Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
254
Views
0
Helpful
1
Replies

ASA 5510 with 8.2 not allowing Telnet and SSH traffic to behind Switch

v-abban12
Level 1
Level 1

‎12-30-2016 10:04 AM - edited ‎03-12-2019 01:43 AM

ASA 5510 with 8.2 not allowing Telnet and SSH traffic to behind Switch.

The source is private subnet from different DC to which firewall has VPN S2S tunnel. All the other traffic works fine.

Source(Server/Jumpbox) : 10.9.a.b and Destination backened Switch : 10.196.x.x

Jumpbox# telnet 10.196.x.x
Trying 10.196.x.x...
Connected to 10.196.x.x.
Escape character is '^]'.

In packet capturein inside interface of Firewall ASA 5510  shows that behind switch is sending the banner which I never receive :


   1: 17:34:2x.x36788 10.9.a.b.50820 > 10.196.x.x.23: S 3304720677:3304720677(0) win 14600 <mss 1380,sackOK,timestamp 3805771021 0,nop,wscale 7>
0x0000   4568 003c 57ee 4000 3906 8f6a 0a09 3c2d        Eh.<W.@.9..j..<-
0x0010   0ac4 0902 c684 0017 c4fa 0925 0000 0000        ...........%....
0x0020   a002 3908 c8ab 0000 0204 0564 0402 080a        ..9........d....
0x0030   e2d7 750d 0000 0000 0103 0307                  ..u.........
   2: 17:34:2x.x38299 10.196.x.x.23 > 10.9.a.b.50820: S 3131374043:3131374043(0) ack 3304720678 win 4128 <mss 1380>
0x0000   4568 002c 6977 4000 ff06 b7f0 0ac4 0902        Eh.,iw@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9db c4fa 0926        ..<-...........&
0x0020   6012 1020 e50d 0000 0204 0564                  `.. .......d
   3: 17:34:30.236193 10.9.a.b.50820 > 10.196.x.x.23: S 3304720677:3304720677(0) win 14600 <mss 1380,sackOK,timestamp 3805772021 0,nop,wscale 7>
0x0000   4568 003c 57ef 4000 3906 8f69 0a09 3c2d        Eh.<W.@.9..i..<-
0x0010   0ac4 0902 c684 0017 c4fa 0925 0000 0000        ...........%....
0x0020   a002 3908 c4c3 0000 0204 0564 0402 080a        ..9........d....
0x0030   e2d7 78f5 0000 0000 0103 0307                  ..x.........
   4: 17:34:30.242800 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720678 win 4128
0x0000   4500 0028 6978 4000 ff06 b85b 0ac4 0902        E..(ix@....[....
0x0010   0a09 3c2d 0017 c684 baa4 f9db c4fa 0926        ..<-...........&
0x0020   5010 1020 fc7b 0000                            P.. .{..
   5: 17:34:31.242007 10.196.x.x.23 > 10.9.a.b.50820: S 3131374043:3131374043(0) ack 3304720678 win 4128 <mss 1380>
0x0000   4500 002c 6977 4000 ff06 b858 0ac4 0902        E..,iw@....X....
0x0010   0a09 3c2d 0017 c684 baa4 f9db c4fa 0926        ..<-...........&
0x0020   6012 1020 e50d 0000 0204 0564                  `.. .......d
   6: 17:34:31.371730 10.9.a.b.50820 > 10.196.x.x.23: . ack 3131374044 win 14600
0x0000   4568 0028 57f0 4000 3906 8f7c 0a09 3c2d        Eh.(W.@.9..|..<-
0x0010   0ac4 0902 c684 0017 c4fa 0926 baa4 f9dc        ...........&....
0x0020   5010 3908 d392 0000                            P.9.....
   7: 17:34:31.372112 10.9.a.b.50820 > 10.196.x.x.23: P 3304720678:3304720702(24) ack 3131374044 win 14600
0x0000   4568 0040 57f1 4000 3906 8f63 0a09 3c2d        Eh.@W.@.9..c..<-
0x0010   0ac4 0902 c684 0017 c4fa 0926 baa4 f9dc        ...........&....
0x0020   5018 3908 7721 0000 fffd 03ff fb18 fffb        P.9.w!..........
0x0030   1fff fb20 fffb 21ff fb22 fffb 27ff fd05        ... ..!.."..'...
   8: 17:34:31.373805 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720702 win 4104
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 093e        ..<-...........>
