Updated to ssh ver 2

still the same error Escape character is '^]'.

SSH-2.0-Cisco-1.25

Connection closed by foreign host.

I am using c3845-advipservicesk9-mz.123-11.T5.bin

-Sai.

Please discard my last message as "ip domain-name" is now required before proceeding with the rest of the ssh config.

Thanks,

Tried using the client but nuthing happens, enabled debug ip ssh and here is the output upon doing a telnet on port 22

*Jun 28 18:36:21.557 IST: SSH1: starting SSH control process

*Jun 28 18:36:21.557 IST: SSH1: sent protocol version id SSH-1.5-Cisco-1.25

*Jun 28 18:36:57.537 IST: SSH1: protocol version id is -

*Jun 28 18:36:57.637 IST: SSH1: Session disconnected - error 0x1B

-Sai

Can you enable the "debug ip ssh" and try connecting using the SSH client.

Thanks,

I think you did not understand my post of June 23 where I suggested that the problem might be the SSH implementation and suggested an upgrade to SSHv2. You replied that you had upgraded and still have the issue.

But the output in this message clearly shows that the router is not running SSHv2 but is running SSHv1:

*Jun 28 18:36:21.557 IST: SSH1: starting SSH control process

*Jun 28 18:36:21.557 IST: SSH1: sent protocol version id SSH-1.5-Cisco-1.25

I do not know what you upgraded, but I strongly suggest that you upgrade the router to run SSHv2.

I also agree with Harold that you should test with an SSH client and not by trying to telnet to port 22.

HTH

Rick

Hi Rick,

I tried with both SSHv1 and SSHv2 and get the same error message. Moreover when I try to communicate with the router through Putty (SSH client), i do not get any response from the router and also "debug ip ssh" does not bring any output., whereas pure telnet works absolutely fine.

in vty 0 4

transport input is set to telnet and ssh

transport output is set to all

transport preferred is set to ssh

-Sai

I would feel better if you showed me router output where it shows SSHv2 and not working.

I am very interested in your comment that when you attempt to access with Putty that you get no response. It makes me think that the SSH from Putty is not getting to the router for some reason. At first I thought that it sounded like an access list somewhere along the path was not permitting the access. But then I think that if it were an access list issue it should also stop the telnet to port 22. So if I believe that it is not an access list question then I wonder if it is something in the Putty setup. Can you verify the Putty setup? Is that end station with Putty the same one that you use for telnet to port 22? Is the end station with Putty able to access other routers with SSHv2?

HTH

Rick

Hi Rick,

i tried to SSH using a machine that is not in LAN and it worked... I guess its something to do with the Firewall settings, it might be blocking SSH somewhere..

let me catch hold of the firewall guys, guys I am comingggggggggggggggggg :)

-Sai.

I am glad that we are making progress in getting this solved.

Good luck in dealing with the firewall guys.

HTH

Rick

Hi rick,

the firewall was set only to send out telnet connections only

its working from LAN as well....

thanks a lot..

-Sai.