cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

493
Views
0
Helpful
4
Replies
Beginner

Unable to SSH

We setup user authentication through a Radius server.  We can SSH to a router when we are local.  However, we are unable to SSH when we login to Cisco VPN client. Is there a way to allow SSH when we login to Cisco VPN client?

ssh XXX.XXX.XXX.0 255.255.255.0 Inside

ssh timeout 5
ssh version 2

Thanks.

Laura

4 REPLIES 4
Cisco Employee

Re: Unable to SSH

Laura,

Looks like you're talking about ASA and not router (judging by configuration lines you indicated).

To be able to reach SSH to "inside" interface from VPN client connected to outside interface you will need to add this command.

management-access inside

And of course make sure that you have "ssh" command to allow your VPN user IP pool.

HTH,

Marcin

Highlighted
Beginner

Re: Unable to SSH

Yes, you are correct.  I tried to SSH to the ASA, not a router.  I tried your suggestions and still could not SSH to the ASA when I login to Cisco VPN client.  Do you have any other suggestions?  Thanks.

Laura

Cisco Employee

Re: Unable to SSH

Laura,

That's too few information. I'd say enable logging on informational level and check what's going on.

logging buffered info

logging buffer-size 10000000

Then initiate a connection from VPN client to ASA and run:

sh logg | i IP_ADDRESS_ASSIGNED_TO_CLIENT 

If you see a failure/deny/error of any sort, check with the index:

http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/syslog.html

Marcin

Beginner

Re: Unable to SSH

Thanks Marcin.  I will get back later on today or tomorrow.  Thanks again.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here