I have an ASA 5505 running v8.03 firmware that after a few days of uptime stops accepting SSH connections.
My SSH setup is pretty simple, just:
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 60
I get the following messages in my syslog when SSH stops working:
(yyy.y.yyy.y is my SSH client's IP, xxx.xxx.xxx.xx is the ASA firewall IP)
02-29 09:05:22 Local4.Info xxx.xxx.xxx.xx Feb 29 2008 09:08:30: %ASA-6-302013: Built inbound TCP connection 495222 for outside:yyy.y.yyy.y/56782 (yyy.y.yyy.y/56782) to NP Identity Ifc:xxx.xxx.xxx.xx/22 (xxx.xxx.xxx.xx/22)
2008-02-29 09:05:22 Local4.Notice xxx.xxx.xxx.xx Feb 29 2008 09:08:30: %ASA-5-321001: Resource 'ssh' limit of 5 reached for context 'single_vf'
2008-02-29 09:05:22 Local4.Info xxx.xxx.xxx.xx Feb 29 2008 09:08:30: %ASA-6-302014: Teardown TCP connection 495222 for outside:yyy.y.yyy.y/56782 to NP Identity Ifc:xxx.xxx.xxx.xx/22 duration 0:00:00 bytes 0 TCP FINs
Anyone have any ideas on what causes this and how to fix? (I've been rebooting the ASA to fix it which seems drastic)
I don't have any problems on any of my other ASA boxes, but they are running 8.02...so maybe this is something specific to 8.03?
(or maybe the box is under a DOS SSH attack which is using up all the SSH process resources?)