04-26-2011 11:41 PM - edited 03-11-2019 01:25 PM
Hello Folks
i m trying to telnet to my asa 5510 from the core swith,however i received the below msg,how enable it?
172.30.1.100 is the inside interface of the asa
CITYCORE#telnet 172.30.1.100
Trying 172.30.1.100 ...
% Connection refused by remote host
CITYCORE#
04-26-2011 11:57 PM
You might want to check if telnet has been enabled on the ASA inside interface, and if the core switch IP Address has been added as telnet client.
You can check by issueing: sh run telnet
You should see the IP Address of the core switch, or a more generic subnet that the core switch belongs enabled for telnet on the inside interface.
04-27-2011 10:50 AM
Hi Halim
what do u mean by the below ?
and if the core switch IP Address has been added as telnet client
04-27-2011 11:09 AM
Hi,
and if the core switch IP Address has been added as telnet client
if telnet has been enabled on inside interface then sh run telnet will give you a result like this: telnet x.x.x.x y.y.y.y inside
where x.x.x.x is subnet and y.y.y.y subnet mask telling which IPs can telnet on inside interface
Regards.
Alain.
04-10-2020 05:05 PM - edited 04-10-2020 05:09 PM
TCP is allowed by defatult on ASA.
ICMP (Ping is not allowed by default)
Please see the topolgy
i can ping all the devices from ASA,
when i m trying to telnet from R1 to R2 its not going through ASA.
R1#telnet 150.1.20.2
Trying 150.1.20.2 ...
% Connection refused by remote host
R2
!
line con 0
logging synchronous
line aux 0
line vty 0 4
exec-timeout 15 0
password cisco
login
transport input none
!
Much Appricated your kind and quick response
Many many thanks in advance
06-24-2020 02:37 AM
Same Error i am also getting in eve-ng is there any solution on this
04-27-2011 06:16 PM
The command on the ASA would be:
telnet
This will allow the core switch to telnet to the ASA on the inside interface.
04-27-2011 09:57 PM
hi folks
I m trying to telne tfor the core switch witch exists in other site to asa 5510 exist in other site,means the the core and the asa aren't in the same same subnet
04-27-2011 10:12 PM
Do you mean that there is site-to-site VPN tunnel between the 2 sites, and you are trying to telnet to the inside interface of the ASA on the remote site from the core switch?
There are a few things that need to be checked to allow that access if it is connected as per the above description.
Can you share the core switch ip address as well as the configuration from both ASA?
04-28-2011 12:01 AM
Hi Halim
i have the same as you mentioned
Do you mean that there is site-to-site VPN tunnel between the 2 sites, and you are trying to telnet to the inside interface of the ASA on the remote site from the core switch?
04-28-2011 09:35 PM
On the remote ASA that you are trying to telnet to, you would need to add the following command:
management-access inside
telnet
Also, your local ASA where the core switch is connected needs to allow the telnet connection through to the remote ASA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide