Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

8.2.5 Lost SSH Access

I have a 5540 running 8.2.5 and SSH access stopped working. Telnet still works.

Logs show this:

%ASA-6-302013: Built inbound TCP connection 227557909 for outside:x.x.x.x/62168 (x.x.x.x/62168) to identity:y.y.y.y/22 (y.y.y.y/22)

%ASA-5-321001: Resource 'ssh' limit of 5 reached for context 'single_vf'

%ASA-6-302014: Teardown TCP connection 227557909 for outside:x.x.x.x/62168 to identity:y.y.y.y/22 duration 0:00:00 bytes 0 TCP FINs

I go into the firewall a do a "sh ssh sessions" and get no sessions returned.

I know there are some bugs that sound very similar like CSCsm68097, but all involve much eariler code. Any other more modern bugs for the same problem?

Everyone's tags (4)
4 REPLIES

8.2.5 Lost SSH Access

Hello,

As a test can you take out the entire SSH configuration and then just apply it back.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

8.2.5 Lost SSH Access

Stripped off the SSH and reapplied it.

clear configure ssh

Then I pasted all of the ssh statements.

ssh x.x.x.x 255.255.255.0 inside

ssh x.x.x.x 255.255.255.0 outside

etc.

Same thing.

New Member

8.2.5 Lost SSH Access

This ASA has some serious uptime. I'm pretty sure a reboot will fix it, but I can't let me curiosity go. :-)

Re: 8.2.5 Lost SSH Access

Hello,

Me too.

I am pretty sure a Reload will clear the orphaned SSH sessions.

CSCsm68097

CSCts72188

Check those 2. Looks like 8.2.5 is being hitted on your case. Can you reload and monitor to check if it happens again?

Regards,

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
715
Views
0
Helpful
4
Replies
CreatePlease to create content