?
Solved

SSH Issue got me stumped!

Posted on 2008-06-16
2
Medium Priority
?
626 Views
Last Modified: 2012-08-14
Hey Guys!

Any chance you could look at this for me!  I've posted the config below.  The problem is when I do the following:

conf t

line vty 0 4

transport input ssh

It all goes tits up! ;)  I disconnect from the router, then try and reconnect via ssh and it doesn't allow it!  It says connection refused.  I then have to call the site and get them to re-start the router to get access back!

I'm at a loss!  Any help would be appreciated!

Cheers,

Dave
Loughborough#show run
Building configuration...
 
Current configuration : 3591 bytes
!
! No configuration change since last restart
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Loughborough
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5 xxxxxxx.
enable password 7 xxxxxxxx
!
aaa new-model
!
!
aaa authentication banner ^C GB Building Solutions
 
WARNING : You have accessed a Computer
system operated by GB Building Solutions!
 
You are required to have a personal authorisation 
from the System Administrator before you use this 
system and you are strictly limited to the use set
out in that written authorisation. Unauthorised access
of a computer constitutes an offence under the 
Computer Misuse Act 1990.
          
You must ensure your User password conforms to the 
guidelines specified in the GB Computer Security Manual.
 
If you understand this message and have been authorised 
o use this system please enter your username and password 
below to continue this session.
 
Otherwise, you must disconnect from this session immediately.
 
^C
aaa authentication login TRAuthList group radius local
aaa authentication enable default group radius enable
aaa authorization network TRAuthList group radius local 
!
aaa session-id common
!
resource policy
!
ip subnet-zero
ip cef
!
!
ip domain name x.x.net
!
!
!
username netadmin privilege 15 password 7 xxxxxxx
!
! 
!         
crypto isakmp policy 1
 hash md5
 authentication pre-share
crypto isakmp key xxxxxxxxx address xxx.xxx.xxx.xxx
crypto isakmp keepalive 300 30
!
!
crypto ipsec transform-set gbl-secure esp-3des esp-md5-hmac 
!
crypto map to-GBLHQ 14 ipsec-isakmp 
 set peer xxx.xxx.xxx.xxx
 set transform-set gbl-secure 
 match address CryptoTraffic
!
!
!
interface ATM0
 no ip address
 no ip mroute-cache
 atm vc-per-vp 64
 no atm ilmi-keepalive
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto 
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 ip address 10.203.26.1 255.255.255.0
 no ip mroute-cache
 hold-queue 100 out
!
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname blah@blah.com
 ppp chap password 7 xxxxxxxx
 ppp pap sent-username blah@blah.com password 7 xxxxxxxx
 ppp ipcp dns request
 ppp ipcp wins request
 crypto map to-GBLHQ
 hold-queue 224 in
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
no ip http server
no ip http secure-server
!
ip access-list extended CryptoTraffic
 permit ip 10.203.26.0 0.0.0.255 10.0.0.0 0.255.255.255
 permit ip 10.203.26.0 0.0.0.255 host xxx.xxx.xxx.xxx
ip access-list extended TelnetAccess
 permit ip xxx.xxx.xxx.xxx 0.0.0.63 any
 permit ip 10.0.0.0 0.255.255.255 any
!
ip radius source-interface Vlan1 
logging source-interface Vlan1
logging 10.1.6.36
dialer-list 1 protocol ip permit
snmp-server community public RO
snmp-server community management RW
radius-server host 10.1.6.36 auth-port 1645 acct-port 1646 key 7 xxxxxxx
!
control-plane
!
!
line con 0
 exec-timeout 120 0
 no modem enable
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 access-class TelnetAccess in
 exec-timeout 120 0
 password 7 xxxxxxxxx
 logging synchronous
 login authentication TRAuthList
 length 0
!
scheduler max-task-time 5000
sntp server 10.1.1.1
sntp server 158.43.128.33
end

Open in new window

0
Comment
Question by:daveforster
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
naughton earned 2000 total points
ID: 21797288
conf t
ip domain-name
crypto key generate rsa
line vty 0 4
transport input ssh
exit

then try SSH connection.
0
 
LVL 7

Author Closing Comment

by:daveforster
ID: 31467554
Man, I can't believe I forgot the crypto generation!!!  Doh!  It's been a LONG week and it's only Tuesday! ;)  Thanks for your help dude!  Much appreciated!

Cheers,

Dave
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month10 days, 14 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question