04-06-2009 10:15 AM
Hi, i have a strange problem with my cisco 837. I can telnet to it from my local lan no problems but when i try to telnet to it from work or any external ip it will not and eventually times out. I did have an access list applied to the vty lines but i allowed my work ip address and could see the match counter increment on the allow statement. I have now completely removed the access list but the problem remains.
Trying 82.12.xxx.xxx...
telnet: connect to address 82.12.xxx.xxx: Connection timed out
line vty 0 4
session-timeout 35791
exec-timeout 35791 0
logging synchronous
length 0
transport preferred telnet
transport input telnet ssh
transport output all
04-06-2009 11:06 AM
took me a little while but figured it out. I had my internet connected nat'd, the route map pointed to an access list which said permit ip any any. This was causing the remote telnet/ssh problems. The nat access list needed to be for the inside networks permited only i.e. something like permit 192.168.1.0 0.0.0.255 any.
04-07-2009 05:43 AM
On the NAT access-list you need to deny the telnet traffic toward the router.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide