Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7039
Views
10
Helpful
6
Replies

ASA: Unable to configure service on port 22

alex.dersch
Level 4
Level 4

‎09-26-2011 08:14 AM - edited ‎03-11-2019 02:30 PM

Hello, I'm trying to enable ssh access on the inside interface. It's not working and I get this error message

Unable to configure service on port 22, on interface 'INSIDE'. This port is currently in use by another feature. I did a show asp table sockets and it seems something else is listening to port tcp/22. What other service is listening on port 22. I tried it on other interfaces there it is working.

Result of the command: "show asp table socket" (172.16.2.25 is my INSIDE interface)

Protocol  Socket    Local Address               Foreign Address         State

SSL       000023ff  172.16.2.25:443             0.0.0.0:*               LISTEN

TCP       0000426f  172.16.2.25:22              0.0.0.0:*               LISTEN

thanks

alex

1 person had this problem
Labels:
0 Helpful
6 Replies 6

varrao
Level 10
Level 10

‎09-26-2011 08:39 AM

Hi Alex,

Can you provide the output of :

show run | inc inside

There's got to be some other service using the inside interface ip, and thats y you are unable to ssh to it.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

alex.dersch
Level 4
Level 4
In response to varrao

‎09-26-2011 08:44 AM

Sure, but i checked it already.

114395-showrun.txt.zip
0 Helpful

Kureli Sankar
Cisco Employee
Cisco Employee
In response to alex.dersch

‎09-26-2011 10:10 AM

This is

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn75060

Symptom:

After upgrade the ASA to 8.4(1), ssh to one or more interfaces are failing.
Removing and re-adding the SSH configuration results in the following error
message:

ciscoasa(config)# ssh 0 0 outside
ERROR: Unable to configure service on port 22, on interface 'outside'. This
port is currently in use by another feature
Usage: [no] ssh {|}   
[no] ssh timeout  
[no] ssh version 1|2 
[no] ssh scopy enable 
show ssh [sessions []] 
ssh disconnect 
show running-config [all] ssh
clear configure ssh

Conditions:

Access via ASDM or telnet are unaffected. SSH still may work to other
interfaces, but is failing to a specific interface.

Workaround:

Reload the ASA.

Resolved in

008.004(002)           008.004(001.002) 

Upgrade to get the fix.

-KS

martin5641289
Level 1
Level 1
In response to Kureli Sankar

‎07-08-2022 03:04 AM

I met the same issue and our ASA version is 9.16(2)14.

 

Someone in another discussion suggested a reboot and it helped. So I suppose the problem is related to the current state of the firewall where it is not possible to add another ssh users on some interface. I was able to add ssh user at different interface but not at outside interface. Some check prevents it. The reason is unknown.

JB-WH
Level 1
Level 1
In response to martin5641289

‎08-05-2022 12:24 PM

Seeing the same thing with 9.16(2)14.

0 Helpful

JB-WH
Level 1
Level 1
In response to martin5641289

‎08-11-2022 05:57 AM

This is now listed as a known bug, with no resolution, currently.

CSCwb94312

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card