• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 260
  • Last Modified:

cannot telnet to 2600 router

I cannot telnet to 2600 router.
Here is my config

access-list 12 permit 1.1.0.0  0.0 255.255

line vty 0 4
access-class 12 in
password xxxx
login
0
cliffordgormley
Asked:
cliffordgormley
  • 4
  • 3
1 Solution
 
brasslanCommented:
You shouldn't need the access-list to allow telnet access.

 I would remove the access-list 12 and access-class 12 in

I'm sure you have an enable password set, I think this is required to enable telnet access as well.

Cheers!
Brasslan
0
 
cliffordgormleyAuthor Commented:
But I am trying to telnet from the outside (internet) to the WAN (serial interface ip).  Are you sure I do not need an access-list?
Maybe I only have an enable secret set, and not an enable password.
0
 
cliffordgormleyAuthor Commented:
Hi Brasslan,
Yep, you are right.  I have a test router and I added the ACCESS-CLASS 12 IN command.  From that point on, I was not able to telnet to the router from the INSIDE< which I have always been able to do before.  Once I removed the ACCESS-CLASS 12, I was able to telnet to the router from the inside.

But I still cannot telnet to the router's WAN/Serial/Public ip interface.  How the heck do you do it?  Sounds simple, but I guess the occasion has never come up before to do this.

Thanks
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
brasslanCommented:
So you are saying that after removing those two access lines, then you can telnet in to the LAN interface but not the WAN interface???
0
 
cliffordgormleyAuthor Commented:
yep...
does that sound normal to you?
0
 
brasslanCommented:
Honestly,, no :-(

Can you ping the WAN int?
Do you have SSH setup on outside int?
Any other access-lists in the router that would get in the way?
0
 
cliffordgormleyAuthor Commented:
I figured out what it was:
I am tired, first of all!
I did not add the correct ip address to the ACCESS-CLASS x.x.x.x IN command
The whole issue was a static nat command that changed the destination ip to an internal ip for ALL packets, even the one in which I was trying to telnet to the wan interface of the router
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now