SSH session timeout over ASA Cluster

wabbot22 · ‎08-19-2020

Hi,

I´ve changed an ASA5520 Cluster with two ASA 5525-X and the configuration was copied

from the old two the new cluster. Behind the cluster is our network MGMT vlan

and we build SSH connections to network Devices (Switches, Router etc.). With the old Cluster everything

was fine and the SSH connections run as long as you want. But after we´ve changed the Firewalls, we get a timeout message....

Any idea ?

BR

balaji.bandi · ‎08-19-2020

You mean that you able to login but the session timing out (it was not the case before ?) is that correct ?

if so check the ssh timeout settings on ASA and setup the time you like : ( default 30 seconds i guess).

Example :

# ssh timeout (time in minutes)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

wabbot22 · ‎08-20-2020

Hi,

the firewall is the gateway to our mgmt network, where are all mgmt interfaces from our LAN/WAN Devices are located.
We get the timeout not the firewall himself, but if we build a ssh connection to a LAN Switch for example, we get an timeout.

But on the switch there is exec-timeout 0 0 configured and with the old asa cluster we don´t have such problems.

Normaly it´s no a big problem, because during the work we don´t have problems, but if you connect to a wlc for example and want to debug some issue you need a stable connection sometimes over more than one day....

I´ve no idea, which configuration on the asa could be the reason for that problem....

BR M

balaji.bandi · ‎08-20-2020

I was suggesting timeout on ASA

can you post the configuraiton (removing sensitive information)

or you can compare the config OLD and new One see what is the difference you see. some time new version omiit some commands. (but not sure what was your case).

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help