08-09-2020 09:57 PM
Have used the following IPs for reference :
Jump Server IP: 192.168.10.5 (Subnet A - AWS)
ASAv30 inside interface IP: 192.168.20.5 (subnet B - AWS)
Able to ping the ASAv inside interface from the Jump Server, but unable to SSH/HTTPS the ASAv inside interface when initiating a request from Jump Server.
Following captures observed on inside interface:
SSH:
1: 07:35:25.236712 192.168.10.5.51412 > 192.168.20.5.22: SWE 2005654349:2005654349(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
2: 07:35:28.249987 192.168.10.5.51412 > 192.168.20.5.22: SWE 2005654349:2005654349(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
3: 07:35:34.251955 192.168.10.5.51412 > 192.168.20.5.22: S 2005654349:2005654349(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
HTTPS:
4: 07:36:45.567261 192.168.10.5.51419 > 192.168.20.5.443: SWE 2582893096:2582893096(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
5: 07:36:45.572403 192.168.10.5.51420 > 192.168.20.5.443: SWE 1423861587:1423861587(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
6: 07:36:45.818210 192.168.10.5.51421 > 192.168.20.5.443: SWE 4143246363:4143246363(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
7: 07:36:48.567322 192.168.10.5.51419 > 192.168.20.5.443: SWE 2582893096:2582893096(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
8: 07:36:48.572205 192.168.10.5.51420 > 192.168.20.5.443: SWE 1423861587:1423861587(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
9: 07:36:48.818347 192.168.10.5.51421 > 192.168.20.5.443: SWE 4143246363:4143246363(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
10: 07:36:54.567612 192.168.10.5.51419 > 192.168.20.5.443: S 2582893096:2582893096(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
11: 07:36:54.572434 192.168.10.5.51420 > 192.168.20.5.443: S 1423861587:1423861587(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
12: 07:36:54.818484 192.168.10.5.51421 > 192.168.20.5.443: S 4143246363:4143246363(0) win 64240 <mss 1460,nop,wscale 8,nop,nop,sackOK>
Also tried the command "debug HTTP 255" while initiating https traffic but got no logs on the device.
the following commands are configured to provision access:
ssh 192.168.10.5 255.255.255.255 inside
http 192.168.10.5 255.255.255.255 inside
08-09-2020 10:40 PM - edited 08-09-2020 10:41 PM
08-09-2020 11:34 PM
08-10-2020 12:21 AM
Hi @Mohammed al Baqari, Subnet A is in a different and does not belong to the ASAv.
08-10-2020 12:34 AM
08-10-2020 06:02 AM
Generated new keys using the following command:
crypto key generate rsa general-keys modulus 1024
Tried connecting again, but the same result. Logging buffered is enabled but did not receive any logs for source 192.168.10.5.
However, the capture still shows the same traffic as shared in my original query.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide