cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3709
Views
0
Helpful
5
Replies

Error SSH

kathy-kat
Level 1
Level 1

Hello Everyone!!!

I am configuring the management access for ASA 5540, and I have the following commands:

For example:

http server enable

http 192.168.2.1 255.255.255.255 inside

http 192.168.12.1 255.255.255.255 inside

http 192.168.23.1 255.255.255.255 inside

http 192.168.5.0 255.255.255.255 inside

and when i try to config access for ssh , like ssh 192.168.2.1 255.255.255.255 inside, appear the following error:

ERROR: Unable to configure service on port 22, on interface 'Inside'. This port is currently in use by another feature

I never see something like that, any idea??

5 Replies 5

Kureli Sankar
Cisco Employee
Cisco Employee

Well, we need the output of the following

sh run ssh

sh run static

sh asp table socket

check this link: https://supportforums.cisco.com/docs/DOC-13012

run through the check list under "unable to ssh" section.

-KS

Thanks Kusankar!!

Here the info:

fw# sh run ssh
ssh timeout 15
ssh version 2


fw# sh run static
static (DMZ,Outside) www 172.16.20.10 netmask 255.255.255.255

fw# sh asp table socket


Protocol  Socket    Local Address               Foreign Address         State
TCP       012b7a0f  192.168.0.85:23             0.0.0.0:*               LISTEN
SSL       012b873f  192.168.0.85:443            0.0.0.0:*               LISTEN
TCP       0134b6f8  192.168.0.85:23             192.168.2.209:1101      ESTAB

Kat

Katherine,

Did you take a look at the link that I provided?

https://supportforums.cisco.com/docs/DOC-13012#make_sure_ssh_is_enabled_and_allowed

Solution to your problem is right there on the above link.

-KS

Hello Kusankar,

I run this command : debug ssh

And here is the answer: SSH2 0: channel window adjust message sent

And the logs that appears in the ASA: said something flag with SSH, so I deleted all the access with telnet and config access for ssh and works fine, i did not have any problem like yesterday, do you think that could be a problem with the flags??

Regards,

Kat

Katherine,

The ASA wasn't even listening on port 22 from the "sh asp table socket" output that you posted. It was only listening on 23 and 443 NOT 22.

Protocol  Socket    Local Address               Foreign Address         State
TCP       012b7a0f  192.168.0.85:23             0.0.0.0:*               LISTEN
SSL       012b873f  192.168.0.85:443            0.0.0.0:*               LISTEN
TCP       0134b6f8  192.168.0.85:23             192.168.2.209:1101      ESTAB

So, when you enabled ssh it started to work fine.

-KS

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: