File Transfer using Secure Copy Server on Cisco ASA 5510
I have SSH and SCP enabled on the ASA 5510. I can SSH fine into the device. However, I cannot copy files to the device usng WinSCP. Used all options but nothign seems to work. I see the log authentication successful, but then WinSCP reports no response from ASA.
There is no directory support in this implementation of SCP, limiting remote client access to the adaptive security appliance internal files.
I'm not sure if there is a way to disable this functionality for WinSCP, but you can use something like 'pscp' on Windows (or 'scp' on Linux/Mac) to copy the files you need. The syntax would look something like this:
From the CLI (I happened to use PowerShell), I changed my working directory to that which contained my files to be transfered. I then entered the syntax as below:
PS C:\Users\myusername\Downloads> .\pscp.exe .\asa971-4-lfbff-k8.SPA email@example.com:asa971-4-lfbff-k8.SPA The first key-exchange algorithm supported by the server is diffie-hellman-group1-sha1, which is below the configured warning threshold. Continue with connection? (y/n) y firstname.lastname@example.org's password:
Note: It may take a while to transfer but I'm pretty sure that's just a limitation of the protocol. Also if you're working within the legacy Windows command-line just remove the .\ from your command syntax and you should be fine.
PS- Don't forget to enable SSH Secure Copy capabilities in the ASA (conf t > ssh scopy enable)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...