08-30-2012 09:59 AM - edited 03-11-2019 04:47 PM
I have a 5540 running 8.2.5 and SSH access stopped working. Telnet still works.
Logs show this:
%ASA-6-302013: Built inbound TCP connection 227557909 for outside:x.x.x.x/62168 (x.x.x.x/62168) to identity:y.y.y.y/22 (y.y.y.y/22)
%ASA-5-321001: Resource 'ssh' limit of 5 reached for context 'single_vf'
%ASA-6-302014: Teardown TCP connection 227557909 for outside:x.x.x.x/62168 to identity:y.y.y.y/22 duration 0:00:00 bytes 0 TCP FINs
I go into the firewall a do a "sh ssh sessions" and get no sessions returned.
I know there are some bugs that sound very similar like CSCsm68097, but all involve much eariler code. Any other more modern bugs for the same problem?
08-30-2012 10:04 AM
Hello,
As a test can you take out the entire SSH configuration and then just apply it back.
Regards,
Julio
09-07-2012 02:40 PM
Stripped off the SSH and reapplied it.
clear configure ssh
Then I pasted all of the ssh statements.
ssh x.x.x.x 255.255.255.0 inside
ssh x.x.x.x 255.255.255.0 outside
etc.
Same thing.
09-07-2012 02:47 PM
This ASA has some serious uptime. I'm pretty sure a reboot will fix it, but I can't let me curiosity go. :-)
09-07-2012 03:27 PM
Hello,
Me too.
I am pretty sure a Reload will clear the orphaned SSH sessions.
Check those 2. Looks like 8.2.5 is being hitted on your case. Can you reload and monitor to check if it happens again?
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide