Not able to telnet from Public IP.

Hutchcisco · ‎07-25-2007

Hi,

we are using Pix 515e (6.3 version).

Have assigned telnet access to a static public ip to one of the LAN IP (HP-UX OS) and able to ping the LAN (HP-UX) from other public IP but not able to access the telnet and the same is perfectly working if assigned to some other LAN IP.(telnet perfectly working for the HP-UX machine in the Local LAN).

please suggest me for this...

mattiaseriksson · ‎07-25-2007

You permit telnet to that static NAT address in the access-list? Are the access-list counters increasing when you are testing? Have you verified in the PIX log file that a connection is occuring?

In that case it can be a server issue, some systems use hosts.allow to permit telnet connections, some have local firewalls, and some do reverse-lookup before permitting a connection. Check the server log files as well.

JORGE RODRIGUEZ · ‎07-27-2007

make sure static nat and access list is properly configured.

e.g.

public IP: 1.1.1.1

Local IP: 2.2.2.2

static (inside,outside) 1.1.1.1 2.2.2.2 netmask 255.255.255.255 0 0

access-list outside_access_in permit tcp any host 1.1.1.1 eq telnet

access-group outside_access_in in interface outside

Jorge Rodriguez