Cisco Firewall :: Telnet / Ssh To ASA 8.2 Not Working

Oct 7, 2012

I am not able to telnet  or ssh to ASA running 8.2.5(33). [code] I am able to ping inside interface of the ASA. Telnet gets stuck at Trying

View 2 Replies


ADVERTISEMENT

SCP And Telnet (127.0.0.1) Not Working?

Oct 24, 2011

1.SCP Not Working on my Linux Box (Fedora release 7 (Moonshine))to Fedora fc11.i686 running box[CODE]

View 5 Replies View Related

Cisco WAN :: 3925 - Telnet Is Not Working

Apr 19, 2013

I have one router 3925 equipment DIRECTLY connected to the Router that needs to be accessed by telnet port 23.
 
Please find the attached config details.

View 6 Replies View Related

Cisco WAN :: Telnet Access Through Router 3925 Not Working?

Feb 18, 2013

i have 68 sites with Routers. On each site I have one equipment DIRECTLY connected to the Router that needs to be accessed by telnet port 23.

I have 15 off this sites that the access via telnet to the equipment’s connected after the routers are not working. These sites are using Router Cisco 3925. The other sites that are working are using Routers Cisco MWR 2921.

Both router models are running the same configuration with no filter on it.

The equipment’s after the routers are all accessed directly via telnet without the router. If the router is directly plugged to the equipment the 15 sites with Router Cisco 3925 are not accessed via telnet.

There is any bug related with the IOS version that Router Cisco 3925 is using?:

Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.1(2)T2, RELEASE SOFTWARE (fc1).ROM: System Bootstrap, Version 15.0(1r)M8, RELEASE SOFTWARE (fc1).System image file is "flash0:c3900-universalk9-mz.SPA.151-2.T2.bin"

View 5 Replies View Related

Cisco Application :: Active CSS 11501 Telnet And Console Not Working?

Mar 31, 2013

implementation of the cisco CSS 11501 boxes available as spare on our site into production for an application evry thing worked as expected. i was able to telnet the active/master box and was able to console both master and backup box from the console port.however a week post the activity im faced with this weird problem where im not able to take console or the telnet access of my primary/active box.The boxes are working in BOX-to-BOX redundancy and now im not able to telnet or console my active/master box. The telnet and console window prompts me for username and password and after entering the credentials nothing happens. no prompt or no error message is displayed.

The telnet primary authentication is via tacacs and secondary is via local. however for console im not using any method for primay authentication and local for secondary authentication. however i can successfully console my backup box. below are my obsrvations 1. the left and right status LED on the active CSS box is OFF.- it means my CSS 11501 failed and has no power. 2. upon firing the rcmd command with show line command on backup box i see that the telnet sessions and console session is established with the master box3. the redundancy state of the active box says it is master and has not changed state since my last activity, no application issue reported, all the services are active on the active box and also i can ping the active box ip address from my backup box over which box to box redundancy is established. This confirms the active box is functioning well 4. i initially thought the telnet sessions are not getting cleared, however the show line cmd with the rcmd cmd on the backup box confirms this is not happening. now im stuck as the active box cannot be accessed at all via console or telnet. i was thinking of below steps to be carried out.1. to failover the boxes and make the backup as master2. then try to take the faulty box off the network and troubleshoot (are there any other commands that i should use to troubleshoot)3. if nothing works try rebooting the box and check
 
NOTE: the software running is version 7.20.30.3 with standard feature set. we are not using cvdm or the CSS GUI. we could access the css initially on CSS gui and that is also not working now.

View 1 Replies View Related

Cisco WAN :: 861 SSH / Telnet Privilege Exec Level 15 Enable Not Working?

Aug 10, 2011

I have a customer with a 861 ISR.I want to block all the privilege 0 users from access the enable command
 
If i telnet into the device, as a priv=0, enable does not work
If i telnet into the device, as a priv=15, enable does work 
If i telnet into the device, as a priv=0, enable does not work
If i telnet into the device, as a priv=15, enable does not work
  
I have issued the command:privilege exec level 15 enable Should block everyone except 15's from accessing the enable command SSH and TELNET are on the same vty:
 
line con 0
login authentication local_authen
no modem enable
line aux 0
line vty 0 3

[code]....
 
