save PIX configuration via the outside interface - with ssh

Discussion in 'Cisco' started by SamuelF, Jan 17, 2005.

  1. SamuelF

    SamuelF Guest


    I would like to save a PIX525 configuration via the "outside"
    I have Ciscoworks LMS 2.2 (Module RME 3.5, with IDU 10.0) to do this
    To save PIX configuration via the "outside" interface I must use
    "ssh" or "ipsec". With RME, we can only use ssh (SSH-1.5-CMF).
    I have try to save the configuration with the ssh of RME but the
    connection stops with a error. The init and the authentication of the
    ssh session is ok but when ciscoworks wants to save the configuration,
    this message appears:
    « crc comparison failed »

    I have debug the traffic on the PIX:

    1: SSH: Device opened successfully.
    2: SSH: host key initialised
    3: SSH0: SSH client: IP = '*******' interface # = 0
    4: SSH0: starting SSH control process
    5: SSH0: Exchanging versions - SSH-1.5-Cisco-1.25
    6: SSH0: send SSH message: outdata is NULL
    7: SSH0: receive SSH message: 83 (83)
    8: SSH0: client version is - SSH-1.5-CMF
    9: SSH0: begin server key generation
    10: SSH0: complete server key generation, elapsed time = 240 ms
    11: SSH0: declare what cipher(s) we support: 0x00 0x00 0x00 0x04
    12: SSH0: send SSH message: SSH_SMSG_PUBLIC_KEY (2)
    13: SSH0: SSH_SMSG_PUBLIC_KEY message sent
    14: SSH0: receive SSH message: SSH_CMSG_SESSION_KEY (3)
    15: SSH0: SSH_CMSG_SESSION_KEY message received - msg type 0x03,
    length 112
    16: SSH0: client requests DES cipher: 2
    17: SSH0: send SSH message: SSH_SMSG_SUCCESS (14)
    18: SSH0: keys exchanged and encryption on
    19: SSH0: receive SSH message: SSH_CMSG_USER (4)
    20: SSH0: authentication request for userid ******
    21: SSH(******): user authen method is 'use AAA', aaa server group ID
    = 5
    22: SSH0: send SSH message: SSH_SMSG_FAILURE (15)
    23: SSH0: receive SSH message: SSH_CMSG_AUTH_PASSWORD (9)
    24: SSH(******): starting user authentication request, and waiting for
    reply from AAA server
    25: SSH(******): user '********' is authenticated
    26: SSH(******): user authentication request completed
    27: SSH0: send SSH message: SSH_SMSG_SUCCESS (14)
    28: SSH0: authentication successful for *******
    29: SSH0: receive SSH message: SSH_CMSG_REQUEST_PTY (10)
    30: SSH0: send SSH message: SSH_SMSG_SUCCESS (14)
    31: SSH0: receive SSH message: SSH_CMSG_EXEC_SHELL (12)
    32: SSH0: starting exec shell
    33: SSH0: crc comparison failed - client 0xfc875863 host 0xad20ea70
    34: SSH0: receive SSH message: [no message ID: variable *data is NULL]
    35: SSH0: send SSH message: SSH_MSG_DISCONNECT (1)
    36: SSH0: Session disconnected by SSH server - error 0x02 "packet CRC
    check failed"

    I have search on the web site of cisco if I find some information
    about « crc comparison failed » but I find nothing.

    Does anybody know this problem? Or does anybody know a another method
    to save the PIX configuration via outside interface with Ciscoworks
    RME ?

    For your information: PIX 525 with Cisco PIX Firewall Version 6.3(3)
    (ssh version 1)

    Thank you for your help

    SamuelF, Jan 17, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.