Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
610
Views
0
Helpful
2
Replies

ASA SSH/Telnet issue

patel.nishit
Level 1
Level 1

‎08-26-2009 12:30 AM - edited ‎02-21-2020 03:38 AM

I'm running code 8.2(1) on both devices

I can confirm that the problem is reproducible

I can restore telnet and ssh access by removing and re-adding the relevant lines in in the config (via the ADSM CLI interface)

e.g.:

no telnet <subnet> <mask> INSIDE

telnet <subnet> <mask> INSIDE

With this config saved, I reload the current active router, causing the other device to become active, and the same problem occurs. I cant get back in to the new active device on telnet or SSH.

ASDM is fine, and I can verify that the commands that should exist, do exist in the configuration by checking the ADSM CLI interface

if I remove them and re add them through the same ASDM CLI interface, I can get back in again

0 Helpful
2 Replies 2

umedryk
Level 5
Level 5

‎09-01-2009 07:55 AM

You can enable Telnet to the security appliance on all interfaces. However, the security appliance enforces that all Telnet traffic to the outside interface be protected by IPsec. In order to enable a Telnet session to the outside interface, configure IPsec on the outside interface to include IP traffic that is generated by the security appliance and enable Telnet on the outside interface.

Note: In general, if any interface that has a security level of 0 or lower than any other interface, then PIX/ASA does not allow Telnet to that interface.

Note: It is not recommended to access the security appliance through a Telnet session. The authentication credential information, such as password, is sent as clear text. The Telnet server and client communication happens only with the clear text. Cisco recommends to use SSH for a more secured data communication.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml#telnet

0 Helpful

hfma_hk09
Level 1
Level 1

‎09-03-2009 12:43 AM

Hi Patel,

I have the same problem also. But the different is I can't telnet or using ASDM CLI to configure the PIX. It seems related to telnet demon problem. Also I have already tried enter:

no telnet INSIDE

telnet INSIDE

But the result is failed. Any people has the same issue and how can fix it?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card