We help IT Professionals succeed at work.

Virtual telnet on a pix 515e

571 Views
Last Modified: 2013-11-15
Hi,
I have a pix 515e with a vpn setup.
the vpn works just fine.
the problem is that when I connect to the vpn, I am not able to use CRT (telnet program).
I believe that this is do to not being able to auth through the pix.
I read about virtual telnet but not sure if this will work or how to set it up.
is this the right way to do this or is there a better way?
the box that I am connecting to is red hat.
Al
Comment
Watch Question

Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
If the VPN works, then you should be able to telnet to the redhat box with no problem.
Check the default gateway on the Redhat system.
Virtual telnet won't do you any good from the VPN
If you want to post the PIX config, I might be able to see something that can be changed to help your situation.
CERTIFIED EXPERT
Top Expert 2014

Commented:
Can you telnet to the RedHat box when local to the location of this server?  The most recent distributions of RedHat do not install telnet by default, they use SSH instead.

On the RedHat box do you have iptables setup as a firewall?  Does it allow the IP addresses in the VPN range to inbound?

Author

Commented:
Irmoore
I will look at the defaulf gateway.
Why did you write that virtual telnet won't do me any good?
isn't virtual telnet used to auth the service?

giltjr
I can telnet to the red hat box from inside the network.
I didn't setup the red hat box.
where would I look for the iptable?
That would make sence being that the VPN addresses are dif.

Thanks
Al
Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008

Commented:
When you VPN in, you bypass all the access-lists, statics, etc that are required for virtual telnet sessions.
CERTIFIED EXPERT
Top Expert 2014

Commented:
Are you the now current admin for the RedHat box?

Author

Commented:
irmoore
so what you are saying is that once connected to the vpn, everything should work as if sitting at a PC on the lan but slower. yes?

giltjr
yes, I am the current red hat admin.
I have just taken over the network but I know little about red hat.

Al
Les MooreSystems Architect
CERTIFIED EXPERT
Top Expert 2008
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT
Top Expert 2014
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
irmoore
thanks

giltjr
I'll go try this

thanks
Al

Author

Commented:
Ok
so I just got the username and password to get into the box.
it turns out that it is a SCO unix box.
does this change anything or everything?
AL

Author

Commented:
Ok
I used ifconfig -a
output
net1 192.168.254.100 netmask ffffff00 broadcast 192.168.254.255

I don't see that the default gateway is set.
is there another command that will work?
Al
CERTIFIED EXPERT
Top Expert 2014

Commented:
Yes, SCO Unix makes a difference.  I am not really familure with SCO Unix, so I am not sure what type of IP filtering it uses.  It may have iptables, it may not.

To see the routing table you should enter the command: netstat -rn

Author

Commented:
yes I figured it out
it was the default gateway
I used the command add route default <ip address>
It fixed the problem
Thanks for all your help
Al

Author

Commented:
I awarded the points because you both answered my questions.
It wasn't your fualt that I gave incorrect info.
Thanks
Al
CERTIFIED EXPERT
Top Expert 2014

Commented:
Glad we could provide some information and glad to see you got it working.  One thing,  I am not sure in SCO Unix how you define routes so that they stay across re-boots.  I don't think that add route will not stay across boot.

http://www.tek-tips.com/faqs.cfm?fid=1436

This may give you some ideas of where to look.

Author

Commented:
ok
Thanks
Al
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.