cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
New Contributor

Total Access 908e can not connect via SSH

i have a device that i can not connect via SSH i reviewed the config a few times and it looks ok

i am posting the config here maybe someone might catch whats wrong

.

!

! ADTRAN, Inc. OS version A1.02.00.E

! Boot ROM version 14.05.00.SA

! Platform: Total Access 908e (2nd Gen), part number 4242908L1

! Serial number CFG0804680

!

!

hostname "TA908e"

enable password encrypted 3d3517db628adb4ffe6bafb6478b64025969

!

clock timezone -5-Eastern-Time

!

ip subnet-zero

ip classless

ip routing

!

!

ip domain-name "TA908e"

ip name-server 8.8.8.8

!

!

no auto-config

!

event-history on

no logging forwarding

no logging email

!

service password-encryption

!

username "moshe" password encrypted "3c34f4070cbab8c60e6615db806e6abc68da"

!

!

ip firewall

ip firewall stealth

no ip firewall alg msn

no ip firewall alg h323

!

!

!

!

!

no dot11ap access-point-control

!

probe ping1 icmp-echo

  destination 4.2.2.2

  period 10

  tolerance consecutive fail 6 pass 3

  no shutdown

!

probe ping2 icmp-echo

  destination 208.67.222.222

  period 10

  tolerance consecutive fail 6 pass 3

  no shutdown

!

track ping1

  test list or

    if probe ping1

    if probe ping2

  no shutdown

!

!

!

!

!

!

!

!

!

!

!

!

interface eth 0/1

  description SkyWire

  no ip address

  no shutdown

!

!

interface eth 0/2

  description spectrum

  ip address  xxx.xxx.230.xxx  255.255.255.252

  media-gateway ip primary

  no shutdown

!

!

!

!

interface t1 0/1

  no shutdown

!

interface t1 0/2

  no shutdown

!

interface t1 0/3

  no shutdown

!

interface t1 0/4

  description PRI to PBX

  tdm-group 1 timeslots 1-24 speed 64

  no shutdown

!

!

interface pri 1

  description pri 1

  isdn name-delivery setup

  connect t1 0/4 tdm-group 1

  digits-transferred 4

  role network b-channel-restarts disable

  no shutdown

!

!

interface fxs 0/1

  no shutdown

!

interface fxs 0/2

  no shutdown

!

interface fxs 0/3

  no shutdown

!

interface fxs 0/4

  no shutdown

!

interface fxs 0/5

  no shutdown

!

interface fxs 0/6

  no shutdown

!

interface fxs 0/7

  no shutdown

!

interface fxs 0/8

  no shutdown

!

!

interface fxo 0/0

  no shutdown

!

interface ppp 1

  ip address negotiated

  no rtp quality-monitoring

  media-gateway ip primary

  no fair-queue

  ppp pap sent-username ykyov007@myisp.net password encrypted 3b3e439d7e5647b1b6d961202185124bef3f

  no shutdown

  cross-connect 1 eth 0/1 ppp 1

!

!

isdn-group 1

  connect pri 1

!

!

!

!

!

route-map probeping1 permit 10

  match ip address ping1

  set ip next-hop xxx.xxx.230.xxx

  set interface null 0

route-map probeping1 permit 20

  match ip address ping2

  set ip next-hop xxx.xxx.230.xxx

  set interface null 0

!

!

!

!

ip access-list extended Admin

  remark Admin Access

  permit tcp any  any eq ssh   log

  permit tcp any  any eq https

!

ip access-list extended SIP

  remark SIP Service Provider

  permit udp host xxx  any eq 5060

  permit udp host xxx  any eq 5060

!

ip access-list extended T

  ! Implicit permit (only for empty ACLs)

!

ip policy-class Public

  allow list Admin self

  allow list SIP self

!

!

!

ip route 0.xxx.0.0 0.xxx.0.0 xxx.xxx.230.xxx

ip route 0.xxx.0.0 0.xxx.0.0 ppp 1 10

!

no ip tftp server

no ip tftp server overwrite

ip http server

no ip http secure-server

no ip snmp agent

no ip ftp server

no ip scp server

no ip sntp server

!

!

!

!

!

!

!

!

voice feature-mode network

voice forward-mode network

!

!

!

!

!

!

!

!

!

!

!

voice trunk T01 type sip

  match NXX-NXX-XXXX substitute 1NXX-NXX-XXXX

  sip-server primary sip.phone.com

  domain "sip.phone.com"

  dial-string source to

!

voice trunk T02 type isdn

  resource-selection circular descending

  connect isdn-group 1

  t38

  rtp delay-mode adaptive

!

!

voice grouped-trunk PRI

  no description

  trunk T02

  accept $ cost 0

!

!

voice grouped-trunk SIP

  no description

  trunk T01

  accept $ cost 0

!

!

voice user 123

  connect fxs 0/1

  password encrypted "42464ccdbdf56addca4edf6f3a94425d4e9e"

  did "123"

!

!

!

!

!

!

!

ip sip

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

line con 0

  no login

!

line telnet 0 4

  login

  no shutdown

line ssh 0 4

  login local-userlist

  no shutdown

!

sntp server 0.north-america.pool.ntp.org version 3

!

end

TA908e#

Labels (1)
Tags (1)
0 Kudos
8 Replies
Highlighted
New Contributor

Re: Total Access 908e can not connect via SSH

also forget to mention that neither does the http web interface work

Highlighted
New Contributor III

Re: Total Access 908e can not connect via SSH

I don't see a security policy on any of your interfaces.  This means there is no reason why HTTP or SSH traffic would be blocked.  I see HTTP and SSH enabled on your config so the problem must lie elsewhere.

Highlighted
Valued Contributor
Valued Contributor

Re: Total Access 908e can not connect via SSH

Are you able to ping the IP address?

Highlighted
New Contributor

Re: Total Access 908e can not connect via SSH

There is no firewall either its directly plugged into the ISP modem

So the problem must be the adtran

On Thu, Oct 31, 2019, 10:04 AM ricvil <adtran@adtran.hosted.jivesoftware.com>

Highlighted
New Contributor

Re: Total Access 908e can not connect via SSH

Yes

And the calls are working fine on the sip trunk

On Thu, Oct 31, 2019, 10:13 AM unified <

Highlighted
Valued Contributor
Valued Contributor

Re: Total Access 908e can not connect via SSH

Try moving the web (80) and SSH (22) to other ports.

I know that many ISPs block incoming traffic to those ports.

Another thing I noticed is that the firmware is really old.

Try updating it to a later version.

Highlighted
New Contributor

Re: Total Access 908e can not connect via SSH

Http port I know how to change

How to I do it for ssh?

On Thu, Oct 31, 2019, 10:45 AM unified <

Highlighted
Valued Contributor
Valued Contributor

Re: Total Access 908e can not connect via SSH

ssh-server PORTNUMBER

Example ssh-server 2255