C2960x will no accept Puttty connection

jeffhighower · ‎03-09-2023

Catalyst 2960x-48 port will not accept a SSH connection through Putty.

It will accept a serial connection through Putty.

When in SSH mode and you try to connect after about 10 seconds you get a connection refused error box.

Thank you for the help.

MHM Cisco World · ‎03-09-2023

share the config of vty ?
are you config RSA key ??

balaji.bandi · ‎03-09-2023

It will accept a serial connection through Putty. - I take this as a Console connection.

for SSH you need to configure your device to accept SSH connections.

From console (serial) post-show run output here ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

jeffhighower · ‎03-09-2023

here is config. i have taken out most of the g1/0 port cofigs to **bleep** down on the size of the posts.

thank you

CHMS-2960xNorth-1#sh config

Using 9696 out of 524288 bytes

!

! Last configuration change at 22:11:57 UTC Fri Feb 24 2023

! NVRAM config last updated at 22:12:06 UTC Fri Feb 24 2023

!

version 15.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CHMS-2960xNorth-1

!

boot-start-marker

boot-end-marker

!

no aaa new-model

switch 1 provision ws-c2960x-48lps-l

!

crypto pki trustpoint TP-self-signed-2925647616

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2925647616

revocation-check none

rsakeypair TP-self-signed-2925647616

!

crypto pki certificate chain TP-self-signed-2925647616

certificate self-signed 01 nvram:IOS-Self-Sig#1.cer

!

spanning-tree mode rapid-pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface FastEthernet0

no ip address

shutdown

!

interface GigabitEthernet1/0/1

description ***MS North ***

switchport access vlan 17

switchport mode access

switchport voice vlan 9

spanning-tree portfast edge

!

interface GigabitEthernet1/0/2

description ***MS North ***

switchport access vlan 17

switchport mode access

switchport voice vlan 9

spanning-tree portfast edge

!

interface GigabitEthernet1/0/3

description ***MS North ***

switchport access vlan 17

!

interface Vlan1

no ip address

shutdown

!

interface Vlan140

ip address 206.76.140.155 255.255.255.0

ip helper-address 206.76.140.48

!

ip http server

ip http secure-server

!

line con 0

line vty 0 4

password cisco

login

transport input ssh

line vty 5 15

password cisco

login

transport input ssh

!

end

CHMS-2960xNorth-1#

Richard Burts · ‎03-10-2023

Thanks for posting the configuration. I do not see any obvious issues in the config. Can you post the output of the command show ip ssh?

HTH

Rick

balaji.bandi · ‎03-10-2023

Apart from show ssh, show ip ssh -

From what IP address you trying to SSH to device ?

On your config i do not see any routing or default gateway ? (is this removed ?)

if the switch is layer 2 - add default gateway

ip default-gateway x.x.x.x

if the switch acting Layer 3 add ip routing.

ip route 0.0.0.0 0.0.0.0 x.x.x.x

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎03-10-2023

https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html

there is no RSA key for SSH,
the crypto config you share is for license.

check guide above

Richard Burts · ‎03-10-2023

If you do have access via serial connection (we assume this is to the console), then please access the switch, run debug for ssh, attempt the ssh access, and post any debug output.

HTH

Rick