Greetins, I have two Cisco c1841 routers one running the AdvIpServicesK9 12.4(11)T version which has the problem and the other runs the 12.4(24)T5 IOS version, configuration on them is similar.
- SSH remote access
- VPDN access
- IPSEC-ISAKMP Site-to-Site tunnel between them and a third router.
Everything works great on the 24T5 one , the 11T router after a couple of days like 4-5, drops all remote access telnet,ssh,vpdn and also the L2L tunnel unexpectedly. Overall configuration is the same (access-lists etc.). Could it be just the IOS version ? Because it only happens on the older version one. It's like after these 4-5 days a buffer overflow happens and it decides to shutdown all remote access and only way of recovery is by manually hitting the On/Off switch and this is repeatable on the same interval.
Thanks in advance!
hard to say what is causing this. There is a bug which causes SSH version 2 packets induced memory leaks. The workaround is to use version 1:
ip ssh version 1
I agree with Georg that the symptoms suggest that the issue is something like a memory leak. Could you have something monitor the syslog of the router (assuming that you have syslog enabled) and look for messages occurring a bit before it drops connections?
So this issue is not the one about SSH v1 or SSH v2. But it still sounds like an issue with a memory leak. Have you been able to get something that allows you to monitor the syslog, and if so are there any messages as the issue starts?
We would like to identify the cause of this issue. But there is something to be said for finding a solution even if we do not know precisely what the problem is. And the problem does seem to be related to the version of IOS that is running on the router. Is it feasible to upgrade the version of IOS on the router to the version that is running without issue on the other router?