cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7338
Views
0
Helpful
25
Replies

C9300-48T SSH/Telnet login Issue

Nurul Islam
Level 1
Level 1

Hi,

We have a new C9300-48T(Stack of 5).

I have configured SSH but not able to login using ssh...

 

When I am trying to SSH, it's showing Connection established and getting stuck, no login propmpt popping up

 

SSH.png

 

You can see the above image, nothing is happening after this

Options I tried:

1. zeroize the key and regenerated (2048 bit)

2. deleted username, password and recreated

3. deleted enable secret and recreated

 

Config:

line con 0
no password
privilege level 15
exec-timeout 15 0
!
line vty 0 4
password xxxxx
exec-timeout 15 0
privilege level 15
transport input telnet ssh
enable secret xxxxxx
!
line vty 5 15
no password
exec-timeout 15 0
privilege level 15
transport input telnet ssh

===========================

Tried with below config as well:

line vty 0 4

password xxxxx

login local

transport input telnet ssh

 

line vty 5 15

password xxxxx

login local

transport input telnet ssh

===========================

None of these worked

Please help

25 Replies 25

Can you try traceroute from your pc to switch and from switch to pc and see if there is any asymmetric route happening or f/w in the path blocking the access? 
You could also try reconfiguring the keys and check if the CPU usage on switch is good. 

 

 

 


## Make sure to mark post as helpful, If it resolved your issue. ##





## Make sure to mark post as helpful, If it resolved your issue. ##

Jun 7 21:52:27.598: SSH2 1: SSH ERROR closing the connection
*Jun 7 21:52:27.598: SSH1: receive failure - status 0x03

thank you for the some input to so we can work on.

 

I am sure you trying from remove network. Do you have any one in the Local network who can just try SSH to device ?

 

we aslo need how these device reaching internet ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Today able to telnet from directly connected switch but not from other switches & the Workstation

Thanks for the update. Interesting that you can telnet from the local subnet but not from a remote subnet. So several questions about this:

1) can the device on the remote subnet ping the address of the switch?

2) can the switch ping the device in the remote subnet?

3) in the posted config you have this static default route

ip route 0.0.0.0 0.0.0.0 10.38.1.1

Is this the correct gateway address? Can the switch ping the next hop address?

4) in the posted debug output we see several instances of the switch sending an echo reply to a remote IP address. This suggests that the switch does have connectivity to remote subnets. Is this correct?

5) if telnet from a local subnet does work, have you tried SSH from that device?

HTH

Rick

Yes, Ping is working from both the ends

Switch is able to ping the default gateway

Just now checked, SSH is working when doing it from other switch within the same subnet

 

Thanks for the additional information. This is significant. We have been looking at this as a possible problem with SSH on the new switch. But if SSH is successful from a switch in the same subnet then SSH on the new switch does work. Either there is something problematic about being remote or there is something problematic about SSH on the remote device. So I have these questions:

1) can the new switch ping the remote workstation that is attempting SSH?

2) can the remote workstation ping the new switch?

3) can the remote workstation attempt to connect to the new switch using telnet? (I realize that SSH is more secure and would be preferred but am looking to see if any kind of remote access works).

4) can you try SSH and telnet from some other remote device?

5) is the remote workstation inside the organization network or is it in the Internet?

HTH

Rick

Do you have any rough diagram of how you are getting into this device and what all devices in the transit path.

 

what is the directly connected switch IP address, what is the switch IP address ?

 

are you able to ssh from a directly connected switch to confirm switch SSH working?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Nurul Islam
Level 1
Level 1

Hi Guys,

 

Issue got fixed.

actually there are two core switches, one is 45k and the other one is 65k.

Issue was with the 45k, assuming it was assymetric routing issue. it was learning the route from one interface and sending the return route to different interface.

When I attached the port to 65k and pointed the route towards it, it statred working

Now ssh / telnet is working perfectly

 

Thanks a lot for your help:)

Glad to know all working, we mark as resolved so other community members can refer in case same issue.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Sure, and thanks for your quick responses

Thanks for the update. Glad to know that it is now working. Thanks for sharing the explanation of the issue and how you resolved it. This does confirm my suggestion that it was something related to the SSH request being remote. I will admit that I had not thought about the possibility of asymmetric paths being the issue. Congratulations on figuring out that was the issue. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick
Review Cisco Networking for a $25 gift card