Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
517
Views
0
Helpful
6
Replies

ASA 8.0.4

whanson
Level 2
Level 2

‎02-23-2009 02:53 PM - edited ‎03-11-2019 07:55 AM

Recently attempted upgrade to 8.0.4 but had to downgrade because I could not get ssh working at least from the outside interface. Tried zeroize and generate to no avail. Anyone have this?

Labels:
0 Helpful
6 Replies 6

eddie.mitchell
Level 3
Level 3

‎02-24-2009 08:22 AM

Did you have the correct source IP specified in the configuration?

ssh outside

What log messages were being generating on the ASA when you were attempting to connect?

0 Helpful

fedecotofaja
Level 1
Level 1

‎02-24-2009 09:54 AM

Hi,

You need the crypto keys and allow SSH access to permitted hosts. That's it.

What exactly is the error or the problem that you're having?

0 Helpful

whanson
Level 2
Level 2

‎02-24-2009 12:44 PM

on 7.0 code upgrade to 8.0.4 all else the same, same keys same ssh same everything. Attempt to use putty to outside and get software error. zeroize keys rebuild same issue. Unfortunately, I did not have the luxury of time to debug as this was a cutover from checkpoint to ASA so down graded and putty now works. The reason for the upgrade was the code plus asdm support of the current java vm.

0 Helpful

jeremyault
Level 1
Level 1

‎02-24-2009 07:02 PM

I've had the problem where even after I put in "ssh 0.0.0.0 0.0.0.0 outside" I would not be able to SSH in until I rebooted the ASA. I've had this more than once and not just for SSH - also for the ASDM after putting "http 0.0.0.0 0.0.0.0 outside" in. I simply could not get in. Reboot and it worked perfectly.

0 Helpful

mjose.zambrano
Level 1
Level 1
In response to jeremyault

‎02-25-2009 01:20 AM

I have experienced the same problem in the most of my installed firwalls.

When I connect by ASDM, I obtain the following information:

Result of the command: "sh ssh sessions"

SID Client IP Version Mode Encryption Hmac State Username

0 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

1 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

2 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

3 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

4 a6:dd8:608a:909:21d3:3e09:43af:dd8

0.0 - - - Closed -

I have discinnect all the sessions, but the ssh access doesn't work.

I have disconnect all the sessions, but it goes on not working.

I have removed the ssh configuration and I have configured it again, the same result.

I have generated the rsa key, the same.

I have installed a lot of firewalls in my professional carreer, and this problem starts with the 8.0 Asa versions.

The action that solve teh problem is a reload.

I have never lost the ADSM or Telnet access.

Any idea?

0 Helpful

tim_roper
Level 1
Level 1
In response to mjose.zambrano

‎07-28-2009 06:57 AM

Did you ever try "management-access outside"? This command is typically used to allow a VPN user to access the management of the ASA on a different interface. I can't explain why it works for straight SSH access, though.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card