06-28-2009 09:49 AM - edited 03-04-2019 05:15 AM
Hi, I can't seem to ssh to my 5505, even though I think I have it setup properly. Below is part of the config, can someone tell me what is wrong?
domain-name windriverdev.com
access-list 101 extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0 255.255.
255.0
access-list vpnclient extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0 25
5.255.255.0
access-list nonat extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0 255.25
5.255.0
access-list acl_in extended permit tcp any host 69.3.19.242 eq 3389
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
ip local pool clients 10.10.10.100-10.10.10.150
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface 3389 192.168.1.90 3389 netmask 255.255.255
.255
route outside 0.0.0.0 0.0.0.0 69.3.19.241 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
http server ena
http 192.168.1.0 255.255.255.0 insideng, statistics or sta
no snmp-server location
dh
no snmp-server contactHCP Relay Agent state,
snmp-server community asa
snmp-server enable traps snmp authentication linkup linkdown coldstart
disk0: Display information ab
snmp-server enable traps syslog
crypto ipsec transform-set national esp-3des esp-md5-hmac
dns-hosts Show DNS ho
crypto ipsec transform-set myset esp-des esp-md5-hmac
failover
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
cisc
hostname Sho
crypto dynamic-map national 20 set transform-set myset
crypto isakmp identity addressof Interface Descriptor Blocks
crypto isakmp enable outside
crypto isakmp p
cisco
encryption 3des
hash sha
group 2erface
lifetime 86400erface status i
crypto isakmp nat-traversal 20
telnet 192.168.1.0 255.255.255.0 insideventory information for all slots
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outsidensi
Platform ASA55
ssh timeout 5p
console timeout 0ss, IDS statistic
!e
class-map inspection_defaultt.ecs (3316 bytes/sec)change
match default-inspection-traffic
01-17-2019 02:16 AM
Hello John,
yes I have please see below,
aaa authentication ssh console LOCAL
crypto key generate rsa modulus 2048
01-17-2019 09:59 AM
Hello
The OP was @mikejgalovich but it seems @Star Sulaiman also posted - so are both of you experiencing the same issue
01-17-2019 10:52 AM
Paul
Mike was the original poster and Star has camped on to an old discussion to ask his question. Since it was never clarified exactly what the problem really was for Mike it is difficult to say whether they are exactly the same problem. I believe that there is a very good chance that the real issue for Star is that the interface that he is connected to does not match the interface listed in the command that enables ssh - waiting for Star to confirm whether this is the case or not. But since both are asking about problems connecting using ssh then they seem somewhat closely related.
HTH
Rick
01-17-2019 01:30 PM
Hello Paul,
The problem solved with Rick's recommendation. Thank you
01-18-2019 03:23 AM
Hello Star
Excellent news - can you mark the post as solved and rate Ricks support please
01-22-2019 02:50 PM
Hello Paul,
I believe I have rated Rick's comment and added solved.
I am new to use the community if I have missed something please guide me how to do it.
Thank you.
Regards,
Star
01-22-2019 03:05 PM
Star
You have indeed rated my suggestions and have stated that it did solve your issue. And thank you for that. Paul has suggested that you mark the question as solved. However the way that the community is operating is that only the person who posted the original question is able to mark the questions as "solved". You have not missed anything and there is not anything else that you can reasonably do for this discussion. I do hope to see you continue to be active in the community.
HTH
Rick
03-03-2020 07:37 AM
aaa authentication ssh console LOCAL
This worked for me, thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide