08-19-2020 08:21 AM
Hi,
I´ve changed an ASA5520 Cluster with two ASA 5525-X and the configuration was copied
from the old two the new cluster. Behind the cluster is our network MGMT vlan
and we build SSH connections to network Devices (Switches, Router etc.). With the old Cluster everything
was fine and the SSH connections run as long as you want. But after we´ve changed the Firewalls, we get a timeout message....
Any idea ?
BR
08-19-2020 09:04 AM
You mean that you able to login but the session timing out (it was not the case before ?) is that correct ?
if so check the ssh timeout settings on ASA and setup the time you like : ( default 30 seconds i guess).
Example :
# ssh timeout (time in minutes)
08-20-2020 01:54 AM
Hi,
the firewall is the gateway to our mgmt network, where are all mgmt interfaces from our LAN/WAN Devices are located.
We get the timeout not the firewall himself, but if we build a ssh connection to a LAN Switch for example, we get an timeout.
But on the switch there is exec-timeout 0 0 configured and with the old asa cluster we don´t have such problems.
Normaly it´s no a big problem, because during the work we don´t have problems, but if you connect to a wlc for example and want to debug some issue you need a stable connection sometimes over more than one day....
I´ve no idea, which configuration on the asa could be the reason for that problem....
BR M
08-20-2020 02:30 AM
I was suggesting timeout on ASA
can you post the configuraiton (removing sensitive information)
or you can compare the config OLD and new One see what is the difference you see. some time new version omiit some commands. (but not sure what was your case).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide