Solved: Access using Putty

jaimes.badillo · ‎01-06-2014

Hi,

I am having issues connecting to my cisco 2960 switch through putty. When I try to connect I get access denied. This is not a new switch and I have asked the networking group if any changes have been made.

david-swope · ‎01-08-2014

Was going to mention AAA, anytime you get a long lag it's more than likely its TACACS/AAA related

View solution in original post

Richard Burts · ‎01-06-2014

You tell us that this is not a new switch. But you do not tell us whether access using putty used to work or not. That would be a good place to start.

You also have not told us whether you are attempting to connect using Telnet, SSHv1, SSHv2, or some combination. That would also be helpful information.

When you attempt to connect do you get any prompt? Or is it just immediately a message about access denied?

Can you give us the specific message that you get when you attempt to connect? That might provide some insight into the issue.

HTH

Rick

HTH

Rick

Bilal Nawaz · ‎01-06-2014

Is this related to Micheal Roarks post?

https://supportforums.cisco.com/thread/2259639?tstart=0

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

jaimes.badillo · ‎01-06-2014

Yes, access using putty used to work. I am using SSH. It sits their for about 20 seconds then I get the message access denied.

Richard Burts · ‎01-06-2014

It is helpful to know that using putty used to work and that you are using SSH.

Probably the next step is to verify that it is not an IP connectivity issue. First can you clarify whether you are accessing using the name or using the IP address? Second can you ping the IP address of the switch?

Assuming that ping is successful then I would like to know whether your IP address is in the same subnet as the switch or is in a different subnet?

HTH

Rick

HTH

Rick

jaimes.badillo · ‎01-06-2014

I am using the IP address and I am able to ping the switch. They are not in the same subnet.

Richard Burts · ‎01-06-2014

Thanks for the information. That does seem to eliminate the possibility of IP connectivity as the problem. The next step probably needs some detailed information about the configuration of the switch, things like whether the version of SSH used has changed, and whether there is an access-class applied to the vty lines. Do you have access to information like that?

HTH

Rick

HTH

Rick

jaimes.badillo · ‎01-06-2014

The version of ssh is SSHv2 I do have access to the VTY of one of the switch that I can access through puty.

Richard Burts · ‎01-06-2014

It is good to know that it is SSHv2. If the switch had been using v1 and changed to v2 it could have produced symptoms like what you experience. But if it is already on v2 then versioning is not likely the problem.

It is good that you have access to vty of one switch. But we need information about the switch to which you can not connect. And we need details about the switch configuration. Are you able to get that information?

HTH

Rick

HTH

Rick

jaimes.badillo · ‎01-08-2014

Thank you for your help. After looking at other switches I noticed that one of the switch was missing a rule to allow it to connect to the radius server. Once I added that line it was working again.

david-swope · ‎01-08-2014

Was going to mention AAA, anytime you get a long lag it's more than likely its TACACS/AAA related