Unable to SSH to ASA

669

We had an issue in SSH to Cisco ASA firewall that was recently purchased and setup in network. While troubleshooting further, we could see some error logs in ASDM as

SSH session from 192.168.109.77 on interface inside for user “Unknown” disconnected by SSH server, reason: “Internal error” (0x00)

This was caused by lack of local AAA authentication and you have to add

(config)# aaa authentication enable console LOCAL
(config)# aaa authentication http console LOCAL
(config)# aaa authentication ssh console LOCAL

But still SSH was not successful and we noticed slightly different error

SSH session from 192.168.109.77 on interface inside for user “Unknown” disconnected by SSH server, reason: “Terminated by operator” (0x67)

Which means no RSA present on system

(config)# crypto key generate rsa modulus 2048
INFO: The name for the keys will be: <Default-RSA-Key>
Keypair generation process begin. Please wait…

Now we receive deny error

TCP access denied by ACL from 10.190.102.77/15669 to inside:10.190.102.3/22

so create a ACL to permit hosts on inside

(config)# ssh 0.0.0.0 0.0.0.0 inside

 



Related Articles & Comments

Menu Title
%d bloggers like this: