ASA 8.0.4

Unanswered Question
Feb 23rd, 2009
User Badges:

Recently attempted upgrade to 8.0.4 but had to downgrade because I could not get ssh working at least from the outside interface. Tried zeroize and generate to no avail. Anyone have this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
eddie.mitchell@... Tue, 02/24/2009 - 08:22
User Badges:
  • Silver, 250 points or more

Did you have the correct source IP specified in the configuration?


ssh outside


What log messages were being generating on the ASA when you were attempting to connect?


fedecotof Tue, 02/24/2009 - 09:54
User Badges:

Hi,

You need the crypto keys and allow SSH access to permitted hosts. That's it.

What exactly is the error or the problem that you're having?

whanson Tue, 02/24/2009 - 12:44
User Badges:

on 7.0 code upgrade to 8.0.4 all else the same, same keys same ssh same everything. Attempt to use putty to outside and get software error. zeroize keys rebuild same issue. Unfortunately, I did not have the luxury of time to debug as this was a cutover from checkpoint to ASA so down graded and putty now works. The reason for the upgrade was the code plus asdm support of the current java vm.

jeremyault Tue, 02/24/2009 - 19:02
User Badges:

I've had the problem where even after I put in "ssh 0.0.0.0 0.0.0.0 outside" I would not be able to SSH in until I rebooted the ASA. I've had this more than once and not just for SSH - also for the ASDM after putting "http 0.0.0.0 0.0.0.0 outside" in. I simply could not get in. Reboot and it worked perfectly.

mjose.zambrano Wed, 02/25/2009 - 01:20
User Badges:

I have experienced the same problem in the most of my installed firwalls.


When I connect by ASDM, I obtain the following information:


Result of the command: "sh ssh sessions"


SID Client IP Version Mode Encryption Hmac State Username

0 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

1 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

2 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

3 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

4 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -



I have discinnect all the sessions, but the ssh access doesn't work.


I have disconnect all the sessions, but it goes on not working.


I have removed the ssh configuration and I have configured it again, the same result.


I have generated the rsa key, the same.



I have installed a lot of firewalls in my professional carreer, and this problem starts with the 8.0 Asa versions.


The action that solve teh problem is a reload.


I have never lost the ADSM or Telnet access.


Any idea?



tim_roper Tue, 07/28/2009 - 06:57
User Badges:

Did you ever try "management-access outside"? This command is typically used to allow a VPN user to access the management of the ASA on a different interface. I can't explain why it works for straight SSH access, though.

Actions

This Discussion