03-09-2023 12:47 PM
Catalyst 2960x-48 port will not accept a SSH connection through Putty.
It will accept a serial connection through Putty.
When in SSH mode and you try to connect after about 10 seconds you get a connection refused error box.
Thank you for the help.
03-09-2023 12:49 PM
share the config of vty ?
are you config RSA key ??
03-09-2023 12:50 PM
It will accept a serial connection through Putty. - I take this as a Console connection.
for SSH you need to configure your device to accept SSH connections.
From console (serial) post-show run output here ?
03-09-2023 08:41 PM
here is config. i have taken out most of the g1/0 port cofigs to **bleep** down on the size of the posts.
thank you
CHMS-2960xNorth-1#sh config
Using 9696 out of 524288 bytes
!
! Last configuration change at 22:11:57 UTC Fri Feb 24 2023
! NVRAM config last updated at 22:12:06 UTC Fri Feb 24 2023
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CHMS-2960xNorth-1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
switch 1 provision ws-c2960x-48lps-l
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2925647616
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2925647616
revocation-check none
rsakeypair TP-self-signed-2925647616
!
!
crypto pki certificate chain TP-self-signed-2925647616
certificate self-signed 01 nvram:IOS-Self-Sig#1.cer
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
shutdown
!
interface GigabitEthernet1/0/1
description ***MS North ***
switchport access vlan 17
switchport mode access
switchport voice vlan 9
spanning-tree portfast edge
!
interface GigabitEthernet1/0/2
description ***MS North ***
switchport access vlan 17
switchport mode access
switchport voice vlan 9
spanning-tree portfast edge
!
interface GigabitEthernet1/0/3
description ***MS North ***
switchport access vlan 17
!
interface Vlan1
no ip address
shutdown
!
interface Vlan140
ip address 206.76.140.155 255.255.255.0
ip helper-address 206.76.140.48
!
!
ip http server
ip http secure-server
!
!
!
!
line con 0
line vty 0 4
password cisco
login
transport input ssh
line vty 5 15
password cisco
login
transport input ssh
!
!
end
CHMS-2960xNorth-1#
03-10-2023 12:46 AM
Thanks for posting the configuration. I do not see any obvious issues in the config. Can you post the output of the command show ip ssh?
03-10-2023 04:15 AM
Apart from show ssh, show ip ssh -
From what IP address you trying to SSH to device ?
On your config i do not see any routing or default gateway ? (is this removed ?)
if the switch is layer 2 - add default gateway
ip default-gateway x.x.x.x
if the switch acting Layer 3 add ip routing.
ip route 0.0.0.0 0.0.0.0 x.x.x.x
03-10-2023 04:24 AM - edited 03-10-2023 04:44 AM
https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html
there is no RSA key for SSH,
the crypto config you share is for license.
check guide above
03-10-2023 02:52 PM
If you do have access via serial connection (we assume this is to the console), then please access the switch, run debug for ssh, attempt the ssh access, and post any debug output.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide