Solved

SSH Issue got me stumped!

Posted on 2008-06-16
2
619 Views
Last Modified: 2012-08-14
Hey Guys!

Any chance you could look at this for me!  I've posted the config below.  The problem is when I do the following:

conf t

line vty 0 4

transport input ssh

It all goes tits up! ;)  I disconnect from the router, then try and reconnect via ssh and it doesn't allow it!  It says connection refused.  I then have to call the site and get them to re-start the router to get access back!

I'm at a loss!  Any help would be appreciated!

Cheers,

Dave
Loughborough#show run
Building configuration...
 
Current configuration : 3591 bytes
!
! No configuration change since last restart
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Loughborough
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5 xxxxxxx.
enable password 7 xxxxxxxx
!
aaa new-model
!
!
aaa authentication banner ^C GB Building Solutions
 
WARNING : You have accessed a Computer
system operated by GB Building Solutions!
 
You are required to have a personal authorisation 
from the System Administrator before you use this 
system and you are strictly limited to the use set
out in that written authorisation. Unauthorised access
of a computer constitutes an offence under the 
Computer Misuse Act 1990.
          
You must ensure your User password conforms to the 
guidelines specified in the GB Computer Security Manual.
 
If you understand this message and have been authorised 
o use this system please enter your username and password 
below to continue this session.
 
Otherwise, you must disconnect from this session immediately.
 
^C
aaa authentication login TRAuthList group radius local
aaa authentication enable default group radius enable
aaa authorization network TRAuthList group radius local 
!
aaa session-id common
!
resource policy
!
ip subnet-zero
ip cef
!
!
ip domain name x.x.net
!
!
!
username netadmin privilege 15 password 7 xxxxxxx
!
! 
!         
crypto isakmp policy 1
 hash md5
 authentication pre-share
crypto isakmp key xxxxxxxxx address xxx.xxx.xxx.xxx
crypto isakmp keepalive 300 30
!
!
crypto ipsec transform-set gbl-secure esp-3des esp-md5-hmac 
!
crypto map to-GBLHQ 14 ipsec-isakmp 
 set peer xxx.xxx.xxx.xxx
 set transform-set gbl-secure 
 match address CryptoTraffic
!
!
!
interface ATM0
 no ip address
 no ip mroute-cache
 atm vc-per-vp 64
 no atm ilmi-keepalive
 pvc 0/38 
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
 dsl operating-mode auto 
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 ip address 10.203.26.1 255.255.255.0
 no ip mroute-cache
 hold-queue 100 out
!
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname blah@blah.com
 ppp chap password 7 xxxxxxxx
 ppp pap sent-username blah@blah.com password 7 xxxxxxxx
 ppp ipcp dns request
 ppp ipcp wins request
 crypto map to-GBLHQ
 hold-queue 224 in
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
no ip http server
no ip http secure-server
!
ip access-list extended CryptoTraffic
 permit ip 10.203.26.0 0.0.0.255 10.0.0.0 0.255.255.255
 permit ip 10.203.26.0 0.0.0.255 host xxx.xxx.xxx.xxx
ip access-list extended TelnetAccess
 permit ip xxx.xxx.xxx.xxx 0.0.0.63 any
 permit ip 10.0.0.0 0.255.255.255 any
!
ip radius source-interface Vlan1 
logging source-interface Vlan1
logging 10.1.6.36
dialer-list 1 protocol ip permit
snmp-server community public RO
snmp-server community management RW
radius-server host 10.1.6.36 auth-port 1645 acct-port 1646 key 7 xxxxxxx
!
control-plane
!
!
line con 0
 exec-timeout 120 0
 no modem enable
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 access-class TelnetAccess in
 exec-timeout 120 0
 password 7 xxxxxxxxx
 logging synchronous
 login authentication TRAuthList
 length 0
!
scheduler max-task-time 5000
sntp server 10.1.1.1
sntp server 158.43.128.33
end

Open in new window

0
Comment
Question by:daveforster
2 Comments
 
LVL 7

Accepted Solution

by:
naughton earned 500 total points
ID: 21797288
conf t
ip domain-name
crypto key generate rsa
line vty 0 4
transport input ssh
exit

then try SSH connection.
0
 
LVL 7

Author Closing Comment

by:daveforster
ID: 31467554
Man, I can't believe I forgot the crypto generation!!!  Doh!  It's been a LONG week and it's only Tuesday! ;)  Thanks for your help dude!  Much appreciated!

Cheers,

Dave
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question