cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5380
Views
0
Helpful
9
Replies

Telnet problem .... am i being an idiot?

bradlesliect
Level 1
Level 1

Cannot remote telnet to a router.

telnet: Unable to connect to remote host: Connection refused

line vty 0 4

password <removed>

login

transport input telnet

!

what am i doing wronng? no access list on router. the router is completely open to all connections. its accepting pings but not telnet.

9 Replies 9

ankbhasi
Cisco Employee
Cisco Employee

Hi Brad,

Can you try to console into the router and then try to ping somewhere in your network through your router and see if you are able to telnet into the router?

Also can you update the IOS version you are running on your router?

I also believe that because there are only 5 VTY lines configured and no exec time out is configured so all 5 are already occupied and someone might have telnet to it and had not logged out.

Ankur

Brad

I believe that Ankur's first suggestion is especially helpful since it suggests the problem might be with IP connectivity. I think a test that is better than trying to access the console and do ping is to do ping from where you are trying the telnet. If you can ping the router it demonstrates IP connectivity to that particular address.

I am not sure why Ankur suggests updating IOS and am not aware of any problems with telnet that are IOS version specific.

I agree that Ankur's third suggestion is frequently a good idea to check when problems in telnetting to the router are concerned. If all the vty lines are busy it does produce the symptom of telnet failure. However if the config of the vty that was provided is complete and accurate then the vty have the default inactivity timeout of 10 minutes and this reduces the chances that all the vty are busy. The real way to check this is to access the router (via console?) and do show line. This will show whether the vty lines are busy.

The other thing that I would look for is an access list. The original post states that there are no access lists on the router. But I wonder whether there might be an access list or a firewall somewhere along the path that is denying the telnet.

HTH

Rick

HTH

Rick

Hey Rick,

Howdy!! The reason I asked for the IOS version on router is because there is a bug where the VTY lines get stuck in idle state and router does not allow the telnet connection.

So before posting the bug I thaught to get the IOS detail.

Regards,

Ankur

Ankur

That is interesting and I had not heard of this condition. Can you provide any specifics about it so that I can learn more about it?

HTH

Rick

HTH

Rick

Hi Rick,

CSCdz53602

Release-note:

The VTY lines are get stuck in idle state.

The VTY lines in idle state have to be manually cleared to free up for use.

Work Around: Clear the VTY lines manually when they are stuck in idle state

Regards,

Ankur

Hi Rick,

I can ping the router.

IOS should not be a problem.

As previously mentioned there are no other telnet sessions to the router. Will try and do the show line.

There is no access lists at all on the router. No firewall configured. Router is open to the world.

I'm still can't understand why this is happening ....

Hi Ankur,

I am running the latest GD release of IOS. There is no telnet sessions to the router. I am the only one trying to connect to it. Connecting via console is fine. I am able to ping the router IP from a remote location. This is a 837 router and its currently connected to the internet.

Something new I notices in the last post is that you indicate this is a internet router.

Are you running NAT on this router and do you get different results telneting from a machine on the inside to the router as you do from the internet.

You may also want to do a debug telnet command to see if it show anything interesting at all.

You could have a authentication issue if you have configured AAA incorrectly but you see a slightly different error.

telnet: Unable to connect to remote host: Connection refused

I found it blocked by ACL.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco