Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Can not connect ASA through SSH and HTTPS

I have just configured the firewall with all the standard configuration but I can not gain SSH access. I have attached the running-config below, can someone please let me know what am I missing. I have configured the SSH exactly as stated at :

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mgaccess.html#wpxref11628

still no connectivity, do I have to generate any other certificates other than the crypto rsa key which I have already generated ?

For more info, I can not even connect the device through HTTPS even after enabling the HTTP server.

Regards,

Murtaza

3 REPLIES
Cisco Employee

Re: Can not connect ASA through SSH and HTTPS

What is the output of:

show crypto key mypubkey rsa

New Member

Re: Can not connect ASA through SSH and HTTPS

If general connectivity is OK (it does answer

to pings when connected to network, right ?)

Then I'd zeroize the current key and create new ones for a check

ASA(config)# crypto key zeroize rsa

ASA(config)# crypto key generate rsa

If it doesn't help ,trying to enable debug and

connecting simultaneously by Console and http/ssh would reveal more info ..

ASA# debug http 255

ASA# debug ssh 255

If there is some communication you'll see smth like

ASA(config)# listen: Received HTTP request.

Started http listen on interface outside port 443

ASA(config)# http_get_token: received no block data for ssl

listen: Received HTTP request.

Started http listen on interface outside port 443

BTW running config is OK 100%

New Member

Re: Can not connect ASA through SSH and HTTPS

Thanks for that Yuri, I'll have a look at the troubleshooting through debugging as suggested, the device is offline currently so I'll have to check that later.

Regards

Murtaza

548
Views
0
Helpful
3
Replies