We have a problem with doing telnet to inside and outside interface. When we try to do, We received this message. Wha have permit any any in both interface but we can´t doing telnet.
Somebody know what we have doing to solve it??
Version Asa is 8.2.5 model 5510
%ASA-4-402117: IPSEC: Received a non-IPsec (protocol) packet from
remote_IP to local_IP.
You cannot telnet to an outside interface that has security-level 0. You can only ssh, to an outside interface with security-level 0. In general, if any interface that has a security level of 0 or lower than any other interface, then the PIX/ASA does not allow telnet to that interface.
However, if you’re still adamant that you’d like to telnet to the outside interface, then this can be achieved but the steps are too many, too much of an hassle. Well, in order to enable a Telnet session to the outside interface, configure IPsec on the outside interface to include IP traffic that is generated by the Cisco FW and enable Telnet on the outside interface.
It is not recommended to access the security appliance through a Telnet session. The authentication credential information, such as password, are sent as clear text. The Telnet server and client communication happens only with the clear text. Cisco recommends using SSH for a more secured data communication.
For further details on this, please do refer to this URL http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml
ssh version 2
crypto key generate rsa modulus 768
ssh 220.127.116.11 255.255.255.0 outside
telnet 192.168.10.13 255.255.255.255 inside
P/S: If you do find this comment useful, please do rate them nicely :-)