SSH Not Working with Cisco Integrated Services Router

Question

I'm trying to ssh into my cisco ISR router. DHCP is working and I can ping the default gateway (the ISR), and can ssh with other devices on the LAN. so I know the LAN connection isn't the problem. I set up a local user that works with console logins so that's not the problem either.

I set up my ssh connection on the router with the following commands:

(config)#line vty 0 21
(config-line)#login local
           (config-line)#exec-timeout 3
           (config-line)#rotary 1
           (config-line)#transport input ssh
       (config)#crypto key generate rsa
       (config)#ip ssh version 2
       (config)#ip ssh port 2222 rotary 1
       (config)#ip ssh authentication-retries 3

Then when I nmap the router it has the following ports open:

PORT   STATE SERVICE
22/tcp open  ssh

However, every time I try to log in to the router I get a Network is unreachable error. This is using the 2222 and 22 port and testing the normal IP and the hostname@ip formats for ssh and absolutely nothing works. I managed to get into telnet with the default settings earlier, but I'm not sure how to get in with SSH.

Thank you all for the help, I know it was very open ended so just let me know anything that could be helpful and I'll provide it.

Answer 1

One logical test step to do, would be switch back to port 22.

Network unreachable usually indicates there's no packet response coming from the host.

It could be because of multiple reasons, but since you've mentioned that ping and telnet went fine. I'd suggest you revert the port config, restart the unit once. See how it goes.

Other possible reasons could be ACL block and/or firewall block on your machine but I think it's unlikely.