cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1653
Views
0
Helpful
26
Replies

remote

pcfreak49
Level 1
Level 1

hello I small problems I Cisco router 800 serials now I remote wants work by means of SSH and telnet now are my question how can you this do?

who can help me

4 Accepted Solutions

Accepted Solutions

Jennifer Halim
Cisco Employee
Cisco Employee

You should be able to telnet to the router on the WAN/external ip address remotely if telnet is not disabled.

For SSH, you have to generate RSA keypair before you can SSH to the router. Here is the sample configuration for SSH:

http://www.cisco.com/en/US/customer/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

Hope that helps.

View solution in original post

sorry, i don't quite understand what you mean.

Telnet locally works, however, telnet from external is timing out?

Are you getting the password prompt when you try to telnet from external? If not, then there is probably access-list on the interface that blocks telnet, OR/ under "line vty", it's only allowing internal address range.

View solution in original post

do you have a copy of the router configuration? I can check and let you know what to add/change.

View solution in original post

I don't understand what you mean.

View solution in original post

26 Replies 26

Jennifer Halim
Cisco Employee
Cisco Employee

You should be able to telnet to the router on the WAN/external ip address remotely if telnet is not disabled.

For SSH, you have to generate RSA keypair before you can SSH to the router. Here is the sample configuration for SSH:

http://www.cisco.com/en/US/customer/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

Hope that helps.

no telnet are not disabled. because is possible inlogen local but externally succeed that because krijg time out must there sometimes something to fit become?

sorry, i don't quite understand what you mean.

Telnet locally works, however, telnet from external is timing out?

Are you getting the password prompt when you try to telnet from external? If not, then there is probably access-list on the interface that blocks telnet, OR/ under "line vty", it's only allowing internal address range.

yes that is correct telnet local works but externally does not work it how can you that access trick make for telnet?

kind regards

do you have a copy of the router configuration? I can check and let you know what to add/change.

yes I have copy of running-config

possible you is something lets know what be adapted there must?

OK, base on the configuration, you have ZBFW (Zone Base Firewall) configured. Hence you would need to allow the traffic between out-zone and self-zone.

Here is what you would need to configure to allow telnet access:

class-map type inspect match-any telnet-class
    match protocol telnet


policy-map type inspect ccp-permit
    class type inspect telnet-class
        inspect

Hope that helps.

yes it works external telnet cordial thanks

do you know sometimes how that with SSH also are possible?

kind regards

Sure, for SSH just add this:

class-map type inspect match-any telnet-class
    match protocol ssh

there does this have still something changes become?

kind regards

You would also need to generate the RSA keypair: crypo key generate rsa

You also need to use SSH Client software (eg: Putty, SecureCRT) to SSH to the router.

those RSA key I have produced and used putty must still something change become?

kind regards

Mmmm.. where does it break?

Are you able to telnet on port 22?

Are you prompted for username and password?

Or the connection just hang?

Can you share the latest configuration again pls.

yes that is no problem this is new running-config

I have telnet geprobeert as from another isp and then work

mvg

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: