10-20-2010 06:15 PM - edited 03-11-2019 11:57 AM
Hi all,
My ssh on my cisco asa 5510 fail to work.
I have enabled the following but my ssh client fail to connect to the firewall from my office network(connected to firewall inside interface).
aaa authentication ssh console LOCAL
ssh 10.0.0.0 255.0.0.0 inside
ssh timeout 5
I have also enable a rsa key and enable using ssh version 1 and 2
Pls advise. Thks in advance.
10-20-2010 06:18 PM
Are you able to telnet on port 22?
Try to use a different SSH client as sometimes it could be problem with the client itself.
10-20-2010 06:23 PM
Hi Jennifer,
I am unable to telnet to the firewall on port 22
10-20-2010 06:40 PM
Hello Don
Would you please paste the result of the command show asp table socket?
Cheers
Mike
10-20-2010 06:45 PM
Hi maykol,
I am using asa version 7.0
There is no "socket" option for "show asp table"
The following options are available for "show asp table"
arp Show ASP ARP table
classify Show ASP classifier tables
interfaces Show ASP interfaces tables
routing Show ASP route tables
vpn-context Show ASP VPN context tables
10-20-2010 06:49 PM
Hello Don,
I hope you are doing great, would you please put the debug ssh 255 and try again?
Cheers
Mike
10-21-2010 07:56 AM
Hi Don,
You can also setup a packet capture to confirm the SSH connection is actually reaching the inside interface of the firewall:
access-list capin permit tcp host
host eq 22 capture capin access-list capin interface inside
show capture capin
If you see traffic reaching the firewall in the capture, try removing all SSH commands and re-adding them. Also, double check the syslogs that are generated at the time.The 7.0 version code is extremely old at this point, so you may also be running into a bug. Upgrading to 7.2(5) or 8.0(5) may help you overcome this problem as well.
If you don't see traffic reaching the firewall, double check network connectivity between your client and the firewall.
Hope that helps.
-Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide