Solved

ssh issues to router

Posted on 2015-01-28
8
881 Views
Last Modified: 2015-01-28
I will get a chance to get into the router via console. The router is at another state. For some reason, I am getting "connection refused" errors when trying to ssh in. It works just fine after a reboot, but after few times or few hours it will fail again with the above error. It happens daily. The only way to get back in is if I reboot the router.

The VTY lines look normal
line vty 0 4                  
 session-timeout 40                  
 exec-timeout 40            
 password 7 xxxxxxxxxxxx
 transport input ssh                  

I also have this:
service tcp-keepalives-in                        
service tcp-keepalives-out                        
service timestamps debug datetime msec                        
service timestamps log datetime msec                        
service password-encryption                        
no service password-recovery                        

Anything I should be checking for when I get into the console?
- I will check if the certificate is present
- If there are hung sessions

Anything else I could check to verify? There is no acl's on the vty lines as you can see, not sure what else to look for.

thank you
0
Comment
Question by:Shark Attack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 3

Author Comment

by:Shark Attack
ID: 40575481
well i did find out there is an ACL on the vty lines. I am not sure why it didnt show up in my previous show run. Must have been coming back after reboots.

So I tried to take the ACL off the vty's and it gives me the below error

config-line)#no access-class sl_def_acl in
%WARNING: The access list currently in force is the Quiet Mode access
list. The specified access list takes effect only after switching back
to normal mode operation.

How do I turn off the quite mode? or fix the above so I can get back in?

I tried:
no login quiet-mode - that didnt help

Any help?
0
 
LVL 3

Author Comment

by:Shark Attack
ID: 40575486
also got this on "show login"


     Router presently in Quiet-Mode.
     Will remain in Quiet-Mode for 6385 seconds.
     Denying logins from all sources.
0
 
LVL 29

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 40575682
sh run | i quiet

it sounds like quiet mode is turned on.

first try updating the access-list and reapply it to the vty.  then optionally modify the quiet mode configuration to something lower.

that is, after your 6385 seconds have elapsed.
0
SuperAntiSpyware Licenses Discounted by 25% !

Exclusive offer to Experts Exchange Members!
Buy SuperAntiSpyware License(s) from us and save 25% on the regular purchase price.
- Includes Full SuperAntiSpyware Vendor Support Entitlements
- Your Subscription does not begin until you activate your license
- Buy for your friends

 
LVL 3

Author Comment

by:Shark Attack
ID: 40575701
thats my acl
Extended IP access list sl_def_acl
    10 deny tcp any any eq telnet log
    20 deny tcp any any eq www log
    30 deny tcp any any eq 22 log (2454 matches)
    40 permit tcp any any eq 22 log

this is the log message
Jan 28 16:05:56.528: %SEC-6-IPACCESSLOGP: list sl_def_acl denied tcp 10.153.0.223(54163) -> 0.0.0.0(22), 2 packet

So i can't do anything until that time elapses? Even via console mode?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40575707
you should be able to get in via console.  I believe quiet mode is only applied to the vty interfaces.
0
 
LVL 3

Author Comment

by:Shark Attack
ID: 40575727
what is the command to lower that number down ?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40575734
it should be the login block-for command.  Do a "sh run | i block" (no quotes and leave a space before and after the pipe).
0
 
LVL 3

Author Comment

by:Shark Attack
ID: 40575745
alright I modified it. will see what happens. Thanks.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware continues to grow in reach and sophistication, putting data everywhere at risk. Learn how to avoid being caught in its sinister clutches with these 11 key tips.
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question