Basically TELNET is following the rules ( priv=0 not allowed to access enable ) but SSH is not following the rules ( both priv=15 and priv=0 cannot access the command ) is there a way from blocking somes users from login in completely?

View 9 Replies View Related

Cisco Switching/Routing :: 3750 Telnet Still Working When Accessing This Switch

Apr 12, 2012

I only want SSH to be allowed when accessing this switch, but telnet is still allowed, why?  Whe authenticate via radius.version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname 3750!boot-start-markerboot-end-marker!logging buffered 64000logging console informationallogging monitor informationalenable secret 5 $1$1K$!username admin privilege 15 secret 5 $1$Bs$cLHusername users view priv3 secret 5 $1$Jfnviwp!!aaa new-model!!aaa authentication login default group radius localaaa authentication enable default lineaaa authorization consoleaaa authorization exec default group radius local !!!aaa session-id commonclock timezone GMT 0clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 3:00switch 1 provision ws-c3750g-12sswitch 2 provision ws-c3750g-12ssystem mtu routing 1500udld aggressiveno ip domain-lookupip domain-name CB!!login on-failure loglogin on-success log!!crypto pki trustpoint TP-self-signed-3817403392enrollment selfsignedsubject-name cn=IOS-Self-Signed-Certificate-3817403392revocation-check nonersakeypair TP-self-signed-3817403392!!crypto pki certificate chain TP-self-signed-3817403392certificate self-signed 01  3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030   31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274   69666963 6174652D 33383137 34303333 3932301E 170D3132 30343133 31303539   33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649   4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38313734   30333339 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281   8100C31D AE6DD8B5 56245317 AD96F4F4 727385D4 97A5B138 488A215E 4294FC40   1C5B2F26 2B75E1CF E562F240 118F2F50 0CFF2449 16EC66EA 2D489F5F F36BFD05   ACCC79CA DDDA984D 4CB7AB DD95A5E0 9274A225 3F5A3634 DEBF1A2A 416E2189   B35B4473 C7D5EE2C E3D41675 A86F31CD.

View 3 Replies View Related

Cisco Switching/Routing :: Nexus 7010 IP Telnet Source-interface Command Not Working

Aug 20, 2012

I have configured the ip telnet source-interface Loopback 0 command on a Nexus7010, but when I telnet to another device and do a show users, the ip address is of the closest interface to the device I telnet to, not the ip address of the Loopback. All interfaces are in vrf default. I am running 5.1(6) NXOS.

View 6 Replies View Related

Cisco Firewall :: Cannot SSH / Telnet To ASA 5580

Oct 15, 2011

accessing my cisco ASA, last night we were doing VA on our ASA, after that iam not able to access it through ssh nor telnet. its not giving me any error.. i tried from different system also. SSH & telnet allowed from inside to 0.0.0.0 i have re-generated rsa keys when it was working. ASA version is 8.2 now when i connect telent is giving me blank prompt. i can login using ASDM.

View 5 Replies View Related

Cisco Firewall :: PIX-515 - Way To Console / Telnet

Jan 27, 2013

I have an early model PIX-515 that hasn't been used in a long time but I want to get it working again in a lab environment.  I am at loss right now on how to get into it though. 
 
CONSOLE:

I've tried connecting from the PC's serial port to the units console port using Cisco's blue cable with no avail.  All I get is a cursor but no response.  I've tried using 9600,8,none,1,none as settings and I can sucessfully console a Cisco 1700 router with those same settings in Putty no problem, but it doesn't work with this Pix.   I've also tried using other possible common speeds like 1200,1400,4800,19200, 38400, 57600 and 115200 in case the firewall was set to use those and that didn't work either.

[code]...

View 4 Replies View Related

Cisco Firewall :: Asa 5505 Cannot Telnet Or Ssh To The Outside Interface

Sep 9, 2011

I setup a site-to-site VPN tunnel at the remote ASA5505. I am able to asdm to the outside interface but not ssh. I switch to telnet and still not allow me to access. I added an ACL to allow telnet any to the outside interface but still not working. In ASDM I see the log Here is the second issue. When I want to change the telnet back to ssh using ASDM I got the following error.

View 2 Replies View Related

Cisco Firewall :: ASA 5510 Telnet To Outside Mx 587 Not Work

Oct 28, 2012

I can't telnet from a host(Ubuntu 12.10) in our DMZ to an outside MX on port TCP 587. Inspection for ESMTP not enabled. Port 587 enabled for host in DMZ to any.

View 12 Replies View Related

Cisco Firewall :: Telnet Timeout While VPN Connected Via ASA 5520?

Jun 2, 2010

When users are VPN connected their telnet sessions timeout after an hour of inactivity. Looking at the connections on the firewall they are showing as idle. Is there a configuration change or something else that has to be modified?

View 2 Replies View Related

Cisco Firewall :: Cannot Use SSH / TELNET / TFTP To Connect ASA5520

Aug 12, 2012

I have a question about my ASA 5520, it worked well till two weeks ago, and suddenly cannot be accessed by SSH/Telnet/TFTP....only can use the Consoel port to access it now, but other VPN/ACL setting working well. [code] If I enabled the outside access for SSH like below, it works well for outside port.ssh 0.0.0.0 0.0.0.0 outside.

View 3 Replies View Related

Cisco Firewall :: Unable To Telnet / SSH / RDP From Inside DMZ / ASA 5505

Oct 31, 2011

I am unable to Telnet/SSH/RDP from my inside network to my DMZ. I am not sure where the problem lies, I am able to use VNC from the inside to the DMZ (ports 5800, 5900), and also establish connection on Ports (26700-26899). I have a computer connected directly to the DMZ and those services work to all networks on the DMZ.I have attached Logs of successful VNC connections, unsuccessful RDP and Telnet sessions, and the running config.

View 23 Replies View Related

Cisco Firewall :: FW ASA Fail Ssh Or Telnet Using SSL VPN AnyConnect 5510

Jul 7, 2011

I have a vpn ssl remote access with a fw asa 5510 version 8.02. When users use any connect vpn ssl they in the Lan can access to the servers,but they can not access using ssh or telnet to inside fw asa.

aaa authentication ssh console LOCAL
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 30

View 1 Replies View Related

Cisco Firewall :: Telnet Not Work After Enabling AAA On FWSM 3.2

Oct 7, 2011

After enabling AAA FWSM lost opportunity telnet session. FWSM version 3.2(5). In the logs show that resets itself FWSM telnet session.

Conf.,aaa-server TACACS+ (management) host 192.2.151.111
key aaa authentication ssh console TACACS+ LOCAL
aaa authentication enable console TACACS+ LOCAL
aaa authentication telnet console TACACS+ LOCAL
[Code] .....

View 3 Replies View Related

Cisco Firewall :: 2801 Disable Telnet On Outside Interface

Jun 14, 2011

I am using a Cisco 2801 Router and currently have Telnet enabled on all interfaces.  How do I change that so it is enabled from all inside networks, but not on the outside interface? 

View 12 Replies View Related

Cisco Firewall :: Port Forward Telnet On ASA 5520?

Sep 26, 2012

I have a cisco asa 5520. i need to forward telnet to a router on the inside interface. Here is what i have done so far but it doesnt seem to be working.
 
I have created an access-list that looks like this:
 
access-list 102 extended permit tcp any host 10.10.60.2 eq telnet
 
But when do this it still doesnt forward my request to the router at 10.10.60.2 . So just to explain what im trying to do. I use Putty, i am putting the outside interface IP into putty, selecting telnet and opening the session. i need the outside interface to see this request and know to forward port 23 to the router on the inside interface with IP 10.10.60.2. The ASA is running version: asa842-k8.bin

View 3 Replies View Related

Cisco Firewall :: 5520 - Cannot Ping / Telnet Standby ASA

Dec 8, 2009

I got 2 x 5520 ASAs configured in active/standby mode and they are connected to 2 x 4500 switches in which too configured for failover.Telnet to ASAs is allowed only via subnet 172.18.0.0./24
 
I can only ping and telnet to the active ASA from subnet 172.18.0.0./24 but not the standby But i can ping and telnet to both the active and standby ASAs within the 4500 switches.

