05-30-2007 12:37 AM - edited 03-03-2019 05:13 PM
Hi all,
I have an E1 link between our two sites. Its terminated on 3825 router (2MFT-E1-G.703) on one side and 2801 (2MFT-E1-g.703) on the other side. Link is working fine. I can ping the corresponding serial interfaces from my machine but cannot telnet the 2801 router!! All routes are there.... When I telnet 3825 and than telnet 2801 from there, it works!! Any workaround ???
Sheeraz
05-30-2007 12:49 AM
I think there is a access-list at the LAN interface of 3825 router blocking the port '23' for the serial ip of 2801 router.
I dont think any other reasons. If you can provie config of 3825.
--Jaffer
05-30-2007 12:52 AM
Hi Sheeraz ,
Can you paste the config of 2801 router.
Have you configured any username on 2801 router.
check out the line vty configuration on 2801 router.
line vty 0 4
login
password XXXX.
or
username XXXX password XXXX
line vty 0 4
login local
or
you can create access-list for restricting users to telent to 2801 router.
craete standard access-list like
access-list 4 permit IP address
line vty 0 4
login
access-class 4 in.
Thanks,
Satish
05-30-2007 03:44 AM
05-30-2007 05:40 AM
Hi Satish,
I made the accesslist and it shows the hits as well but do not connect!!! It still gives the same message "Connecting To 172.16.15.30...Could not open connection to the host, on port 23: Connect failed"
Sheeraz
05-30-2007 06:23 AM
Hi ,
You are using SSH for accessing the router.
SSH is an application and protocol that provides a secure replacement to the Berkley r-tools. SSH uses standard cryptographic mechanisms in order to secure the sessions. The SSH session between two devices is encrypted and, therefore, is secure. This encryption is an advantage over a Telnet session, in which the communication happens in clear text.
You need configure the following commands on 2801 router , where as same is configured on 3845 router.
In order to enable SSH-based access on the 2801 router ,, you first must configure the 2801 as a SSH server. Follow these steps in order to configure an SSH server on the from CLI:
Configure a host name and domain name for the router.
#configure terminal
#hostname XXX
#ip domain name XXXX
Generate a Rivest, Shamir, and Adelman (RSA) key for your 2801 router
Generation of an RSA key enables SSH on the 2801 router. Issue this command in global configuration mode:
!--- This generates an RSA key and enables the SSH server.
Note: The recommended minimum RSA key size is 1024.
1. Configure user authentication on the 2801 router.
On the 2801 router, you can configure user authentication to use either the local list or an external authentication, authorization, and accounting (AAA) server. This example uses a locally generated list in order to authenticate the users:
This configuration configures the 2801 router to perform user-based authentication with the use of a local database that is configured on the router. The example configures two users in the local database, "Test" and "ABC".
Configure the SSH parameters.
Thanks,
Satish
05-30-2007 06:43 AM
Just try out below option once...
If you are able to ping to fast ethernet of 2801 router from your pc...made the following changes and check the issue....
Note: It is for testing purpose only...
Username XXXX password XXXX
line vty 0 4
login local.
where is your pc is connected means to which router ?
Thanks,
Satish
05-30-2007 10:35 AM
Have you tried to ping your workstation from the 2801 router? Use all possible interfaces as the source to see if there are any routing problem. Are you sure you are using no ip classless?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: