Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Cannot pass telnet traffic to solaris server through FWSM

Hello experts,

I'm trying to allow telnet traffic from one vlan to another through the FWSM, and when I try to telnet from my windows machine to any solaris server on the other side, I get black screen (meaning port is opened), however, I do not get the prompt for username and password. if the same is done from any machine on the solaris side, the connection gets through.

Any guesses on why is this happening? BTW, I am allowing IP any any acl on both sides, and not doing any translation on either way...

If somebody give a proper solution, I will give a red tick and 5 points

Regards,

3 REPLIES
Hall of Fame Super Blue

Re: Cannot pass telnet traffic to solaris server through FWSM

Osama

Have you waited to see if the prompt eventually appears ?

Unix boxes often do a reverse DNS lookup on the incoming ip address and if DNS is being blocked on your firewall then it can take a while for it to time out.

If DNS isn't important on the Solaris box either turn it off and retest or in the resolv.conf use 127.0.0.1 as the DNS name server and retest.

Edit - just reread and realise you are allowing IP any any between the 2. However your DNS servers may be elsewhere in relation to the FWSM so it's still worth a quick test.

Jon

Bronze

Re: Cannot pass telnet traffic to solaris server through FWSM

> Have you waited to see if the prompt eventually appears ?

Yes, but it did not appear!

> If DNS isn't important on the Solaris box either turn it off and retest or in the resolv.conf use 127.0.0.1 as the DNS name server and retest.

should the reverse lookup stop the telnet traffic? we already have permit IP any any, and all the pinging is done fine both ways!

Highlighted
Bronze

Re: Cannot pass telnet traffic to solaris server through FWSM

The issue is solved. Actually when we snooped the telnet traffic of the solaris server. we found the server is dropping the packets. There is an inbound telnet traffic to the server and there is no return traffic from the server. so we changed the ip address of the existing interface, and played with the routing table, and it worked fine!

126
Views
3
Helpful
3
Replies
CreatePlease login to create content