cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1080
Views
10
Helpful
5
Replies

CW LMS 2.6 stop telnet

hanjo
Level 1
Level 1

In RME I have deactivated telnet for any transport protocol. RME should only use ssh. But any time it tries to get in contact with a device it goes as follows:

Example for config editor:

1: ssh, but ends immediatelly after "Server Protocol: SSH-1.5-Cisco-1.25" from device

2: 30 telnet tries (all blocked by our firewall)

3: ssh (changes the config and ends ok)

4: ssh (ends like 1:)

5: 30 telnet tries (blocked by FW)

6: ssh again (gets the changed config)

Is there any way to avoid these uselesss telnet tries? Every collection of the configuration of our ~500 devices leads to +27000 useless telnet attempts!

Thank you for any info about that.

1 Accepted Solution

Accepted Solutions

Joe Clarke
Cisco Employee
Cisco Employee

What version of RME do you have? Most telnet packets should be dropped in RME 4.0.5, but there is at least one known instance where telnet may be attempted even on single-homed machines. On multi-homed machines, telnet will always be tried (followed by SSH) to try and obtain the local server address to use when communicating with the device. This cannot be changed.

View solution in original post

5 Replies 5

Joe Clarke
Cisco Employee
Cisco Employee

What version of RME do you have? Most telnet packets should be dropped in RME 4.0.5, but there is at least one known instance where telnet may be attempted even on single-homed machines. On multi-homed machines, telnet will always be tried (followed by SSH) to try and obtain the local server address to use when communicating with the device. This cannot be changed.

Our RME version is 4.0.5. It runs on a single-homed machine with a natting boundary to the devices.

Ah, then you are probably hitting CSCsh34033 which is fixed in LMS 3.0, and will be fixed in 2.6 later this year. A patch is available by calling the TAC.

Hi jclarke,

I'm afraid I have to come back to the telnet problem. Our TAC can not find a patch to CSCsh34033. Could you please provide more information on that? A link to download the patch would be great.

Regards

Hanjo Dahmen, DATEVeG

The patch is available. I'm not sure why they said they could not find it. They should have contacted me directly.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco