Im trying to configure persistent SSH across management Interface in our new Cisco ASR 1004 platforms. Well, It seems to work fine, however when I try ssh to management interface:
1. TACACS+ authentication doesn´t work. Only local authentication (usernames configured in local) works with persistent SSH. Taking a view to ASR 1004 user guide, aaa is not supported over management interface configured for persistent SSH. Ok, it´s clear for me.
2. SSH session is stuck waiting for free TTY line, but only I´m trying to access to it ¿¿??. I only get into router emulation using persistent SSH, in diag mode pressing Ctrl+C or Ctrl+Shift+6, but you know in diag mode we won´t obtain full line vty capabilities. Anybody knows why don´t we obtain TTY line access using persistent SSH?
This is our config:
transport-map type persistent ssh sshmg
rsa keypair-name ASR_CBR4.elcorteingles.es
transport interface GigabitEthernet0
banner wait "*** WAITING FOR VTY LINE - CBR4***"
banner diagnostic "***DIAGNOSTIC MODE - CUBR4***"
connection wait allow interruptible
transport type persistent ssh input sshmg
You MUST use local authentication to work with Persistant SSH.