Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Users cannot SSH to servers

Hi, may someone kindly guide me.

I’m a new CCNA and not have much working experience.

Lately some of the users migrate from a subnet to a new subnet. After migration, they cannot SSH into their servers. I did a sh ip route from both subnets gateways to the servers. Found out that there is path from old subnet gateway to the servers, but the new subnet gateway saying no routing table. Please advise could that be this simple that is the root cause.

We always encounter this kinds of problems.

May you guide me and give me some hints how to troubelshoot this type of problems and whatelse should I check.

Should I check the ACLs on all the routers on the path to the servers.

How can I know is this Firewall issue based on the information on my routers. I cannot access Firewall routers. And I couldn’t remember CCNA show me this.

If part of our networks is with service provider clouds, how can I isolate the problem and ensure it’s not providers issue.

Thanks all in advance


Users cannot SSH to servers

first of all you should check the path with ping and trace command. if both work then probably the it's the ACL issue,

do "sh ip access-list" and check which ACL's are active and which traffic should be permited.

New Member

Users cannot SSH to servers

Thank you Konstantin,

No, cannot ping nor traceroute from the new subnet gateway to the servers.

Should I do the sh ip access-list on the users subnet gateway, or the servers gateways, or both.  Since there are many access-list, may I narrow it down just check the access list including the users subnet or the servers ip. May you let me know what is that command.


Users cannot SSH to servers

if you can't ping or trace the server, it could be the folowing problems:

1. check the IP address information IP and subnetmask on servers on both subnets. Can server reach each other inside of same subnet?

2. check the default router configuration on the servers. can servers reach default gateway?

3. are both routers exchange the routing information? do you use static routes?

4. can server reach the IPof the router  on the "remote" subnet?

5. If you use ACL's may be it's better to deactivate them on all interfaces during the tests (don't forget to activate them again after tests)

if you can check and answer all these questons, then you will probably find your problem.