telnet connection problem to ASA 5500 IOS 8.0(2)

Unanswered Question
Aug 27th, 2007

has anyone had any problems with telnetting to an ASA 5550 firewall? I try to telnet but connection is refused, it does that for SSH connection as well. i am not sure if there is any other commands that need to be added to allow for inside interface. thanks

IOS version is 8.0(2)

telnet 11.27.18.11 255.255.255.255 INSIDE

telnet timeout 5

ssh 11.27.18.9 255.255.255.255 INSIDE

ssh timeout 5

management-access INSIDE

Ercan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
purohit_810 Mon, 08/27/2007 - 11:37

For telnet it seems o be fine configuration... Please do one INSIDE interface shut and NO shut.

Also give telnet timeout 30 {It could possible 5 second problematic}

Second, For SSH connection : you also have to enable RSA KEY...

crypto key generate rsa module 1024

wr mem

ssh 11.27.18.9 255.255.255.255 INSIDE

ssh timeout 5

ssh ver 1 or 2

Regards,

Dharmesh Purohit

ercanelibol Tue, 08/28/2007 - 10:12

hi,

thanks for the reply. it still does not work for telnet and ssh, but web access,ASDM works fine. Data traffic flows throught firewall fine inbound and outbound without any issue.

For ssh, now I am getting "ssh_exchange_identification: read: Connection reset by peer".

johnroche_2 Tue, 08/28/2007 - 04:23

Hi

I had a similar issue.

When I investigated, turned out to be a routing issue. The Firewall could ping my machine, but my machine could not ping the firewall

John

ercanelibol Tue, 08/28/2007 - 10:09

hi,

my issue seems to be with the IOS version I am running, it could be a bug in the version 8.0(2)

johnroche_2 Tue, 08/28/2007 - 11:48

from command line on the ASA can you ping the host that you are Telnet/ssh from and vice versa

hsajwan Tue, 08/28/2007 - 13:00

Are you coming over a vpn connection? I am asking this because you put in the command "management-access inside".

Here are some steps that I would suggest you to try:

-- try rebooting the ASA

-- connect a host directly to the ASA's inside interface and then try

-- try telnet 0 0 inside / ssh 0 0 inside

-- if nothing works, collect syslogs as you telnet/ssh to ASA and provide syslogs here.

I hope that helps..

Actions

This Discussion