ACE - context administration

Unanswered Question
Mar 31st, 2008


I've created two contexts, allocated administrative vlan to each context, in each context created management class map and policy map (allow all icmp,ssh) and binded it to this vlan. I can ping each context but i can not telnet to port 22 (ssh not listening).

I've done the same in Admin context and i can login using ssh. Why another contexts do not have sshd listening ?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ciscocsoc Mon, 03/31/2008 - 05:51


Have you created the SSH host key pair in each of the user contexts? See Administration Guide Ch2 for info. If this is still not working can you post the context configuration?



mlopacinski Tue, 04/01/2008 - 00:26

I've found that in new wersion i do not have "ssh" command under context-config:

host1/Admin(config-context)# ssh key rsa1 1024

but anyway i tried to login and had to wait about 5 minutes - then context let me in.

it seems that context drugging first ssh login (first TCP SYN on port 22) generates appriopriate keys ? (and it can not be done by any command anymore)?


Gilles Dufour Tue, 04/01/2008 - 08:26

The 'ssh key' command is an admin only command.

You need to run it in admin first.

Then you can access any context.

There is no automatic key generation.



This Discussion