Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ssh connection probelm on ASA.

hello,

I've configured to connect outside using ssh ver 1/2 on ASA. but i can't connect using SecureCRT and PuTTY ssh client software..

Additionally, I tred to connect outside of ASA from router witch ssh command.

but the result is the same..

Here is configuration on ASA.

Let me know why i can't connect ASA's outside interface.

ASA Version 7.1(2)

!

hostname ASA-5540

domain-name cisco.com

enable password xxxx

names

!

interface GigabitEthernet0/0

description *** Outside ***

nameif outside

security-level 0

ip address 192.168.200.2 255.255.255.0

!

interface GigabitEthernet0/1

description *** Inside ***

nameif inside

security-level 100

ip address 192.168.100.2 255.255.255.0

!

interface GigabitEthernet0/2

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/3

shutdown

no nameif

no security-level

no ip address

!

interface Management0/0

description ** Management Only ***

nameif Management

security-level 0

ip address 192.168.250.2 255.255.255.0

management-only

!

passwd xxxx

boot system disk0:/asa712-k8.bin

ftp mode passive

dns server-group DefaultDNS

domain-name cisco.com

same-security-traffic permit inter-interface

pager lines 24

logging enable

logging asdm debugging

logging debug-trace

mtu outside 1500

mtu inside 1500

mtu Management 1500

no failover

asdm image disk0:/asdm512.bin

no asdm history enable

arp timeout 14400

route outside 0.0.0.0 0.0.0.0 192.168.200.1 1

route inside 172.16.0.0 255.255.0.0 192.168.100.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

username xxxx password xxxx

privilege 15

username xxxx password xxxx privilege 15

http server enable

http 0.0.0.0 0.0.0.0 outside

http 0.0.0.0 0.0.0.0 inside

http 0.0.0.0 0.0.0.0 Management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet 0.0.0.0 0.0.0.0 inside

telnet 0.0.0.0 0.0.0.0 Management

telnet timeout 5

ssh 0.0.0.0 0.0.0.0 outside

ssh timeout 60

console timeout 0

management-access Management

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map global_policy

class inspection_default

inspect dns maximum-length 512

inspect ftp

inspect h323 h225

inspect h323 ras

inspect netbios

inspect rsh

inspect rtsp

inspect skinny

inspect esmtp

inspect sqlnet

inspect sunrpc

inspect tftp

inspect sip

inspect xdmcp

!

service-policy global_policy global

ssl encryption des-sha1 rc4-md5

Cryptochecksum:xxxx

: end

[[[ Router ]]]

router#ssh -c des -l cisco 192.168.200.2

Password:

% Authentication failed.

[Connection to 192.168.200.2 closed by foreign host]

router#

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: ssh connection probelm on ASA.

You have to specify authentication method.

aaa authentication ssh console LOCAL

for example.

ssh x.x.x.x x.x.x. inside|outside for added security

Hope this helps,

Thx

Jay

5 REPLIES
New Member

Re: ssh connection probelm on ASA.

Did you generate a key on the asa for the SSH?

crypto key generate rsa

Shot in the dark but I have seen it before.

DC

New Member

Re: ssh connection probelm on ASA.

Scratch that last response. I see at the bottom of your post you are at least getting a password prompt. You probably need to set up the authentication for SSH

aaa authentication ssh console LOCAL

DC

New Member

Re: ssh connection probelm on ASA.

Thank your for your helping.

I forgot the configuration...

Thank you.

New Member

Re: ssh connection probelm on ASA.

You have to specify authentication method.

aaa authentication ssh console LOCAL

for example.

ssh x.x.x.x x.x.x. inside|outside for added security

Hope this helps,

Thx

Jay

New Member

Re: ssh connection probelm on ASA.

Thank your for your helping.

I forgot the configuration...

Thank you.

1157
Views
12
Helpful
5
Replies