telnet connection refused problem.

Answered Question
Aug 5th, 2010
User Badges:

need help badly.. just got my 851w router and just started configuring so sory if this is a noob question. hehe anyway, for some reason i cant seem to telnet into my router... i have alredy configured the console and VTY ports and passwords but whenever i try and telnet into it, it just sez connection refused! heres a copy of my running config...  help would be GREATLY apreciated.


**************************************************************
Building configuration...


Current configuration : 4933 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
ip subnet-zero
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
   import all
   network 10.10.10.0 255.255.255.248
   default-router 10.10.10.1
   lease 0 2
!
!
ip cef
no ip domain lookup
ip domain name yourdomain.com
!
!
crypto pki trustpoint TP-self-signed-3526141414
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3526141414
revocation-check none
rsakeypair TP-self-signed-3526141414
!
!
crypto pki certificate chain TP-self-signed-3526141414
certificate self-signed 01
  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33353236 31343134 3134301E 170D3032 30333031 30303139
  34305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35323631
  34313431 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100DFB7 B76BDF0C 1CBC85CA 148C9DBD B79C1F3D E7970B48 970DEAFA 2D58EDE7
  C615DA09 7581DBFE 3F04B5BD 413EE8FC 297DA752 F157C629 CA2CE826 DC55C72A
  E3F7A756 27264D9D E494E444 80974B99 9F849DB4 3C02EF46 29FCF162 0657433E
  1F1F4799 F4F00992 3E63F365 6F919FC5 72E5518A 1C01D3BA ACF11877 E87886AA
  96F70203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
  551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
  301F0603 551D2304 18301680 147BD132 0BFC8834 887EC4FF 2A0BDB5F A84F1694
  F7301D06 03551D0E 04160414 7BD1320B FC883488 7EC4FF2A 0BDB5FA8 4F1694F7
  300D0609 2A864886 F70D0101 04050003 8181001B 99D6A619 634F4EBE BE9C65F6
  2ADD065F 08312A2F 7C0EDF43 6AB89D8A 2099FA56 45F74C35 111A76F1 21D7717E
  9E803FAC 55A692D1 13578382 BE72E6BD 6990A8A3 51B31D10 44BD4258 E0EC05A1
  65F7B29B 41E397E1 ECD04DC1 8DA83591 D530F09D 9BCED1A2 E0DD67A6 3EDE1940
  9E05AC87 35200F2C 2C4EFCF2 3ECFB4B5 54C4CC
  quit
username cisco privilege 15 secret 5 $1$ANwC$o3/xVCQbhdYBQCvCmIQzw/
username mykei privilege 15 secret 5 $1$lDL1$66ALRODb5AY/266aN1kVp0
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.1 255.255.255.0
ip tcp adjust-mss 1452
!
ip classless
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
no cdp run
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------


Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for  one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the


"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.


It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.


username <myuser> privilege 15 secret 0 <mypassword>


Replace <myuser> and <mypassword> with the username and password you want to
use.


-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege le
vel of 15.


Please change these publicly known initial credentials using SDM or the IOS CLI.


Here are the Cisco IOS commands.


username <myuser>  privilege 15 secret 0 <mypassword>
no username cisco


Replace <myuser> and <mypassword> with the username and password you want to use
.


For more information about SDM please follow the instructions in the QUICK START


GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^C
banner motd ^C test ^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password fossil
login
transport input telnet ssh
!
scheduler max-task-time 5000
end

-----------------------------------------------------------------------------------------------

my setup is that i have 2 laptops connected to the router. laptop(A) is connected through the console port, and laptop(B) is connected through its ethernet port. laptopB was assigned an ip adress of 192.168.1.2. both laptops can ping the router with the adress of 192.168.1.1 but none of them can telnet into it. all it returns is conection refused. help please:(

Correct Answer by Tharak Abraham about 6 years 7 months ago

Mychal,


You seem to have put an access list for he vty's

It will allow only hosts with source ip in the range specified in access list 23, ie 10.10.10.1 - 7.


Please change the access-list to

access-list 23 permit 192.168.1.0 0.0.0.7


That should do the job.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Tharak Abraham Fri, 08/06/2010 - 00:07
User Badges:
  • Bronze, 100 points or more

Mychal,


You seem to have put an access list for he vty's

It will allow only hosts with source ip in the range specified in access list 23, ie 10.10.10.1 - 7.


Please change the access-list to

access-list 23 permit 192.168.1.0 0.0.0.7


That should do the job.

milan.kulik Fri, 08/06/2010 - 00:08
User Badges:
  • Red, 2250 points or more

Hi,


line vty 0 4
access-class 23 in


where

access-list 23 permit 10.10.10.0 0.0.0.7


but your laptop has ip adress of 192.168.1.2.


HTH,

Milan

Actions

This Discussion