Solved

Virtual telnet on a pix 515e

Posted on 2006-06-10
16
534 Views
Last Modified: 2013-11-15
Hi,
I have a pix 515e with a vpn setup.
the vpn works just fine.
the problem is that when I connect to the vpn, I am not able to use CRT (telnet program).
I believe that this is do to not being able to auth through the pix.
I read about virtual telnet but not sure if this will work or how to set it up.
is this the right way to do this or is there a better way?
the box that I am connecting to is red hat.
Al
0
Comment
Question by:lacroix_al
  • 8
  • 5
  • 3
16 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 16880942
If the VPN works, then you should be able to telnet to the redhat box with no problem.
Check the default gateway on the Redhat system.
Virtual telnet won't do you any good from the VPN
If you want to post the PIX config, I might be able to see something that can be changed to help your situation.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16880962
Can you telnet to the RedHat box when local to the location of this server?  The most recent distributions of RedHat do not install telnet by default, they use SSH instead.

On the RedHat box do you have iptables setup as a firewall?  Does it allow the IP addresses in the VPN range to inbound?
0
 

Author Comment

by:lacroix_al
ID: 16881322
Irmoore
I will look at the defaulf gateway.
Why did you write that virtual telnet won't do me any good?
isn't virtual telnet used to auth the service?

giltjr
I can telnet to the red hat box from inside the network.
I didn't setup the red hat box.
where would I look for the iptable?
That would make sence being that the VPN addresses are dif.

Thanks
Al
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 16881387
When you VPN in, you bypass all the access-lists, statics, etc that are required for virtual telnet sessions.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16881823
Are you the now current admin for the RedHat box?
0
 

Author Comment

by:lacroix_al
ID: 16882300
irmoore
so what you are saying is that once connected to the vpn, everything should work as if sitting at a PC on the lan but slower. yes?

giltjr
yes, I am the current red hat admin.
I have just taken over the network but I know little about red hat.

Al
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 250 total points
ID: 16882311
Yes, exactly. You are just another node on the network, albeit with a different subnet IP address.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
ID: 16882384
Here is a How to for iptables:

http://www.linuxguruz.com/iptables/howto/iptables-HOWTO.html

But to start with logon as root (or su or do sudo) and enter:

     /sbin/iptables -L

The output should show you what filters you have setup, if any.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:lacroix_al
ID: 16886088
irmoore
thanks

giltjr
I'll go try this

thanks
Al
0
 

Author Comment

by:lacroix_al
ID: 16898220
Ok
so I just got the username and password to get into the box.
it turns out that it is a SCO unix box.
does this change anything or everything?
AL
0
 

Author Comment

by:lacroix_al
ID: 16898586
Ok
I used ifconfig -a
output
net1 192.168.254.100 netmask ffffff00 broadcast 192.168.254.255

I don't see that the default gateway is set.
is there another command that will work?
Al
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16899208
Yes, SCO Unix makes a difference.  I am not really familure with SCO Unix, so I am not sure what type of IP filtering it uses.  It may have iptables, it may not.

To see the routing table you should enter the command: netstat -rn

0
 

Author Comment

by:lacroix_al
ID: 16899238
yes I figured it out
it was the default gateway
I used the command add route default <ip address>
It fixed the problem
Thanks for all your help
Al
0
 

Author Comment

by:lacroix_al
ID: 16899249
I awarded the points because you both answered my questions.
It wasn't your fualt that I gave incorrect info.
Thanks
Al
0
 
LVL 57

Expert Comment

by:giltjr
ID: 16899305
Glad we could provide some information and glad to see you got it working.  One thing,  I am not sure in SCO Unix how you define routes so that they stay across re-boots.  I don't think that add route will not stay across boot.

http://www.tek-tips.com/faqs.cfm?fid=1436

This may give you some ideas of where to look.
0
 

Author Comment

by:lacroix_al
ID: 16908999
ok
Thanks
Al
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

How to fix error ""Failed to validate the vCentre certificate. Either install or verify the certificate by using the vSphere Data Protection Configuration utility" when you are trying to connect to VDP instance from Vcenter.
By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now