Peter,

Do you require the config for the Router or the ASA, the ASA is a new device and hence has no config.

Connecting the console from the router AUX port to the ASA Console port.

Does ver 15.x perhaps only support SSH using reverse telnet?

Thanks

Zubair

Hello Zubair,

I am interested in seing the router's configuration. The SSH Reverse Access should be supported on the 15.1 but I do not believe that the option of the plain old reverse telnet was removed.

Thank you!

Best regards,

Peter

Peter,

Please see below:

MyRouter#sh run
Building configuration...

Current configuration : 19423 bytes
!
version 15.1
service nagle
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service compress-config
service sequence-numbers
!
hostname MyRouter
!
boot-start-marker
boot system flash0:
boot system flash0
boot system flash0:/c2900-universalk9-mz.SPA.151-3.T.bin
boot system flash:c2900-universalk9-mz.SPA.151-3.T.bin
boot system flash0:c2900-universalk9-mz.SPA.151-3.T.bin
boot-end-marker
!

enable secret xxxxxxxxxxxxxxxxxxxxxxxxxxx
!
aaa new-model
!
aaa session-id common
!
no ipv6 cef
no ip source-route
no ip gratuitous-arps
ip cef
!
no ip mfib
!
no ip bootp server
no ip domain lookup
ip domain name
ip wccp 61 redirect-list xxx
ip wccp 62 redirect-list xxx
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3443541981
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3443541981
revocation-check none
!
!
crypto pki certificate chain TP-self-signed-3443541981
!
license udi pid CISCO2921/K9
!
!
archive
log config
  hidekeys
!
!
ip tcp synwait-time 10
ip tftp source-interface GigabitEthernet0/0
ip ssh time-out 60
ip ssh version 2
!
interface Loopbackxxx
ip address
!
interface GigabitEthernet0/0
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
ip forward-protocol nd
!
control-plane host
!
!
control-plane
!
!
line con 0
exec-timeout 15 0
login authentication admin_only
transport output all
stopbits 1
line aux 0
authorization commands 1 no_acs
authorization exec no_acs
login authentication no_acs
modem InOut
no exec
transport preferred telnet
transport input all
transport output telnet
stopbits 1
flowcontrol hardware
line vty 0 4
access-class 99 in vrf-also
exec-timeout 15 0
privilege level 15
transport input ssh
transport output all
line vty 5 15
access-class 99 in vrf-also
privilege level 15
transport input ssh
transport output all
!
scheduler allocate 20000 1000
end

Zubair,

I see no obvious problem with your configuration. I suggest first removing the superfluous commands from your AUX, i.e. making it only:

line aux 0
 authorization commands 1 no_acs
 authorization exec no_acs
 login authentication no_acs
 no exec
 transport preferred telnet
 transport input all
 transport output all
 stopbits 1
 flowcontrol NONE

In addition, I assume you are reverse-telnetting into the TCP port 2001. Is the port enabled in all ACLs and other firewalls you may have configured on your router? Can you telnet directly from the router itself to any of its IP address, port 2001? How does the failure exactly look like - frozen command line, some error message, connection refused etc...?

Best regards,

Peter