0x0020   5018 1008 e94a 0000 fffb 01ff fb03 fffd        P....J..........
0x0030   18ff fd1f                                      ....
   9: 17:34:31.376399 10.196.x.x.23 > 10.9.a.b.50820: . 3131374056:3131374616(560) ack 3304720702 win 4104
0x0000   45c0 0258 6979 4000 ff06 b56a 0ac4 0902        E..Xiy@....j....
0x0010   0a09 3c2d 0017 c684 baa4 f9e8 c4fa 093e        ..<-...........>
0x0020   5010 1008 2a89 0000 430d 0a2b 2d2d 2d2d        P...*...C..+----
0x0030   2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d        ----------------
0x0040   2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d        ----------------
0x0050   2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d        ----------------
0x0060   2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d        ----------------
0x0070   2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d 2d2d        ----------------
0x0080   2d2d 2d2b 0d0a 7c20 2020 2020 2020 2020        ---+..|        
0x0090   2020 2020 2020 2020 2020 2020 2020 2020                       
0x00a0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x00b0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x00c0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x00d0   2020 2020 2020 2020 2020 2020 2020 7c0d                      |.
0x00e0   0a7c 2020 2020 2020 2020 2020 2020 2020        .|             
0x00f0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0100   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0110   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0120   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0130   2020 2020 2020 2020 207c 0d0a 7c20 2a2a                 |..| **
0x0140   5741 524e 494e 472a 2a57 4152 4e49 4e47        WARNING**WARNING
0x0150   2a2a 5741 524e 494e 472a 2a57 4152 4e49        **WARNING**WARNI
0x0160   4e47 2a2a 2a2a 5741 524e 494e 472a 2a57        NG****WARNING**W
0x0170   4152 4e49 4e47 2a2a 5741 524e 494e 472a        ARNING**WARNING*
0x0180   2a57 4152 4e49 4e47 2a2a 5741 524e 494e        *WARNING**WARNIN
0x0190   472a 2a20 7c0d 0a7c 2020 2020 2020 2020        G** |..|       
0x01a0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x01b0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x01c0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x01d0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x01e0   2020 2020 2020 2020 2020 2020 2020 207c                       |
0x01f0   0d0a 7c20 5448 4953 2049 5320 4120 5245        ..| THIS IS A RE
0x0200   5354 5249 4354 4544 2044 4556 4943 4520        STRICTED DEVICE
0x0210   464f 5220 4155 5448 4f52 495a 4544 2055        FOR AUTHORIZED U
0x0220   5345 5253 204f 4e4c 592e 2055 5345 204f        SERS ONLY. USE O
0x0230   4620 5448 4953 2044 4556 4943 4520 2020        F THIS DEVICE  
0x0240   2020 2020 2020 2020 2020 7c0d 0a7c 2057                  |..| W
0x0250   4954 484f 5554 2041                            ITHOUT A
  10: 17:34:31.378016 10.196.x.x.23 > 10.9.a.b.50820: . 3131374616:3131375176(560) ack 3304720702 win 4104
0x0000   45c0 0258 697a 4000 ff06 b569 0ac4 0902        E..Xiz@....i....
0x0010   0a09 3c2d 0017 c684 baa4 fc18 c4fa 093e        ..<-...........>
0x0020   5010 1008 c083 0000 5554 484f 5249 5a41        P.......UTHORIZA
0x0030   5449 4f4e 2049 5320 5052 4f48 4942 4954        TION IS PROHIBIT
0x0040   4544 2e20 4259 2041 4343 4553 5349 4e47        ED. BY ACCESSING
0x0050   2054 4849 5320 4445 5649 4345 2059 4f55         THIS DEVICE YOU
0x0060   2041 5245 2020 2020 2020 2020 2020 2020         ARE           
0x0070   2020 2020 207c 0d0a 7c20 434f 4e53 454e             |..| CONSEN
0x0080   5449 4e47 2054 4f20 434f 4d50 4c45 5445        TING TO COMPLETE
0x0090   2020 4d4f 4e49 544f 5249 4e47 2057 4954          MONITORING WIT
0x00a0   4820 4e4f 2045 5850 4543 5441 5449 4f4e        H NO EXPECTATION
0x00b0   204f 4620 5052 4956 4143 592e 2055 4e41         OF PRIVACY. UNA
0x00c0   5554 484f 5249 5a45 4420 2020 2020 2020        UTHORIZED      
0x00d0   7c0d 0a7c 2041 4343 4553 5320 4f52 2055        |..| ACCESS OR U
0x00e0   5345 204d 4159 2053 5542 4a45 4354 2059        SE MAY SUBJECT Y
0x00f0   4f55 2054 4f20 4449 5343 4950 4c49 4e41        OU TO DISCIPLINA
0x0100   5259 2041 4354 494f 4e20 414e 4420 4352        RY ACTION AND CR
0x0110   494d 494e 414c 2050 524f 5345 4355 5449        IMINAL PROSECUTI
0x0120   4f4e 2e20 2020 2020 2020 207c 0d0a 7c20        ON.        |..|
0x0130   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0140   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0150   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0160   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0170   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0180   2020 2020 2020 7c0d 0a7c 202a 2a57 4152              |..| **WAR
0x0190   4e49 4e47 2a2a 5741 524e 494e 472a 2a57        NING**WARNING**W
0x01a0   4152 4e49 4e47 2a2a 5741 524e 494e 472a        ARNING**WARNING*
0x01b0   2a57 4152 4e49 4e47 2a2a 2a2a 5741 524e        *WARNING****WARN
0x01c0   494e 472a 2a57 4152 4e49 4e47 2a2a 5741        ING**WARNING**WA
0x01d0   524e 494e 472a 2a57 4152 4e49 4e47 2a2a        RNING**WARNING**
0x01e0   207c 0d0a 7c20 2020 2020 2020 2020 2020         |..|          
0x01f0   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0200   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0210   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0220   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0230   2020 2020 2020 2020 2020 2020 7c0d 0a7c                    |..|
0x0240   2020 2020 2020 2020 2020 2020 2020 2020                       
0x0250   2020 2020 2020 2020                                    
  11: 17:34:34.371456 10.9.a.b.50820 > 10.196.x.x.23: P 3304720678:3304720702(24) ack 3131374044 win 14600
0x0000   4568 0040 57f2 4000 3906 8f62 0a09 3c2d        Eh.@W.@.9..b..<-
0x0010   0ac4 0902 c684 0017 c4fa 0926 baa4 f9dc        ...........&....
0x0020   5018 3908 7721 0000 fffd 03ff fb18 fffb        P.9.w!..........
0x0030   1fff fb20 fffb 21ff fb22 fffb 27ff fd05        ... ..!.."..'...
  12: 17:34:34.371974 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720702 win 4104
0x0000   45c0 0028 697b 4000 ff06 b798 0ac4 0902        E..(i{@.........
0x0010   0a09 3c2d 0017 c684 baa4 fe48 c4fa 093e        ..<-.......H...>
0x0020   5010 1008 f80e 0000                            P.......
  13: 17:34:35.376689 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720702 win 4104
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 093e        ..<-...........>
0x0020   5018 1008 e94a 0000 fffb 01ff fb03 fffd        P....J..........
0x0030   18ff fd1f                                      ....
  14: 17:34:39.370845 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720702 win 4104
