Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1120
Views
0
Helpful
5
Replies

C1841 Drops ssh and vpn access after a couple of days

Panosg2304
Level 1
Level 1

‎10-14-2017 04:27 AM - edited ‎03-12-2019 04:37 AM

Greetins, I have two Cisco c1841 routers one running the AdvIpServicesK9 12.4(11)T version which has the problem and the other runs the 12.4(24)T5 IOS version, configuration on them is similar.
- SSH remote access

- VPDN access

- IPSEC-ISAKMP Site-to-Site tunnel between them and a third router.

 

Everything works great on the 24T5 one , the 11T router after a couple of days like 4-5, drops all remote access telnet,ssh,vpdn and also the L2L tunnel unexpectedly. Overall configuration is the same (access-lists etc.). Could it be just the IOS version ? Because it only happens on the older version one. It's like after these 4-5 days a buffer overflow happens and it decides to shutdown all remote access and only way of recovery is by manually hitting the On/Off switch and this is repeatable on the same interval. 
Thanks in advance! 

Labels:
0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎10-14-2017 09:16 AM

Hello,

 

hard to say what is causing this. There is a bug which causes SSH version 2 packets induced memory leaks. The workaround is to use version 1:

ip ssh version 1

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Georg Pauwen

‎10-14-2017 12:21 PM

I agree with Georg that the symptoms suggest that the issue is something like a memory leak. Could you have something monitor the syslog of the router (assuming that you have syslog enabled) and look for messages occurring a bit before it drops connections?

 

HTH

 

Rick

HTH

Rick
0 Helpful

Panosg2304
Level 1
Level 1
In response to Richard Burts

‎10-18-2017 12:45 PM

Even with SSH v1 enabled same thing happens on the same interval

0 Helpful

Georg Pauwen
VIP
VIP
In response to Panosg2304

‎10-18-2017 01:08 PM

Odd indeed. Can you post the full configs of both routers ?

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Georg Pauwen

‎10-23-2017 03:39 PM

So this issue is not the one about SSH v1 or SSH v2. But it still sounds like an issue with a memory leak. Have you been able to get something that allows you to monitor the syslog, and if so are there any messages as the issue starts?

 

We would like to identify the cause of this issue. But there is something to be said for finding a solution even if we do not know precisely what the problem is. And the problem does seem to be related to the version of IOS that is running on the router.  Is it feasible to upgrade the version of IOS on the router to the version that is running without issue on the other router?

 

HTH

 

Rick 

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents