Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Telnet Problem

I am having an issue telneting from any device on my network to a 4503 (running Version 12.2(31)SG).

The following is the configuration for the vty lines:

line vty 0 4

exec-timeout 5 0

login local

transport input all

transport output telnet

line vty 5 15

exec-timeout 5 0

login local

transport input all

transport output telnet

The following is what I get on a debug:

Sep 2 19:47:41 UTC: Telnet1: 1 1 251 1

Sep 2 19:47:41 UTC: TCP1: Telnet sent WILL ECHO (1)

Sep 2 19:47:41 UTC: Telnet1: 2 2 251 3

Sep 2 19:47:41 UTC: TCP1: Telnet sent WILL SUPPRESS-GA (3)

Sep 2 19:47:41 UTC: Telnet1: 80000 80000 253 24

Sep 2 19:47:41 UTC: TCP1: Telnet sent DO TTY-TYPE (24)

Sep 2 19:47:41 UTC: Telnet1: 10000000 10000000 253 31

Sep 2 19:47:41 UTC: TCP1: Telnet sent DO WINDOW-SIZE (31)

Sep 2 19:47:41 UTC: TCP1: Telnet received DO SUPPRESS-GA (3)

Sep 2 19:47:41 UTC: TCP1: Telnet received WILL TTY-LOCATION (23) (refused)

Sep 2 19:47:41 UTC: TCP1: Telnet sent DONT TTY-LOCATION (23)

Sep 2 19:47:41 UTC: TCP1: Telnet received WILL TTY-SPEED (32) (refused)

Sep 2 19:47:41 UTC: TCP1: Telnet sent DONT TTY-SPEED (32)

Sep 2 19:47:41 UTC: TCP1: Telnet received WILL WINDOW-SIZE (31)

Sep 2 19:47:41 UTC: TCP1: Telnet received WILL LOCAL-FLOW (33) (refused)

Sep 2 19:47:41 UTC: TCP1: Telnet sent DONT LOCAL-FLOW (33)

Sep 2 19:47:41 UTC: TCP1: Telnet received DO ECHO (1)

Sep 2 19:47:41 UTC: TCP1: Telnet received WONT TTY-TYPE (24)

Sep 2 19:47:41 UTC: TCP1: Telnet sent DONT TTY-TYPE (24)

Sep 2 19:47:41 UTC: Telnet1: recv SB NAWS 80 24

Sep 2 19:47:41 UTC: TCP1: Telnet received WONT TTY-LOCATION (23)

Sep 2 19:47:41 UTC: TCP1: Telnet received WONT TTY-SPEED (32)

Sep 2 19:47:41 UTC: TCP1: Telnet received WONT LOCAL-FLOW (33)

[Connection to X.X.X.X closed by foreign host]

Any help would be appreciated.

Thanks.

2 REPLIES
Hall of Fame Super Bronze

Re: Telnet Problem

I don't see any ACLs under the VTY but do you have any Security ACLs on the switch preventing telnet?

If you can post a sanitized config from the switch, we can help further.

__

Edison.

New Member

Re: Telnet Problem

Edison, the only other security ACLs in place are for snmp and for https access.

There are no other ACLs that I can see in the config.

one weird thing, that I did notice, that doesnt show up in the config are ACLs that appear to be for control plane policing. When I do a 'show access-lists' the following list is displayed (aside from the two ACLS that show up in the config for snmp and http):

Extended IP access list system-cpp-all-routers-on-subnet

10 permit ip any host 224.0.0.2

Extended IP access list system-cpp-all-systems-on-subnet

10 permit ip any host 224.0.0.1

Extended IP access list system-cpp-dhcp-cs

10 permit udp any eq bootpc any eq bootps

Extended IP access list system-cpp-dhcp-sc

10 permit udp any eq bootps any eq bootpc

Extended IP access list system-cpp-dhcp-ss

10 permit udp any eq bootps any eq bootps

Extended IP access list system-cpp-igmp

10 permit igmp any 224.0.0.0 31.255.255.255

Extended IP access list system-cpp-ip-mcast-linklocal

10 permit ip any 224.0.0.0 0.0.0.255

Extended IP access list system-cpp-ospf

10 permit ospf any 224.0.0.0 0.0.0.255

Extended IP access list system-cpp-pim

10 permit pim any 224.0.0.0 0.0.0.255

Extended IP access list system-cpp-ripv2

10 permit ip any host 224.0.0.9

Extended MAC access list system-cpp-bpdu-range

permit any 0180.c200.0000 0000.0000.000f

Extended MAC access list system-cpp-cdp

permit any host 0100.0ccc.cccc

Extended MAC access list system-cpp-cgmp

permit any host 0100.0cdd.dddd

Extended MAC access list system-cpp-dot1x

permit any host 0180.c200.0003

Extended MAC access list system-cpp-garp-range

permit any 0180.c200.0020 0000.0000.000f

Extended MAC access list system-cpp-sstp

permit any host 0100.0ccc.cccd

However, I'm not sure if its tied to anything. When I run any of the following commands, nothing is displayed.

sh policy-map system-cpp-policy

sh policy-map control-plane input

sh policy-map control-plane

FYI, I will work on getting the sanitized config posted.

Thanks

588
Views
0
Helpful
2
Replies