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 093e        ..<-...........>
0x0020   5018 1008 e94a 0000 fffb 01ff fb03 fffd        P....J..........
0x0030   18ff fd1f                                      ....
  15: 17:34:40.371501 10.9.a.b.50820 > 10.196.x.x.23: P 3304720678:3304720702(24) ack 3131374044 win 14600
0x0000   4568 0040 57f3 4000 3906 8f61 0a09 3c2d        Eh.@W.@.9..a..<-
0x0010   0ac4 0902 c684 0017 c4fa 0926 baa4 f9dc        ...........&....
0x0020   5018 3908 7721 0000 fffd 03ff fb18 fffb        P.9.w!..........
0x0030   1fff fb20 fffb 21ff fb22 fffb 27ff fd05        ... ..!.."..'...
  16: 17:34:40.385081 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720702 win 4104
0x0000   45c0 0028 6979 4000 ff06 b79a 0ac4 0902        E..(iy@.........
0x0010   0a09 3c2d 0017 c684 baa4 fe48 c4fa 093e        ..<-.......H...>
0x0020   5010 1008 f80e 0000                            P.......
  17: 17:34:47.381007 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720702 win 4104
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 093e        ..<-...........>
0x0020   5018 1008 e94a 0000 fffb 01ff fb03 fffd        P....J..........
0x0030   18ff fd1f                                      ....
  18: 17:34:52.372234 10.9.a.b.50820 > 10.196.x.x.23: P 3304720678:3304720702(24) ack 3131374044 win 14600
0x0000   4568 0040 57f4 4000 3906 8f60 0a09 3c2d        Eh.@W.@.9..`..<-
0x0010   0ac4 0902 c684 0017 c4fa 0926 baa4 f9dc        ...........&....
0x0020   5018 3908 7721 0000 fffd 03ff fb18 fffb        P.9.w!..........
0x0030   1fff fb20 fffb 21ff fb22 fffb 27ff fd05        ... ..!.."..'...
  19: 17:34:52.374034 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720702 win 4104
0x0000   45c0 0028 6979 4000 ff06 b79a 0ac4 0902        E..(iy@.........
0x0010   0a09 3c2d 0017 c684 baa4 fe48 c4fa 093e        ..<-.......H...>
0x0020   5010 1008 f80e 0000                            P.......
  20: 17:35:03.379725 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720702 win 4104
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 093e        ..<-...........>
0x0020   5018 1008 e94a 0000 fffb 01ff fb03 fffd        P....J..........
0x0030   18ff fd1f                                      ....
  21: 17:35:16.372646 10.9.a.b.50820 > 10.196.x.x.23: P 3304720678:3304720702(24) ack 3131374044 win 14600
0x0000   4568 0040 57f5 4000 3906 8f5f 0a09 3c2d        Eh.@W.@.9.._..<-
0x0010   0ac4 0902 c684 0017 c4fa 0926 baa4 f9dc        ...........&....
0x0020   5018 3908 7721 0000 fffd 03ff fb18 fffb        P.9.w!..........
0x0030   1fff fb20 fffb 21ff fb22 fffb 27ff fd05        ... ..!.."..'...
  22: 17:35:16.373576 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720702 win 4104
0x0000   45c0 0028 6979 4000 ff06 b79a 0ac4 0902        E..(iy@.........
0x0010   0a09 3c2d 0017 c684 baa4 fe48 c4fa 093e        ..<-.......H...>
0x0020   5010 1008 f80e 0000                            P.......
  23: 17:35:35.232928 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720702 win 4104
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 093e        ..<-...........>
0x0020   5018 1008 e94a 0000 fffb 01ff fb03 fffd        P....J..........
0x0030   18ff fd1f                                      ....
  24: 17:36:04.224933 10.9.a.b.50820 > 10.196.x.x.23: P 3304720678:3304720702(24) ack 3131374044 win 14600
0x0000   4568 0040 57f6 4000 3906 8f5e 0a09 3c2d        Eh.@W.@.9..^..<-
0x0010   0ac4 0902 c684 0017 c4fa 0926 baa4 f9dc        ...........&....
0x0020   5018 3908 7721 0000 fffd 03ff fb18 fffb        P.9.w!..........
0x0030   1fff fb20 fffb 21ff fb22 fffb 27ff fd05        ... ..!.."..'...
  25: 17:36:04.225482 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720702 win 4104
0x0000   45c0 0028 6979 4000 ff06 b79a 0ac4 0902        E..(iy@.........
0x0010   0a09 3c2d 0017 c684 baa4 fe48 c4fa 093e        ..<-.......H...>
0x0020   5010 1008 f80e 0000                            P.......
  26: 17:36:3x.x38833 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720702 win 4104
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 093e        ..<-...........>
0x0020   5018 1008 e94a 0000 fffb 01ff fb03 fffd        P....J..........
0x0030   18ff fd1f                                      ....
  27: 17:37:04.228473 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720701 win 4104
0x0000   45c0 0028 6979 4000 ff06 b79a 0ac4 0902        E..(iy@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9db c4fa 093d        ..<-...........=
0x0020   5010 1008 fc7c 0000                            P....|..
  28: 17:37:07.281769 10.9.a.b.50820 > 10.196.x.x.23: FP 3304720702:3304720707(5) ack 3131374044 win 14600
0x0000   4568 002d 57f7 4000 3906 8f70 0a09 3c2d        Eh.-W.@.9..p..<-
0x0010   0ac4 0902 c684 0017 c4fa 093e baa4 f9dc        ...........>....
0x0020   5019 3908 cd79 0000 fff4 fffd 06               P.9..y.......
  29: 17:37:07.283051 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720708 win 4104
0x0000   45c0 0028 697a 4000 ff06 b799 0ac4 0902        E..(iz@.........
0x0010   0a09 3c2d 0017 c684 baa4 fe48 c4fa 0944        ..<-.......H...D
0x0020   5010 1008 f808 0000                            P.......
  30: 17:37:07.483358 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720708 win 4099
0x0000   45c0 0028 697b 4000 ff06 b798 0ac4 0902        E..(i{@.........
0x0010   0a09 3c2d 0017 c684 baa4 fe48 c4fa 0944        ..<-.......H...D
0x0020   5010 1003 f80d 0000                            P.......
  31: 17:37:43.243075 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720708 win 4099
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 0944        ..<-...........D
0x0020   5018 1003 e949 0000 fffb 01ff fb03 fffd        P....I..........
0x0030   18ff fd1f                                      ....
  32: 17:38:07.284470 10.196.x.x.23 > 10.9.a.b.50820: . ack 3304720707 win 4099
0x0000   45c0 0028 6979 4000 ff06 b79a 0ac4 0902        E..(iy@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9db c4fa 0943        ..<-...........C
0x0020   5010 1003 fc7b 0000                            P....{..
  33: 17:38:47.246615 10.196.x.x.23 > 10.9.a.b.50820: P 3131374044:3131374056(12) ack 3304720708 win 4099
0x0000   45c0 0034 6978 4000 ff06 b78f 0ac4 0902        E..4ix@.........
0x0010   0a09 3c2d 0017 c684 baa4 f9dc c4fa 0944        ..<-...........D
0x0020   5018 1003 e949 0000 fffb 01ff fb03 fffd        P....I..........
0x0030   18ff fd1f                                      ....

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-31-2016 10:02 PM

Hard to say why without seeing the ASA configuration.

You should try a packet-trace and see what the output is:

packet-tracer input <interface where switch is> tcp 10.196.x.x 1025 10.9.a.b 23
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card