Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1331
Views
0
Helpful
3
Replies

CIsco C1111-8P routers disabling SSH

vitumbiko nkhwazi
Level 1
Level 1

‎12-16-2021 12:58 AM

Hello guys.

 

We have deployed new Cisco 1111-8P routers in most of our branches, but what i have been noticing lately is that the routers will suddenly become unaccessible via ssh, when we login via console, we can see that ssh is disabled, we have to re-enable ssh by generating a new key. My question is why does the router after a certain period of time disable ssh? what is causing this?

 

Regards.

Labels:
0 Helpful
3 Replies 3

marce1000
VIP
VIP

‎12-16-2021 05:16 AM

 

 - That normally should not happen,  make a working ssh-config (again) and save it , change your administrative-passwords, to prevent unauthorized tampering with the device. Make sure only allowed-persons can have admin-access , if you are not up to doing that already then you may also  send logs to syslog when config is  changed and and or for tracking user-activities. Use these steps :

 

1. enable

2. configure terminal

3. archive

4. log config

5. logging enable

6. logging size entries

7. hidekeys

8. notify syslog

9. end

 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

vitumbiko nkhwazi
Level 1
Level 1
In response to marce1000

‎12-16-2021 06:51 AM

hello @marce1000 

 

Thanks for the help but i dont think its due to some unauthorized changes happening on the routers as it is only happening on the 1111-8P's and not the other models we have in our environment, can the licensing be the cause? see output for the license below

 

Suite License Information for Module:'esg'

--------------------------------------------------------------------------------
Suite Suite Current Type Suite Next reboot
--------------------------------------------------------------------------------
FoundationSuiteK9 None None None
securityk9
appxk9


Technology Package License Information:

-----------------------------------------------------------------
Technology Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------
appxk9 None None None
securityk9 securityk9 RightToUse securityk9
ipbase ipbasek9 Permanent ipbasek9

The current throughput level is unthrottled

Smart Licensing Status: Smart Licensing is DISABLED

0 Helpful

paul driver
VIP
VIP

‎12-16-2021 03:51 PM

Hello

Have you tried to make the ssh connections persistant?
show transport-map all

Example:
transport-map type persistent ssh sshhandler
connection wait allow
rsa keypair-name sshkeys
authentication-retries x
transport interface x/x


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card