Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
673
Views
0
Helpful
1
Replies

Cannot SSH or ASDM to Active ASA (5515)

jrdemacio
Level 1
Level 1

‎08-19-2019 08:36 AM

Recently lost the ability to SSH/ASDM into the active ASA - any suggestions ?

CS-FW1/stby/sec# sho run | i ssh
aaa authentication ssh console LOCAL
no ssh stricthostkeycheck
ssh 10.50.0.0 255.255.0.0 inside
ssh timeout 30
ssh key-exchange group dh-group1-sha1

!

CS-FW1/stby/sec# failover exec active sho run | in ssh
aaa authentication ssh console LOCAL
no ssh stricthostkeycheck
ssh 10.50.0.0 255.255.0.0 inside
ssh timeout 30
ssh key-exchange group dh-group1-sha1

Labels:
0 Helpful
1 Reply 1

Ben Walters
Level 3
Level 3

‎08-20-2019 06:44 AM

When you try to SSH to the firewall do you get a timeout or is the connection refused?

 

If you are getting a timeout the SSH connection is likely being blocked, check that you are in the allowed subnet and SSH access is enabled on the correct interface. 

 

If the connection is refused it may be an issue with the crypto key that SSH is using you can try generating a new one to see if that helps with the crypto key generate command.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card