Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2782
Views
0
Helpful
11
Replies

SSH into ASR 4321 Not Working

NETAD
Level 4
Level 4

‎01-09-2020 08:04 AM

Hello, running into a weird issue with SSH into a router an ASR 4321. It's timing out from remote sites while it works from the local site. We can ping the router, so we know routing is there but ssh and telnet timeout. Not ACLs at all on the router. I captured and attached is what I see. Please assist. Router is running 15.5(2)s

Labels:
ssh-pcap.PNG
Preview file
45 KB
0 Helpful
11 Replies 11

marce1000
Hall of Fame
Hall of Fame

‎01-09-2020 08:17 AM

 

 - What if the remote sites impose restrictions for reaching your ASR trough SSH (such as fire-walling for both Internet and  or Intranet traffic).

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

NETAD
Level 4
Level 4
In response to marce1000

‎01-09-2020 08:57 AM

There isn’t any. We’re able to ssh to the switch downstream from the router just fine.

0 Helpful

paul driver
VIP
VIP
In response to NETAD

‎01-09-2020 11:07 AM

Hello

@NETAD wrote:

There isn’t any. We’re able to ssh to the switch downstream from the router just fine.

So you can ssh/telnet from the rtr but not to the router correct?

sh management-interface
sh run | sec line


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

NETAD
Level 4
Level 4
In response to paul driver

‎01-22-2020 06:44 PM

laporte-r1#sh run | sec control-plane
control-plane
laporte-r1#
0 Helpful

jmperlewitz
Level 1
Level 1

‎01-09-2020 08:58 AM

Check which protocols are allowed for the control plane..  You can allow only explicit protocols and sources to the control plane which does not use ACLs.  Can you paste the following:

 

sh run | sec control-plane

0 Helpful

NETAD
Level 4
Level 4
In response to jmperlewitz

‎01-22-2020 06:41 PM

laporte-r1#sh run | sec control-plane
control-plane
laporte-r1#
Nothing there
0 Helpful

cnarv
Level 1
Level 1
In response to NETAD

‎07-22-2020 11:17 AM

curious if you ever figured this out? I'm having a similar issue where i can log into the router from the same segment in the Mgmt-vrf or local peerings.  Although, I can't ssh to this router from remote networks but I can get into routers/switches from remote networks in the same segment. 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to cnarv

‎07-23-2020 10:09 AM

If you would post a sanitized copy of your configuration we might be better able to identify the issue.

HTH

Rick
0 Helpful

NETAD
Level 4
Level 4
In response to Richard Burts

‎07-23-2020 10:17 AM

Will do later today. Thanks Rich.
0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to NETAD

‎07-24-2020 07:39 AM

I will take a look at it when you get the config posted.

HTH

Rick
0 Helpful

NETAD
Level 4
Level 4
In response to cnarv

‎07-23-2020 10:16 AM

Still unable to. I will post my config and see if Rich can help. 

 

0 Helpful
Customers Also Viewed These Support Documents
Top