I have four admin users on my ASA all with level 15 access but not of them are able to SSH to my device.
I have checked SSH settings and it is allowed.
Is there anything I could have overlooked? I'm sure this has worked in the past as the device is over 5 years old.
Thanks in advance.
Solved! Go to Solution.
Are the users even prompted to authenticate?
If not it could be you are connecting from a network/IP address that is not permitted to SSH to the ASA. See this really old guide
See the section of the guide "Configuration with ASDM 6.x" - step number 6. From here you need to define the networks/ip addresses permitted to connect to the ASA using ssh.
Hi @Rob Ingram
Thank you for the swift reply!
No, no authentication prompt at all is being received. Just says "Server unexpectedly closed network connection".
I've checked the settings that you mentioned and all looks good.
I am also seeing the following message when I try to connect:
%ASA-6-106015: Deny TCP (no connection) from IP_address/port to IP_address/port flags tcp_flags on interface interface_name. The ASA discarded a TCP packet that has no associated connection in the ASA connection table. The ASA looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is no existing connection, the ASA discards the packet.
A quick Google of this error seems rather complex.
Is this only device, you need to find any other device with different IP can able to SSH, or we need to get in to Console to pull the information.
Note : i saw ASDM picture, are you able to use ASDM ? (from the IP mentioned ?)
Could you please check the output (from console) of the 'show asp table socket'? We expect to see that device is listening on TCP/22?
Please also check the outputs:
Sorry I forgot I could do that!
Result of the command: "show run ssh" ssh stricthostkeycheck ssh 10.0.0.0 255.0.0.0 LAN ssh timeout 60 ssh key-exchange group dh-group14-sha1 Result of the command: "show run aaa" aaa authentication http console LOCAL aaa authentication ssh console LOCAL Result of the command: "show crypto key mypubkey rsa" The command has been sent to the device
Hmm, does this mean my key is missing?