02-23-2007 10:30 AM - edited 03-09-2019 05:27 PM
I have 2 PIX 515E the sh ver info is below. VirtualTelent session just hangs when I try to connect. It doesn't even prompt me for a user name/pwd. I deleted and re-created the VirtualTelnet intf and user id/pwd that we are suppose to use w/ cut-thru proxy...Still I can't even get a user id/pwd prompt....Logging doesn't show a whole lot...only session tries to start and then nothing...I'm starting to think it's a IOS revision issue...Any ideas would be greatly appreciaited... Thanks in Advance...
Cisco PIX Firewall Version 6.3(4)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Fri 02-Jul-04 00:07 by morlee
PFW015 up 198 days 0 hours
Hardware: PIX-515E, 32 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 0012.dac4.d901, irq 10
1: ethernet1: address is 0012.dac4.d902, irq 11
2: ethernet2: address is 00e0.b605.678b, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 3
Maximum Interfaces: 5
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
02-23-2007 12:39 PM
Hi,
Relevant config will help.
Off the head one thing comes to mind .. If the aaa server is not reachable you will not get the username prompt.
Regards,
Vivek
03-22-2007 06:45 AM
AAA server is ping from firewall....
Here are my AAA ACLs:
access-list outside_authentication_LOCAL deny tcp any object-group ncplyavpsql10_ref eq www
access-list outside_authentication_LOCAL deny tcp object-group AP_Support object-group PCN_LAN_ref
access-list outside_authentication_LOCAL deny tcp object-group SQL_Servers object-group ncplyavpsql10_ref
access-list outside_authentication_LOCAL deny tcp object-group Domain_controllers object-group PCN_LAN_ref
access-list outside_authentication_LOCAL deny tcp any any
access-list outside_authorization_TACACS+ permit tcp any object-group RDP_Services object-group ncplyavpsql10_ref object-group RDP_Services
access-list outside_authorization_TACACS+ deny tcp object-group Lucidyne_VPN any
access-list outside_authentication_TACACS+ deny tcp object-group Lucidyne_VPN any
access-list outside_authentication_TACACS+ permit tcp any object-group VirtualTelnet_ref eq telnet
Virtual Telnet is active:
virtual telnet VirtualTelnet
What else do you need to see.....?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide