02-23-2007 10:30 AM - edited 03-09-2019 05:27 PM
I have 2 PIX 515E the sh ver info is below. VirtualTelent session just hangs when I try to connect. It doesn't even prompt me for a user name/pwd. I deleted and re-created the VirtualTelnet intf and user id/pwd that we are suppose to use w/ cut-thru proxy...Still I can't even get a user id/pwd prompt....Logging doesn't show a whole lot...only session tries to start and then nothing...I'm starting to think it's a IOS revision issue...Any ideas would be greatly appreciaited... Thanks in Advance...
Cisco PIX Firewall Version 6.3(4)
Cisco PIX Device Manager Version 3.0(4)
Compiled on Fri 02-Jul-04 00:07 by morlee
PFW015 up 198 days 0 hours
Hardware: PIX-515E, 32 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0x300, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB
0: ethernet0: address is 0012.dac4.d901, irq 10
1: ethernet1: address is 0012.dac4.d902, irq 11
2: ethernet2: address is 00e0.b605.678b, irq 11
Licensed Features:
Failover: Disabled
VPN-DES: Enabled
VPN-3DES-AES: Enabled
Maximum Physical Interfaces: 3
Maximum Interfaces: 5
Cut-through Proxy: Enabled
Guards: Enabled
URL-filtering: Enabled
Inside Hosts: Unlimited
Throughput: Unlimited
IKE peers: Unlimited
This PIX has a Restricted (R) license.
02-23-2007 12:39 PM
Hi,
Relevant config will help.
Off the head one thing comes to mind .. If the aaa server is not reachable you will not get the username prompt.
Regards,
Vivek
03-22-2007 06:45 AM
AAA server is ping from firewall....
Here are my AAA ACLs:
access-list outside_authentication_LOCAL deny tcp any object-group ncplyavpsql10_ref eq www
access-list outside_authentication_LOCAL deny tcp object-group AP_Support object-group PCN_LAN_ref
access-list outside_authentication_LOCAL deny tcp object-group SQL_Servers object-group ncplyavpsql10_ref
access-list outside_authentication_LOCAL deny tcp object-group Domain_controllers object-group PCN_LAN_ref
access-list outside_authentication_LOCAL deny tcp any any
access-list outside_authorization_TACACS+ permit tcp any object-group RDP_Services object-group ncplyavpsql10_ref object-group RDP_Services
access-list outside_authorization_TACACS+ deny tcp object-group Lucidyne_VPN any
access-list outside_authentication_TACACS+ deny tcp object-group Lucidyne_VPN any
access-list outside_authentication_TACACS+ permit tcp any object-group VirtualTelnet_ref eq telnet
Virtual Telnet is active:
virtual telnet VirtualTelnet
What else do you need to see.....?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: