We have a number of PIX that seem to have this problem of refusing managment connections from time to time via SSH. The PIX are still responsive to Console access and still function properly as far as passing/blocking regular traffic. I've tried connecting with Putty and with SecureCRT. We are running
6.3(5) on a 525 failover bundle though most places we just have 515s with 6.3(5)
When I build them I use these commands to generate the certificates.
ca zeroize rsa
ca generate rsa key 1024
ca save all
And then define the following statements allowing SSH access from within the inside network to the device.
aaa authentictation ssh console TACACS+ LOCAL
ssh 192.168.0.0 255.255.255.0 inside
ssh timeout 20
I've attached a packet capture from my computer as well as from the inside interface of the PIX.
From the firewall if I do a show proc | inc ssh here are the processes that it shows.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...