Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
576
Views
0
Helpful
2
Replies

Accessing ASA firewall on its outside interface from the router using telnet/ssh

Go to solution
net buzz
Level 1
Level 1

‎02-15-2011 06:17 AM - edited ‎03-11-2019 12:50 PM

Hi!

I have been trying to access the ASA firewall on its outside interface by telneting from the router.

I have used the following command on the ASA:

telnet 10.0.0.1 255.255.255.255 outside

where 10.0.0.1 is the ip address of the router LAN interface.

I can ping the ASA outside interface from the router.

When I try to telnet, the result is as follows:

Router#telnet 10.0.0.10
Trying 10.0.0.10 … Open

Problem is that I do not get access to the console.

Is there a solution for this?

Please see the attached topology.

Thanks and regards,

Alvin

Labels:
Preview file
54 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andamani
Cisco Employee
Cisco Employee

‎02-15-2011 08:04 AM

Hi Alvin,

To add to Fredrico's saying, the following link will give you details of SSH and telnet on ASA

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml#telnet

The link clearly states:

Note: In general, if any interface that has  a security level of 0 or lower than any other interface, then PIX/ASA  does not allow Telnet to that interface.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎02-15-2011 07:08 AM

Hi,

The ASA is not going to accept telnet connections on its outside interface (even if you allow it).

The ASA will only accept SSH connections.

The only way to telnet to the outside interface of the ASA is to do it via a VPN tunnel.

Hope it helps.


Federico.

0 Helpful

Go to solution
andamani
Cisco Employee
Cisco Employee

‎02-15-2011 08:04 AM

Hi Alvin,

To add to Fredrico's saying, the following link will give you details of SSH and telnet on ASA

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml#telnet

The link clearly states:

Note: In general, if any interface that has  a security level of 0 or lower than any other interface, then PIX/ASA  does not allow Telnet to that interface.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card