CW LMS 2.6 stop telnet

Answered Question
Jul 12th, 2007
User Badges:

In RME I have deactivated telnet for any transport protocol. RME should only use ssh. But any time it tries to get in contact with a device it goes as follows:

Example for config editor:

1: ssh, but ends immediatelly after "Server Protocol: SSH-1.5-Cisco-1.25" from device

2: 30 telnet tries (all blocked by our firewall)

3: ssh (changes the config and ends ok)

4: ssh (ends like 1:)

5: 30 telnet tries (blocked by FW)

6: ssh again (gets the changed config)

Is there any way to avoid these uselesss telnet tries? Every collection of the configuration of our ~500 devices leads to +27000 useless telnet attempts!

Thank you for any info about that.

Correct Answer by Joe Clarke about 9 years 10 months ago

What version of RME do you have? Most telnet packets should be dropped in RME 4.0.5, but there is at least one known instance where telnet may be attempted even on single-homed machines. On multi-homed machines, telnet will always be tried (followed by SSH) to try and obtain the local server address to use when communicating with the device. This cannot be changed.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
Joe Clarke Thu, 07/12/2007 - 07:58
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

What version of RME do you have? Most telnet packets should be dropped in RME 4.0.5, but there is at least one known instance where telnet may be attempted even on single-homed machines. On multi-homed machines, telnet will always be tried (followed by SSH) to try and obtain the local server address to use when communicating with the device. This cannot be changed.

hanjo Thu, 07/12/2007 - 22:59
User Badges:

Our RME version is 4.0.5. It runs on a single-homed machine with a natting boundary to the devices.

Joe Clarke Thu, 07/12/2007 - 23:13
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Ah, then you are probably hitting CSCsh34033 which is fixed in LMS 3.0, and will be fixed in 2.6 later this year. A patch is available by calling the TAC.

hanjo Thu, 08/02/2007 - 03:50
User Badges:

Hi jclarke,

I'm afraid I have to come back to the telnet problem. Our TAC can not find a patch to CSCsh34033. Could you please provide more information on that? A link to download the patch would be great.

Regards

Hanjo Dahmen, DATEVeG

Joe Clarke Thu, 08/02/2007 - 08:49
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

The patch is available. I'm not sure why they said they could not find it. They should have contacted me directly.

Actions

This Discussion