12-26-2014 04:45 AM - edited 03-07-2019 10:01 PM
Hello guys!
I`ve Cisco 2921 and a little trouble with it:
LAN interface was configured to work with 192.168.1.0/24 subnet
After all IPs run out we had change subnet to 192.168.0.0/23
Running config:
LAN interface
interface GigabitEthernet0/0
description Local network
ip address 192.168.1.1 255.255.254.0
ip nat inside
ip virtual-reassembly in
ip policy route-map LAN
duplex auto
speed auto
SSH
line vty 0 4
access-class 1 in
password XXXXXXXXXX
transport input ssh
Access list for SSH
access-list 1 permit 192.168.0.0 0.0.1.255
Trouble:
Can not connect to 192.168.1.1:22 (Cisco`s IP) via SSH from 192.168.1.x
Port 22 filtered (nmap) even if remove access-class 1 in
But I can establish connection from 192.168.0.x
I can`t understand what is wrong :(
12-26-2014 06:06 AM
Hi
What is the output of "show ip ssh"?
12-26-2014 06:28 AM
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa XXXXXX
12-26-2014 08:57 AM
I can't see anything wrong with the configuration you have provided.
12-26-2014 12:32 PM
Hello,
Can you post full config related to SSH? Do you have domain name configured on the router?
Also, try to clear and regenerate RSA key.
Thx
MS
12-29-2014 03:23 PM
I believe you have to use as username/password to use SSH. The password directly on the line will not work with SSH.
Do a #show ip sockets
and see if the device is listening on the port as another t shooting step.
My template config to configure remote access looks like this just to compare:
username admin privilege 15 secret <password>
aaa new-model
aaa authentication login VTY_LOGIN local group radius
aaa authorization exec VTY_AUTHO local group radius
ip domain-name <domain name>
hostname <hostname>
crypto key generate ....
ip ssh version 2
line vty 0 4
authorization exec VTY_AUTHO
login authentication VTY_LOGIN
transport input ssh
Be sure to rate helpful posts! :-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide