Cannot telnet into SOHO71 SOHO 71

telecastle · ‎08-11-2008

Hi,

This is really embarrassing especially because I have been in the routing, switching a and voice field for a long time.

I am trying to telnet to a Cisco SOHO 71 router and am experiencing problems that I have never seen before. Basically, the router refuses to accept a telnet connection no matter what I try.

I configured the router via console, and in fact it is functioning. It is running PPPPoE, and because I had opened the port for RDP, I can Remote Desktop to a remote workstation through this router at the remote site and get in it via console. However, I cannot telnet into the router from the Internet and neither can I telnet into it from the remote workstation plugged into one of its LAN ports.

Before you ask, yes, there's an access-list on int E1 (WAN interface), but the first line in that access list allows access via telnet

ip access-list extended FIREWALL

permit tcp any any eq 23

Moreover, I can see that traffic is hitting the ACE in the ACL when I try to telnet from the Internet.

However, I cannot even telnet from the inside, which is really weird.

Also, I did verify that:

"transport input all" command is configured under "line vty 0 4".

This router has no crypto, so telnet is the only option to get in. The router is also reporting memory allocation problems while running the latest firmware:

soho71-oy6-mz.122-13.ZH10.bin

Thinking I may be hitting an IOS bug, I tried to load soho71-oy6-mz.122-13.ZH9.bin, which is the only other image available, but with this image, the router would not load. I am going to attempt a rommon TFTP download to recover the router.

This may be a hardware failure, but it's a "brand-new" router that was shipped as a replacement and sat in a box for 2 years. This is the first time I have tried to use it. Also, I failed to back up the original image that came on it because it was at least 2 years old, and I thought one of the two images available for this router would definitely work. I realize it was a mistake because neither one of the available images seem to be working.

I have been hitting a lot of IOS bugs lately on various platforms, troubleshooting of which kills a lot of time. Because SOHO 71 is an old router, I am not sure Cisco is actively addressing bugs (the latest image soho71-oy6-mz.122-13.ZH10.bin was released in December 2007). So, does anyone have any ideas what could be causing the telnet issue? Does anyone know where I can get an older IOS image than the two posted on cisco.com?

Thanks!

P.S. I have another router at the site -- SOHO91, which I am trying to replace with this SOHO71. I pretty much copied the configuration from the SOHO91 (which I had configured earlier). I removed everything related to crypto, but other than that, it's the same config. I can telnet to SOHO91 from the inside, so the problem I am describing here is related to SOHO 71, which I have never used before.

marksant · ‎08-11-2008

Hi,

You mentioned that you have this configured:

line vty 0 4

transport input all

Do you have this configured under line vty 0 4 ?

login

password cisco

Also try to remove all ACLs to isolate issue further.

If I may ask, can you also post the configuration ?

Regards,

Mark

telecastle · ‎08-13-2008

Thanks for your response. You were right about the login command. I had aaa enabled, but when I copied the config from the SOHO91 to the SOHO71, the default setting of "login authentication default" did not seem to work for some reason. I guess it's the difference between the 12.4 and the 12.3 IOS versions. SOHO 71 does not have a 12.4 version. So, I had to manually issue the "login authentication aaa", and I was able to telnet into the box.