Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Cisco 2948G

I have a catalyst switch 2948G with catIOS. I upgraded the software to a version with SSH support, and disabled the telnet. Now both SSH and Telnet are working. I cleared the ip permit list and reconfigured it, and still the Telnet is still working in addition to the SSH. Is anyone familiar with that switch, who can help me resolve this issue? Thanks so much.

2 ACCEPTED SOLUTIONS

Accepted Solutions
New Member

Re: Cisco 2948G

Jean-Baptiste,

Here is a snippet of the config from a Catalyst 2980G-A I have running CatOS v8.4(11):

#permit list

set ip permit enable telnet

set ip permit enable ssh

set ip permit enable snmp

set ip permit 10.25.0.0 255.255.0.0 ssh

set ip permit 10.25.50.127 snmp

And the output from a "show ip permit":

Telnet permit list enabled.

Ssh permit list enabled.

Snmp permit list enabled.

Permit List Mask Access-Type

------------ ----------- -----------

10.25.0.0 255.255.0.0 ssh

10.25.50.127 snmp

Only SSH is allowed with the above configuration (and obviously some limited SNMP).

Good luck,

Richard

Purple

Re: Cisco 2948G

Towler is correct and that is what I was saying, "set ip permit enable telnet " but put no entries into the ip permit list for telnet.We have done this also and it works.

7 REPLIES
Purple

Re: Cisco 2948G

Maybe you can clarify , are you trying to turn off telnet completely ? If so try this . "set ip permit enable telnet " I think that is the syntax). . Do not put anything in the list for telnet , just your SSH entries if you are restricting ssh access or none if you are not . I believe this will block telnet by doing this . By not putting anything in the list for telnet it is the same as a deny all for telnet . When you do a show ip permit you should only see entries for SSH and maybe snmp if you have that configured.

New Member

Re: Cisco 2948G

Glen,

It did not work. I follow your instructions and nothing. The telnet is still working in addition to the SSH. I need to turn off completely the Telnet. It is not secure.

Purple

Re: Cisco 2948G

Can you post the switch configs . It should work .

New Member

Re: Cisco 2948G

Jean-Baptiste,

Here is a snippet of the config from a Catalyst 2980G-A I have running CatOS v8.4(11):

#permit list

set ip permit enable telnet

set ip permit enable ssh

set ip permit enable snmp

set ip permit 10.25.0.0 255.255.0.0 ssh

set ip permit 10.25.50.127 snmp

And the output from a "show ip permit":

Telnet permit list enabled.

Ssh permit list enabled.

Snmp permit list enabled.

Permit List Mask Access-Type

------------ ----------- -----------

10.25.0.0 255.255.0.0 ssh

10.25.50.127 snmp

Only SSH is allowed with the above configuration (and obviously some limited SNMP).

Good luck,

Richard

Purple

Re: Cisco 2948G

Towler is correct and that is what I was saying, "set ip permit enable telnet " but put no entries into the ip permit list for telnet.We have done this also and it works.

New Member

Re: Cisco 2948G

It is fixed now. After I enable telnet and snmp, I had to this:

clear ip permit telnet

clear ip permit snmp

save the config file...tried it and it works.

Thanks to Glen and Towler for your input.

New Member

Re: Cisco 2948G

It is fixed now. After I enable telnet and snmp, I had to this:

clear ip permit telnet

clear ip permit snmp

save the config file...tried it and it works.

Thanks so much to Glen and Towler for your input.

711
Views
0
Helpful
7
Replies
CreatePlease to create content