cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3588
Views
0
Helpful
8
Replies

Problems with VTY

ieasm0001
Level 1
Level 1

Hi.

I can't login to my router using ssh, when i connected using console and entered "sh users" i saw next:

Line       User       Host(s)              Idle       Location

*  0 con 0     user     idle                 00:00:00

514 vty 0                Exec                 00:00:00

515 vty 1                Exec                 00:00:00

516 vty 2                Exec                 00:00:00

517 vty 3                Exec                 00:00:00

518 vty 4                Exec                 00:00:00

my vty config:

line vty 0 4

exec-timeout 120 0

transport input ssh

escape-character 3

I tried kill sessions using "clear line ", "clear line vty", " sh tcp brief", in global config entered "no line vty 5 15" it was permitted, but i can't add line lines, when i configure new lines:

line vty 5 15

exec-timeout 120 0

transport input ssh

escape-character 3

nothing happen.

Router model: Cisco 2811

IOS: c2800nm-adventerprisek9-mz.124-22.T.bin

Somebody know, how i can kill this session and reconfigure line vty?

PS: reboot isn't welcome.

8 Replies 8

Hi Maxim,

Do you have SNMP RW configured ?

If yes, can you post the output of below command

snmpwalk -v 2c - c tcpconnstate

Regards,

Smitesh

I done it:

iso.3.6.1.2.1.6.13.1.1.81.26.144.201.61746.81.26.144.193.179 = INTEGER: 5

Hi Maxim,

Maxim Gusev wrote:

I done it:

iso.3.6.1.2.1.6.13.1.1.81.26.144.201.61746.81.26.144.193.179 = INTEGER: 5

Is this the only line which you get by issuing the said command.

If yes, then unfortunately this is not we are looking for as that says that only TCP connection state route does have as of now is on port 179 (which is of BGP, btw).

If no, then can you share the complete output of the said command.

Also, can you once more share the results of the following:

show caller ip

show user

show run | sec vty

Regards,

Smitesh

show caller ip output:

#show caller ip

  Line           User       IP Address      Local Number    Remote Number   <->

#

show users output:

#sh users

    Line       User       Host(s)              Idle       Location

*  0 con 0     ieasm      idle                 00:00:00

514 vty 0                Exec                 00:00:00

515 vty 1                Exec                 00:00:00

516 vty 2                Exec                 00:00:00

517 vty 3                Exec                 00:00:00

518 vty 4                Exec                 00:00:00

  Interface    User               Mode         Idle     Peer Address

#

show run | sec vty output:

#sh run | sec line vty

line vty 0 4

exec-timeout 120 0

transport input ssh

escape-character 3

#

Hi Maxim,

Do didn't unanswered my question about output of the command snmpwalk, whether that was the only line you were seeing or more lines followed.

Still, can you do the following

(config)line vty 0 4

session-timeout 1

end

HTH,

Smitesh

Rozsa Illes
Cisco Employee
Cisco Employee

Hello Maxim,

The output seems very strange with no user listed and all lines having the idle time as 00:00:00. I am not clear if you tried the following as you mentioned that you did a show tcp brief. Does it list any connection on the vty lines? It should list a TCB number for every connection and it is possible to clear the lines via:

clear tcp tcb

Warm Regards,

Rose

After "sh tcp brief" i don't see line sessions becouse i don't have a target to kill with "clear tcp tcb " command.

Hello Maxim,

Was this working before?

Aside from what I mentioned and what you already tried, I cannot think of other ways to clear the lines. Maybe we can try to zeroize the RSA key and create a new one.

I am also wondering if you get any message and if you would prefer to do some debugging like if regenerating the RSA key does not help either:

debug ip ssh

debug ip tcp transaction / packet vty ?

Warm Regards,

Rose

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: