07-12-2007 12:49 AM
In RME I have deactivated telnet for any transport protocol. RME should only use ssh. But any time it tries to get in contact with a device it goes as follows:
Example for config editor:
1: ssh, but ends immediatelly after "Server Protocol: SSH-1.5-Cisco-1.25" from device
2: 30 telnet tries (all blocked by our firewall)
3: ssh (changes the config and ends ok)
4: ssh (ends like 1:)
5: 30 telnet tries (blocked by FW)
6: ssh again (gets the changed config)
Is there any way to avoid these uselesss telnet tries? Every collection of the configuration of our ~500 devices leads to +27000 useless telnet attempts!
Thank you for any info about that.
Solved! Go to Solution.
07-12-2007 07:58 AM
What version of RME do you have? Most telnet packets should be dropped in RME 4.0.5, but there is at least one known instance where telnet may be attempted even on single-homed machines. On multi-homed machines, telnet will always be tried (followed by SSH) to try and obtain the local server address to use when communicating with the device. This cannot be changed.
07-12-2007 07:58 AM
What version of RME do you have? Most telnet packets should be dropped in RME 4.0.5, but there is at least one known instance where telnet may be attempted even on single-homed machines. On multi-homed machines, telnet will always be tried (followed by SSH) to try and obtain the local server address to use when communicating with the device. This cannot be changed.
07-12-2007 10:59 PM
Our RME version is 4.0.5. It runs on a single-homed machine with a natting boundary to the devices.
07-12-2007 11:13 PM
Ah, then you are probably hitting CSCsh34033 which is fixed in LMS 3.0, and will be fixed in 2.6 later this year. A patch is available by calling the TAC.
08-02-2007 03:50 AM
Hi jclarke,
I'm afraid I have to come back to the telnet problem. Our TAC can not find a patch to CSCsh34033. Could you please provide more information on that? A link to download the patch would be great.
Regards
Hanjo Dahmen, DATEVeG
08-02-2007 08:49 AM
The patch is available. I'm not sure why they said they could not find it. They should have contacted me directly.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: