Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1044
Views
0
Helpful
4
Replies

Unable to ssh into Management Interface of FPR 1120

Go to solution
eric.t.schmidt
Level 1
Level 1

‎12-20-2022 09:19 AM

I am managing a Cisco FPR-1120 with FMC, not using the data interface, but through the Management Interface then recently for some unknown reason, I am no longer able to ssh to the device.  Management through the FMC still works fine, and can ping it, but no response from ssh.

I have several FPR-1120's and I just have one that is behaving this way.  Also, I do not have console access to it.

I have been hoping to resolve this from the FMC, by attempting to allow ssh under the platform settings, which I have not had to do on my other FPR's.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-21-2022 05:47 AM

I have not seen a site-to-site VPN issues like you describe where there is ongoing interesting traffic present.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-20-2022 10:56 AM

You can run show commands on the managed FTD device from FMC but not much else.

Have you tried to initiate ssh from the gateway for the management interface? Or perhaps from the FMC cli?

0 Helpful

Go to solution
eric.t.schmidt
Level 1
Level 1

‎12-20-2022 01:18 PM

Thanks Marvin!  Just tried your suggestion to ssh from the FMC cli (expert mode) and it times out as well.  I will try to get someone to provide me console access.  Fortunately I have FMC connectivity and can reboot if necessary.

So, Marvin, since I have you.  You have helped me numerous times through others posted threads regarding various issues, so I was thrilled that you took this.  My need to ssh to this device is because the Site to Site VPN that I have configured for this site will frequently hang.  The crypto maps on the what I call the far end will stay loaded, but they will drop out from the main FTD. So I have to log into the far end and clear crypto ipsec peer and the tunnels immediately come back up.  This used to work great when I was using an ASA 5506 at the far end.  I have been on a 4110 at our main site for about 5 years, just recently been switching out the ASA's with FTD/FPR-1120's and running into this on my sites that have slightly higher latency than others.  Actually my WISP sites have this issue.  Mainly wondering if you have heard of this.  Thank you sir!

 

 

0 Helpful

Go to solution
eric.t.schmidt
Level 1
Level 1

‎12-20-2022 01:21 PM

To add some context to my last comment, Interesting traffic should be there regularly from our monitoring software.

Thanks again. 

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-21-2022 05:47 AM

I have not seen a site-to-site VPN issues like you describe where there is ongoing interesting traffic present.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card