Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1943
Views
0
Helpful
2
Replies

SSH Access Denied

nmdc.kzstan
Level 1
Level 1

‎12-06-2010 08:02 PM

Hi,

Every morning I can't connect to 2801 ISR (c2801-advipservicesk9-mz.124-20.T2.bin) via SSH.

Access lists and login:password are correct. Instead of normal password prompt:

login as: admin

Using keyboard-interactive authentication.

Password:

I get this one:
login as: admin
admin@X.X.X.214's password:
Access denied
Other symptom is internet connection sharing (PAT) stops working too while VPN connection
is ok.
I can connect after router reboot, but the next morning it repeats again.

Labels:
0 Helpful
2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

‎12-06-2010 08:48 PM

Do you happen to have static port address redirection configured on SSH port (TCP/22) that is causing the issue?

Can you share all your NAT configuration as well as the corresponding ACL or route-map. Thanks.

0 Helpful

nmdc.kzstan
Level 1
Level 1
In response to Jennifer Halim

‎12-06-2010 10:57 PM

interface FastEthernet0/0.20

encapsulation dot1Q 10

ip address X.X.X.214 255.255.255.252

ip nat outside

ip virtual-reassembly

crypto map vpn-srt

interface FastEthernet0/1

ip address 192.168.0.254 255.255.255.0

ip nat inside

ip virtual-reassembly

load-interval 30

duplex auto

speed auto

ip nat inside source list STS interface FastEthernet0/0.20 overload
ip access-list extended STS
permit ip 192.168.0.0 0.0.0.127 any

0 Helpful
Customers Also Viewed These Support Documents