log/mps_inventory.log):

Wednesday, 10 Jan 18 11:55:23.557 -0500 [Error] [Inventory[#304]] SSH: Failed to connect on <NSIP>
Wednesday, 10 Jan 18 11:55:23.558 -0500 [Error] [Inventory[#304]] Error in SSH request on <NSIP>
Reason: SSH: Failed to connect on <NSIP>
Wednesday, 10 Jan 18 11:55:23.558 -0500 [Debug] [Inventory[#304]] Error in executing command Error in SSH request on <NSIP>
Reason: SSH: Failed to connect on <NSIP>

Network traces in MAS will show SYN packets sent but no SYN/ACK received:

# tcpdump host <NSIP> and tcp port 22

Network traces in NS will show no traffic from MAS on port TCP 22:

# nstcpdump.sh host <MAS_IP> and tcp port 22

To resolve this issue, enable SSH traffic [TCP/22] from MAS to NetScaler on the firewall.

Problem Cause

MAS communicates with NetScaler devices over SSH [tcp.22] to run the configuration commands.