Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
882
Views
0
Helpful
4
Replies

Simple Telnet question on ASA

Go to solution
AQUALUNGAMERICA
Level 1
Level 1

‎04-03-2013 03:17 PM - edited ‎03-11-2019 06:23 PM

On an ASA Firewall, I am using 8.4(5). Is Telnet disabled by default? I only want to use SSH from an inside interface which I know how to configure using the AAA command and establishing an RSA Modulus key.

Thank you

Carlos                  

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎04-03-2013 03:21 PM

Hi,

To my understanding the Telnet isnt allowed by default.

But more importantly there is a very specific limitation related to its use that applys always.

You CANT use telnet on the "outside" interface with "security-level 0" UNLESS that Telnet connection is coming inside a VPN connection (VPN  Client or L2L VPN)

This limitation is because unlike SSH, Telnet naturally aint secure by itself.

- Jouni

View solution in original post

0 Helpful

Go to solution
jocamare
Level 4
Level 4

‎04-03-2013 03:21 PM

Telnet and SSH disabled by default.

So, rest assured, you can just enable SSH and telnet will remain disabled.

View solution in original post

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to AQUALUNGAMERICA

‎04-03-2013 03:28 PM

No problem,

Please mark the question as answered or ask more if needed

- Jouni

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎04-03-2013 03:21 PM

Hi,

To my understanding the Telnet isnt allowed by default.

But more importantly there is a very specific limitation related to its use that applys always.

You CANT use telnet on the "outside" interface with "security-level 0" UNLESS that Telnet connection is coming inside a VPN connection (VPN  Client or L2L VPN)

This limitation is because unlike SSH, Telnet naturally aint secure by itself.

- Jouni

0 Helpful

Go to solution
AQUALUNGAMERICA
Level 1
Level 1
In response to Jouni Forss

‎04-03-2013 03:24 PM

Jouni,

Thank you for the reply and the lesson. Much appreciated.

0 Helpful

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni
In response to AQUALUNGAMERICA

‎04-03-2013 03:28 PM

No problem,

Please mark the question as answered or ask more if needed

- Jouni

0 Helpful

Go to solution
jocamare
Level 4
Level 4

‎04-03-2013 03:21 PM

Telnet and SSH disabled by default.

So, rest assured, you can just enable SSH and telnet will remain disabled.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card