login problem with fwsm

Answered Question
Feb 14th, 2010

we are having problems getting login to one of our fwsm firewall via telnet, though asdm access is working good.

this is the message that appears:


The default escape character is Ctrl-^, then x.
You can also type 'exit' at the remote prompt to end the session
Trying 127.0.0.61 ...
% Connection timed out; remote host not responding

Secondary firewall allows telnet access fine. Please suggest what may be the cause & any possible way out.

Thanks.

I have this problem too.
0 votes
Correct Answer by Kureli Sankar about 6 years 9 months ago

Unfortunately both these are marked internal meaning no customer has faced this issue yet.

If you need an external link you need to open a case with us and the TAC engineer can make this external for you so, you can read up on it.

Once you open a case provide the case number. I will notify the engineer of the defect that I was talking about.

-KS

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Ganesh Hariharan Sun, 02/14/2010 - 05:43

we are having problems getting login to one of our fwsm firewall via telnet, though asdm access is working good.

this is the message that appears:


The default escape character is Ctrl-^, then x.
You can also type 'exit' at the remote prompt to end the session
Trying 127.0.0.61 ...
% Connection timed out; remote host not responding

Secondary firewall allows telnet access fine. Please suggest what may be the cause & any possible way out.

Thanks.

Hi,

Check out that from the desktop you are connecting is permiited for telnet access in firewall.

Under configuration--device management -- management access -- cli -- telnet check out here your desktop ip is permitted or not.

Hope to help !!

Ganesh.H

Kureli Sankar Sun, 02/14/2010 - 06:01

Seems like the FWSM is in slot 6. Pls. verify the following:

1. The line vty line on the switch allows telnet as a transport and there is no access-class applied.

2. sh tcp brief - on the switch

make sure there are no sessions to 127.0.0.61 stuck. If so clear then all with the command "clear tcp tcp ". I'd clear all of them to 127.0.0.61

6509#sh tcp brief
TCB                 Local Address        Foreign Address  (state)
0x105ABD0         127.0.0.61:1025          127.0.0.31:23  ESTAB

6509#cle tcp tcb 0x105ABD0
[confirm]

3. Now try the session in command again.

-KS

suthomas1 Sun, 02/14/2010 - 09:10

Thanks, it doesnt show any session remaining on 127.0.0.61 on the output.

Kureli Sankar Sun, 02/14/2010 - 09:35

Paste the output pls. Also, are you sure the module is up? sh module? It accepts telnet, ssh and/or asdm sessions and just now session from the switch?

Is this a VSS setup?

-KS

suthomas1 Mon, 02/15/2010 - 02:17

Hi,

below is the output:

TCB                 Local Address        Foreign Address  (state)
0109CB12            192.168.100.2:23       192.168.200.5:2984  ESTAB

line vty 0 4
password 7 XXXXX
transport input telnet ssh
line vty 5 15
accounting commands 15 YYYYY
transport input ssh

Module is up and allowing connections to be passed across. its ip is reachable from 6500.

Kureli Sankar Mon, 02/15/2010 - 06:04


Found 2 defects for the symptom.

Resolved in 2.3.5, 3.2.2, 3.1.5

A reload should resolve the issue. Make sure you are running a resolved code.

-KS


suthomas1 Mon, 02/15/2010 - 08:48

Thanks, may i have the link(if any) or brief description to these pointers to understand the problem & resolution better.

Thanks!

Correct Answer
Kureli Sankar Mon, 02/15/2010 - 08:51

Unfortunately both these are marked internal meaning no customer has faced this issue yet.

If you need an external link you need to open a case with us and the TAC engineer can make this external for you so, you can read up on it.

Once you open a case provide the case number. I will notify the engineer of the defect that I was talking about.

-KS

Actions

This Discussion