FWSM Telnet Access

Unanswered Question
Mar 24th, 2010

Dear All

I have FWSM 3.3.

The problem is that if I tried to access the FWSM through telnet with the right username and password it failed the first and second tries but the third try is succeeded.

Any help is appreciated.

Thanks,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jennifer Halim Wed, 03/24/2010 - 03:12

What is the exact version of FWSM? There is no version 3.3.

Please also advise what authentication method you are using for telnet session (local database? tacass? radius? etc).

Can you share the following:

- show run aaa-server

- show run aaa

Thanks.

Ahmad Samir Wed, 03/24/2010 - 03:23

Dear halijenn

Sorry

FWSM version is 3.2(3). Also the access is SSH v2 not the telnet.

Authentication Method : Local Database

username admin password ------------ encrypted privilege 15

aaa authentication ssh console ----- LOCAL

Thanks,

Jennifer Halim Wed, 03/24/2010 - 03:47

Are you experiencing the same symptoms everytime you try to SSH into the FWSM? Can you try to SSH to the FWSM for 3 times, and see if you are experiencing the same issue everytime, ie: only after the third time, you are able to successfully log in.

Can you share the output when you test it? What error message are you getting?

Also, is there only 1 concurrent SSH session into the FWSM? You can check via "show ssh sessions"

Also what SSH Client are you using? Have you tried different SSH Client? and which version of SSH, have you tried both version 1 and 2? is there any difference?

Kureli Sankar Wed, 03/24/2010 - 16:13

May be the password was typed incorrectly until the 3rd time.  How many times have you been able to consistently reproduced this?

I would have someone else type the password for the user admin for a change.

create another username and try that

conf t

username cisco password cisco priv 15

enable logging

conf t

logging on

logging buffered 7

exit

sh logg

and watch for these below logs.


%FWSM-7-710002: tcp access permitted from 10.36.109.35/11221 to man:10.36.109.80/ssh
%FWSM-6-302013: Built inbound TCP connection 0 for man:10.36.109.35/11221 (10.36.109.35/11221) to man:10.36.109.80/22 (10.36.109.80/22)
%FWSM-6-109005: Authentication succeeded for user 'cisco' from 10.36.109.35/11221 to 10.36.109.80/22 on interface man
%FWSM-6-611101: User authentication succeeded: Uname: cisco
%FWSM-6-605005: Login permitted from 10.36.109.35/11221 to man:10.36.109.80/ssh for user "cisco"

-KS

Actions

This Discussion