09-14-2010 01:04 PM - edited 03-11-2019 11:40 AM
Hello Everyone!!!
I am configuring the management access for ASA 5540, and I have the following commands:
For example:
http server enable
http 192.168.2.1 255.255.255.255 inside
http 192.168.12.1 255.255.255.255 inside
http 192.168.23.1 255.255.255.255 inside
http 192.168.5.0 255.255.255.255 inside
and when i try to config access for ssh , like ssh 192.168.2.1 255.255.255.255 inside, appear the following error:
ERROR: Unable to configure service on port 22, on interface 'Inside'. This port is currently in use by another feature
I never see something like that, any idea??
09-14-2010 02:27 PM
Well, we need the output of the following
sh run ssh
sh run static
sh asp table socket
check this link: https://supportforums.cisco.com/docs/DOC-13012
run through the check list under "unable to ssh" section.
-KS
09-15-2010 06:15 AM
Thanks Kusankar!!
Here the info:
fw# sh run ssh
ssh timeout 15
ssh version 2
fw# sh run static
static (DMZ,Outside) www 172.16.20.10 netmask 255.255.255.255
fw# sh asp table socket
Protocol Socket Local Address Foreign Address State
TCP 012b7a0f 192.168.0.85:23 0.0.0.0:* LISTEN
SSL 012b873f 192.168.0.85:443 0.0.0.0:* LISTEN
TCP 0134b6f8 192.168.0.85:23 192.168.2.209:1101 ESTAB
Kat
09-15-2010 06:36 AM
Katherine,
Did you take a look at the link that I provided?
https://supportforums.cisco.com/docs/DOC-13012#make_sure_ssh_is_enabled_and_allowed
Solution to your problem is right there on the above link.
-KS
09-15-2010 07:04 AM
Hello Kusankar,
I run this command : debug ssh
And here is the answer: SSH2 0: channel window adjust message sent
And the logs that appears in the ASA: said something flag with SSH, so I deleted all the access with telnet and config access for ssh and works fine, i did not have any problem like yesterday, do you think that could be a problem with the flags??
Regards,
Kat
09-15-2010 07:25 AM
Katherine,
The ASA wasn't even listening on port 22 from the "sh asp table socket" output that you posted. It was only listening on 23 and 443 NOT 22.
Protocol Socket Local Address Foreign Address State
TCP 012b7a0f 192.168.0.85:23 0.0.0.0:* LISTEN
SSL 012b873f 192.168.0.85:443 0.0.0.0:* LISTEN
TCP 0134b6f8 192.168.0.85:23 192.168.2.209:1101 ESTAB
So, when you enabled ssh it started to work fine.
-KS
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: