Unable to SSH - Cisco Community

1081

Views

0

Helpful

4

Replies

We setup user authentication through a Radius server. We can SSH to a router when we are local. However, we are unable to SSH when we login to Cisco VPN client. Is there a way to allow SSH when we login to Cisco VPN client?

ssh XXX.XXX.XXX.0 255.255.255.0 Inside

ssh timeout 5
ssh version 2

Thanks.

Laura

4 Replies 4

Laura,

Looks like you're talking about ASA and not router (judging by configuration lines you indicated).

To be able to reach SSH to "inside" interface from VPN client connected to outside interface you will need to add this command.

management-access inside

And of course make sure that you have "ssh" command to allow your VPN user IP pool.

HTH,

Marcin

Yes, you are correct. I tried to SSH to the ASA, not a router. I tried your suggestions and still could not SSH to the ASA when I login to Cisco VPN client. Do you have any other suggestions? Thanks.

Laura

Laura,

That's too few information. I'd say enable logging on informational level and check what's going on.

logging buffered info

logging buffer-size 10000000

Then initiate a connection from VPN client to ASA and run:

sh logg | i IP_ADDRESS_ASSIGNED_TO_CLIENT

If you see a failure/deny/error of any sort, check with the index:

http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/syslog.html

Marcin

Thanks Marcin. I will get back later on today or tomorrow. Thanks again.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community