2 x ASA 5505, but can't SSH to 1 from remote location
We have 2 ASA 5505 devices used to create a VPN to a client. Whilst there are 2 ASAs, only one is used at any time; the other is configured identially as a hardware backup.
Their startup-config files only differ in the hostname.
Remote SSH access to the ASA from several static IP addresses has been enabled on the outside interface. We can connect succssfully via SSH from a remote IP when one of them is used, but when it's replaced with the backup ASA, attempting to SSH to it results in the message "Server unexpectedly closed network connection".
SSHing to either ASA works fine via the inside interface.
The boxes are outside our firewall, and so traffic to it isn't being restricted by that.
Can anyone please suggest what might be causing this? Thanks for your help.
Re: 2 x ASA 5505, but can't SSH to 1 from remote location
Thank you, Prapanch... that was the shove in the right direction I needed.
It dawned on me afterwards that someone had initially configured one of the ASAs, and that we'd subsequently purchased the second. He must have generated the RSA key. Because the key doesn't appear in the startup-config, I had assumed both boxes were configured identically, but the second box didn't have the RSA key.
Running the crypto key generate rsa modulus 1024 on the second ASA enabled SSH connections from the remote location.
The reason why I thought we had SSH working to both boxes locally was because I had misread the connection details in PuTTY, and was in fact making a Telnet connection to them when I'd thought it was an SSH connection.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...