Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5772
Views
0
Helpful
3
Replies

Quirky one: Logging in

Go to solution
m.surtees
Level 1
Level 1

‎05-12-2009 01:29 AM - edited ‎03-11-2019 08:30 AM

Hi all,

I'm not sure what's missing here. I moved a FW over the weekend and now only have console access. It's a 5520 running 8.0(3). From the config I have the usual:

ssh scopy enable

ssh 10.x.0.0 255.255.0.0 Axx

ssh timeout 10

ssh version 2

telnet 10.x.0.0 255.255.0.0 Axx

telnet timeout 120

management-access Axx

- I've zeroized and regenerated the rsa key.

- The Axx int is up and up and I can ping it from the 10.x.0.0 network. Axx is also the inside interface security-100. Managemnet0/0 is in shutdown

The following logs are generated when telneting and ssh respectively (same except for d-port):

17:03:03: %ASA-6-302013: Built inbound TCP connection 8100 for ASG:10.x.14.14/1898 (10.x.14.14/1898) to NP Identity Ifc:10.x.109.10/23 (10.x.109.10/23)

17:03:03: %ASA-6-302014: Teardown TCP connection 8100 for ASG:10.x.14.14/1898 to NP Identity Ifc:10.x.109.10/23 duration 0:00:00 bytes 0 TCP Reset-I

17:19:41: %ASA-6-302013: Built inbound TCP connection 8270 for ASG:10.x.0.60/33251 (10.x.0.60/33251) to NP Identity Ifc:10.x.109.10/22 (10.x.109.10/22)

17:19:41: %ASA-6-302014: Teardown TCP connection 8270 for ASG:10.x.0.60/33251 to NP Identity Ifc:10.x.109.10/22 duration 0:00:00 bytes 0 TCP Reset-I

From PuTTY I just get "Network error: Software caused connection abort". From OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 I get a "ssh_exchange_identification: read: Connection reset by peer" and back to bash prompt

Both these clients worked fine on this FW before the power-down and move and still work on all other ASAs and PIXs and ... Very little luck finding anything on Web.

Any help much appreciated

- Mike

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
handsy
Level 1
Level 1
In response to m.surtees

‎05-12-2009 02:09 AM

haha, how very annoying :)

glad you got it fixed though

View solution in original post

0 Helpful
3 Replies 3

Go to solution
handsy
Level 1
Level 1

‎05-12-2009 01:49 AM

Have you enabled 'debug ssh' yet?

Lots of useful data printed back to screen when attempting login that may help you :)

0 Helpful

Go to solution
m.surtees
Level 1
Level 1
In response to handsy

‎05-12-2009 02:04 AM

Hi Handsy

I did do a debug before your reply and I got:

SSH2 0: waiting for SSH2_MSG_NEWKEYSSSH0: TCP read failed, error code = 0x86300003 "TCP connection closed"

SSH0: receive SSH message: [no message ID: variable *data is NULL]

SSH2 0: Unexpected mesg type receivedSSH0: Session disconnected by SSH server - error 0x00 "Internal error"

... but as it's a/hrs here I thought "stuff it" and rebooted. It is not the first time it has gone down since the weekend tho. Then when I tried my trusty linux SSH I was again denied but this time with the good looking "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"

I deleted the key in known_hosts and now I am back in. But I don't understand it as telnet would not work either, now it does of course.

I hate 'fixing' things with a reboot ... it's so, like, microsoft :)

Cheers anyways,

Mike

0 Helpful

Go to solution
handsy
Level 1
Level 1
In response to m.surtees

‎05-12-2009 02:09 AM

haha, how very annoying :)

glad you got it fixed though

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card