cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
366
Views
0
Helpful
1
Replies

IOS firmware upgradation

ashz14387
Level 1
Level 1

After upgrading My cisco ASA 4215 to the latest firmware Version 9.20 and after upgrading i am not able to take ssh to the firewall. Does this means that the encryption used for SSH have been changed and should i create a new ssh credential or is there any way to use my old credentials.

1 Reply 1

urathod
Cisco Employee
Cisco Employee

Upgrading your Cisco ASA 4215 to the latest firmware version should not necessarily prevent you from using SSH with your previous credentials. However, it's possible that some settings might have been reset or some compatibility issues might have occurred during the upgrade.

Here are some steps you can try to troubleshoot the issue:

  1. Check the SSH settings: Make sure SSH is enabled and properly configured on the ASA. You can verify this via the console port.

    Use the command: show run ssh - This should display the current SSH settings.

    And the command: show run aaa - This will show your authentication settings.

  2. Verify the SSH version: Some firmware versions may have compatibility issues with certain SSH versions. Make sure the ASA is set to a compatible version with your SSH client.

  3. Check the ASA's RSA keys: The ASA uses RSA keys for authentication. If these were somehow lost or corrupted during the upgrade, it might be preventing SSH access. You can regenerate these keys if necessary using the command: crypto key generate rsa modulus 2048

  4. Confirm your user credentials: Make sure the username and password you're using for SSH are still valid. If you're not sure, you can reset them.

  5. Check the access list: Ensure that the IP you're trying to SSH from is included in the SSH access list. You can do this via the command: show running-config ssh

If after checking these things you're still having trouble, it might be best to contact Cisco's technical support for further assistance. They can guide you through more advanced troubleshooting steps and help identify if there's a specific issue with the new firmware version.

If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/4416493] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.