cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1645
Views
0
Helpful
6
Replies

WLC 2504 SSH Access denied

AnzeZ
Level 1
Level 1

Hi.

 

I am running into a strange problem with WLC 2504. I can not SSH to any of our 3 WLCs via SSH, I get response "Access denied" (while already typed in username) as I was typing the wrong password. I know for a fact that the password is correct, I can get in via GUI, but not via SSH - I also created new user and copied password in while creating user and while using to login via SSH.

I have enabled Telnet and SSH, also under user I have checked "Telnet capable". We are using Software Version 8.5.161.0.

 

I am out of ideas, any idea from you guys wold be highly appreciated.

 

Kind regards

 

6 Replies 6

marce1000
VIP
VIP

 

 - Are by chance any ACL's being used to prevent SSH-access for your case or source.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

There are ACLs, but it is allowed from where I am working. Also, if there would ACL block communication, I would never come to the point of typing username and password? Correct me if I am wrong?

KR

 

 - Not sure , you may remove them temporarily as a test and try again, if you mean ssh access through wireless , then it must be allowed  - verify with :

              (WLC) >grep include ssh "show network summary"

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Just changed ACL that all lines are with permit at the end. The issue persist.
I am connecting via LAN/VPN, not via wireless behind WLC.

 

                         >...Just changed ACL that all lines are with permit at the end

  = Can not always be sufficient , sometimes an implicitly deny for everything else can get included.  It would be safe to remove all ACL's as a sanity check. You could for instance take a backup of the current configuration , do that test , restore - if so desired.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

AnzeZ
Level 1
Level 1

Putty output:

login as: testuser
Keyboard-interactive authentication prompts from server:
| Password:
End of keyboard-interactive prompts from server
Access denied
Keyboard-interactive authentication prompts from server:
| Password:

Review Cisco Networking for a $25 gift card