Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN+FW Needs SSH to WAN and Telnet to Lan

I need to allow ssh to the Wan Interface of a 1750 and allow telnet to the Lan Interface. I have IOS w/Security (FW+VPN) installed and have created a tunnel and set up firewalling between 2 1750's. I Can Ping and Use Resources on each remote network but can only access router at the Lan Interface via SSH. Need to be able to access a remote router via the Lan interface through the tunnel via telnet as well as copy the startup config from a remote router back to a tftp server. Any help would be appreciated. Current access lists are as follows:

interface Ethernet0

description connected to Internet

ip address

ip access-group 102 in


crypto map cm-cryptomap


interface FastEthernet0

description connected to EthernetLAN_1

ip address 64.x.x.x x.x.x.x

ip access-group 101 in

ip inspect FastEthernet_0 in

speed auto


router eigrp 100

network 64.x.x.x x.x.x.x


no auto-summary

no eigrp log-neighbor-changes


ip kerberos source-interface any

ip classless

ip route Ethernet0

no ip http server


access-list 100 permit ip 64.x.x.x x.x.x.x 64.x.x.x x.x.x.x

access-list 101 permit ip any any

access-list 102 permit udp host host eq isakmp

access-list 102 permit ahp host host

access-list 102 permit esp host host

access-list 102 permit ip 64.x.x.x x.x.x.x 64.x.x.x x.x.x.x


Jerry Roy

New Member

Re: VPN+FW Needs SSH to WAN and Telnet to Lan

Looking at the information you’ve provided it looks good to me. I think Cisco is going to need to troubleshoot it with you.

CreatePlease login to create content