cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
494
Views
0
Helpful
2
Replies

Telnet to router from Internet

andy.woo
Level 1
Level 1

Hi,

encounter problems on accessing the router via telnet from Internet when NAT is applied to the WAN interface of the router. The access-list that tied to the NAT statement has already permit all traffic to pass thru.

I have tried adding the command "transport input telnet" under line vty 0 4 section but still couldn't work. Check on the "show ip nat trans" and is able to see translations taking place for the telnet session but just couldn't establish further; always get connection error on the client side.

Appreciate if anyone can advise.

2 Replies 2

ssoberlik
Level 4
Level 4

The acl that is tied to NAT should not permit all traffic. By using a permit any, you will cause the router to translate packets that should not be translated which will lead to various problems such as not being able to telnet in or high cpu. You should specify which subnets you want to translate.

If you console into your router, change the acl from permit any to permit x.x.x.x, then clear the nat table, you will then be able to telnet into your router.

Thanks for the wonderful advise.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: