cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

410
Views
5
Helpful
3
Replies
Beginner

ISE 2.4 telnet not supported

Hi all,

is there any reason why I don't see telnet as option on ISE 2.4? Do I need to enable somewhere as feature?

It's really annoying if you want to test some connections from ISE. I have ACS 5.8 and telnet is there.

 

ise02/admin# t?
tech terminal traceroute

 

Version:

 

Cisco Identity Services Engine
---------------------------------------------
Version : 2.4.0.357
Build Date : Thu Mar 22 20:01:26 2018
Install Date : Thu Dec 20 23:15:50 2018

Cisco Identity Services Engine Patch
---------------------------------------------
Version : 10
Install Date : Thu Nov 07 23:41:04 2019

 

Thanks,

N

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advocate

Re: ISE 2.4 telnet not supported

Hi @nenadl 

 

I have bemoaned the removal of this useful command some time ago. As you say, it used to exist in ACS but I have not seen it since ISE 2.2. ACS also had a useful tcpdump command that you can add to your list of commands you'll miss in ISE, not to mention the primitive reporting capabilities in ISE (versus ACS's report generator). 

 

Telnet is not an evil command. It's a very useful command to test the presence of TCP ports in remote hosts. Running a telnet daemon, on the other hand, is not so clever these days. I think whoever removed the telnet command didn't fully grasp the difference.

 

You could ask to have it included again in a future ISE release.

View solution in original post

3 REPLIES 3
Highlighted
VIP Advocate

Re: ISE 2.4 telnet not supported

Hi @nenadl 

 

I have bemoaned the removal of this useful command some time ago. As you say, it used to exist in ACS but I have not seen it since ISE 2.2. ACS also had a useful tcpdump command that you can add to your list of commands you'll miss in ISE, not to mention the primitive reporting capabilities in ISE (versus ACS's report generator). 

 

Telnet is not an evil command. It's a very useful command to test the presence of TCP ports in remote hosts. Running a telnet daemon, on the other hand, is not so clever these days. I think whoever removed the telnet command didn't fully grasp the difference.

 

You could ask to have it included again in a future ISE release.

View solution in original post

Beginner

Re: ISE 2.4 telnet not supported

Hi @Arne Bier,

thanks for replying. Didn‘t know they removed telnet, for me unnecessary but this is how it is.

For TCP dump there is option from GIU where you can specify on which node (if you have deployment) and choose on which interface you want to run it. You  can also specify some filters what is interested for you and open file in Wireshark. I used it couple of times and works very well, helped me for troubleshooting.

 

Regards,

Nenad

VIP Advocate

Re: ISE 2.4 telnet not supported

Sure, the tcpdump is available via the GUI and it's ok for doing one node at a time. If you have anything more complex and you're trying to capture on more than one node at a time then you can't do this in ISE. Hence, why ACS CLI tcpdump was so useful. Case in point, when using a load balancer and you want to capture traffic on x number of PSNs ... you have no idea where the load balancer will send the traffic.