View 20 Replies View Related

Cisco Firewall :: Disable Telnet Option Completely In ASA 5510?

Dec 12, 2012

I want to disable the telnet option/feature on ASA 5510
 
i tried no telnet  alone it wont work as i didnt configured any telnet at all.

View 1 Replies View Related

Cisco Routers :: RV016 Firewall Policies Via Telnet (rules / Chains / Etc)

Nov 3, 2011

I am having some troubles finding information about how to configure firewall policies (rules, chains, etc.) via telnet on a RV016. The reason for that is that i keep getting some log entries "connection refused - policy violation" and "blocked" even with my firewall wide open (only allow rules on all interfaces, SPI and block wan request disabled, multicast and https enabled, etc.... ). Also, with these exact same rules, i can only connect via PPTP with the firewall disabled. The minute i tick the enable option the tunnel never gets to authentication phase. I then started reading OpenRG manual and many things are quite similar, but some other entries are missing from that manual (maybe some changes made by cisco?). I am trying to figure out some service ids, chains (e.g. the rv016 has some rules redirecting to chains 10, 100, 200 but i can not find them anywhere), and so on.  I have only one rv016 and about 60 connections to it so i can not experiment that much without having the whole company on my neck with internet problems.

View 2 Replies View Related

Cisco Firewall :: 5570 - How To Change Telnet And Enable VPN User Password

Jun 17, 2011

how do i change the telnet and enable and vpn user password on asa 5570.

View 4 Replies View Related

Cisco Firewall :: Access ASA5505 With Telnet Or ASDM From Remote Subnet?

Jul 11, 2012

I have a network with 3 sites that are on different subnets.  Each site has an ASA Right now, I am only able to connect to the ASA that is connected to the subnet I am connected to.I want to be able to connect to the ASA that are on the remote subnets on the address of the inside interface.The sites are connected all together by site-to-site VPN.Is there any way I can achieve that without opening the outside interface directly on the Internet?

View 2 Replies View Related

Cisco :: Cannot Telnet Into ACS 5.2

Feb 16, 2011

Cannot connect to ACS device using telnet IP: port 1812? Seems it is using this port config by default.Is it because of the port it's trying to use?  Is there a way of changing the port?  If so, where does one do this in the ACS device?I have two 4400 series WLC's one is on the same network segment as the ACS, I can authenticate through the ACS on this one.  The other WLC at a different location, cannot authenticate through the ACS. 

View 2 Replies View Related

Cisco Firewall :: ASA 8.4 NAT Not Working?

Jul 15, 2012

my ASA config does not work? My config is attached in a txt file.
 
I tried to forward port 25 and 110 from the outside to the inside server, but I can't connect...

View 36 Replies View Related

Cisco :: Can't Telnet From Inside To 891

Jan 26, 2012

I have a 891 router I have been testing some things on. I have been able to successfully telnet to it in the past with no problems. Just yesterday I was trying to set an interface to have an IP of 10.10.10.2 which I realized was an IP I had forgot to exlcude from DHCP and it was handed out to the computer I was using to telnet in. So I wrote in the exlcude commands and did an ipconfig -release ipconfig -renew on my PC that had the 10.10.10.2 IP. After the renew I was given 10.10.10.7 (put in a few more excludes).However the release dropped my telnet connection and afterwards I was completely unable to telnet in, getting the error that says I cannot open the connection on port 23. I had made some changes to my entire config beforehand which had it switch to use a new public IP. I never saved the changes and did a hard reset by unplugging the router to get my old config back and see if I could telnet after that. Still could not get in, same error. Well I went through and remade my entire config to use the new public IP. My 10.10.10.7 PC can access the internet, DNS, ping the router, all just fine. Still can't telnet. I remade my line/vty config and made sure it matched up with a config I had on another router. Still can't telnet. Last thing I did was go in and manually clear all open line connections. All that is left is an idle 0 con 0 line that it wont let me close. Still can't telnet.What the **** is going on with this thing? I am completely at a loss to explain why I cant telnet. It must be something in my ACLs that I am missing?

View 2 Replies View Related

Cisco WAN :: 3750 Not Able To Telnet From Outside

Feb 16, 2012

I have a cisco 3750 switch and i given 2vlans (40, 118). 40 is local and 118 is public.I given the public ip for vlan 118. now i am able to telnet from same vlan (118 only) but i am not able to ping and telnet as globally. [code]

View 5 Replies View Related

Cisco Firewall :: Get ASA 8.2(1) Working With FTPS On IIS 7.5?

May 16, 2012

I found the link that effectively said PIX/ASA 7.x does not support FTP with TLS/SSL (FTP/FTPS). I can't find anything which states whether it works on a later release? We have 8.2(1) and we are struggling to implement it. The FTP/FTPS server is in the DMZ and is hosted by Windows 2008 IIS 7.5. How to get this solution implemented, as the contractor from our local Cisco vendor spent 3 hours on it and couldn't get it working this morning.

View 1 Replies View Related

Cisco Firewall :: ASA 5512 - SSL VPN Not Working

Nov 10, 2012

I have a windows 2003 server and an ASA 5512
 
I'm trying to use SSLVPN and it was all working, and I don't believe any configs on either box have been changed.
 
On Friday people were connecting, but now I get a message "Login Error" in the browser. In the ASDM home 'latest ADSM Syslog Messsages' I get "AAA authentication server not accessible", followed by two messsages AAA Marking LDAP server in group as FAILED AAA Marking LDAP server in group as ACTIVE
 
When I go to configuration --> Remote Access VPN --> AAA/Local Users AAA server groups and click on my RADIUS server and click Test, it takes a while and says ERROR: AD agent Server not responding: No error
 
If I stop my IAS server on my Windows box i get the same error but much more quickly.
 
I have a sonciwall set up doing the same thing, and RADIUS seems to work happily, so I don't think it's the server config...

View 5 Replies View Related

Cisco Firewall :: PoE On ASA 5505 Not Working (8.4)

Jun 2, 2012

I recently acquired a used ASA 5505 and have encountered issues with getting the PoE output on Ports 6 & 7 working. Theese two PoE ports are behaving like all the other ports (100mbit, Vlan 1). Per the best I could Google, I made sure the all relevant ports are set to "auto" for duplex and link speed. Again, the ports do work for data - just not PoE. The LEDs light up ok.
 
I've tested four different working devices that can be powered off PoE with it, and all failed to power up using a straight-thru Ethernet cable connected to ports 6 & 7.

Ubiquiti PicoStation M2
MikroTik OmniTik
MikroTik RB450G
MikroTik RB433
 
What should I do to get PoE working? Is it a defective unit?
 
: Saved
: Written by enable_15 at 18:56:43.926 CDT Sun Jun 3 2012
!
ASA Version 8.4(4)

[Code].....

View 1 Replies View Related

Cisco Firewall :: SSH Not Working In 5505?

May 20, 2013

i'm trying to setup my 5505 for SSH but it seem doesn't work. console and HTTPS/ASDM are working.
 
my teraterm is just stuck with the user/password screen. also tried using putty but still failed.
 
ciscoasa# exit 
Logoff 
Username: admin

[Code].....

View 2 Replies View Related

Cisco Firewall :: ASDM Not Working With ASA 8.4

Jan 14, 2013

I have recently upgraded ASA to 8.4 and found that ASDM is not working on it. I tried the latest ASDM version 7.1 still no luck. When I try to access ASA using IE...it just shows " Page can not be displayed "
 
Following is the config which I have
 
http server enable
http 0.0.0.0 0.0.0.0 inside
http 10.52.193.218 255.255.255.255 inside
asdm image disk0:/asdm-711-52.bin
asdm location 0.0.0.0 0.0.0.0 inside
asdm history enable
 
Is there anything else required in ASA 8.4 for ASDM to work? When I telnet to ASA interface with 443 port it works

View 8 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved