Solved: Re: Cisco Router login Problem

prince.p · ‎02-21-2018

Hi friends

in cisco 2911 series router. i cant able to login in one of the router interface GigabitEthernet0/0

we have configured service provider wan IP address in Gigabit Ethernet 0/0 and in Gigabit Ethernet 0/1 we connected wan interface for our firewall.

while trying to login with interface Gigabit Ethernet 0/0 ip address its showing following error

telnet 182.7*.*.**
Connecting To 182.7*.*.**...Could not open connection to the host, on port 23: Connect failed.

but i can able to login with remaining two interfaces .

can anyone help me to solve the issue

below i attached my router configuration

Tri#show interfaces
Embedded-Service-Engine0/0 is administratively down, line protocol is down
Hardware is Embedded Service Engine, address is 0000.0000.0000 (bia 0000.0000.
MTU 1500 bytes, BW 10000 Kbit/sec, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/64/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
GigabitEthernet0/0 is up, line protocol is up
Hardware is CN Gigabit Ethernet, address is 649e.f37b.2bd8 (bia 649e.f37b.2bd8
Description: #WAN_INTERFACE#
Internet address is 182.7*.*.**/30
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 5/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full Duplex, 1Gbps, media type is RJ45
output flow-control is XON, input flow-control is XON
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/39709 (size/max/drops/flushes); Total output drops: 5856
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 21343000 bits/sec, 2241 packets/sec
5 minute output rate 1641000 bits/sec, 1767 packets/sec
2756139770 packets input, 3331177013 bytes, 0 no buffer
Received 15046 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
2 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
1816945313 packets output, 2270316001 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
16 lost carrier, 0 no carrier, 16261 pause output
0 output buffer failures, 0 output buffers swapped out
GigabitEthernet0/1 is up, line protocol is up
Hardware is CN Gigabit Ethernet, address is 649e.f37b.2bd9 (bia 649e.f37b.2bd9
Description: #firewall Primary WAN#
Internet address is 182.74.2**.***/28
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 5/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full Duplex, 1Gbps, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 1072
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1646000 bits/sec, 1765 packets/sec
5 minute output rate 21340000 bits/sec, 2242 packets/sec
1799117409 packets input, 456836609 bytes, 0 no buffer
Received 3469 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 249 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
2744062508 packets output, 1001560227 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
14 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
GigabitEthernet0/2 is down, line protocol is down
Hardware is CN Gigabit Ethernet, address is 649e.f37b.2bda (bia 649e.f37b.2bda
Internet address is 172.27.***.*/16
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto Duplex, Auto Speed, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 0 multicast, 0 pause input
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
1 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out
Loopback0 is up, line protocol is up
Hardware is Loopback
Internet address is 172.28.2**.*/24
MTU 1514 bytes, BW 8000000 Kbit/sec, DLY 5000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation LOOPBACK, loopback not set
Keepalive set (10 sec)
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
NVI0 is up, line protocol is up
Hardware is NVI
Interface is unnumbered. Using address of GigabitEthernet0/2 (172.27.2**.*)
MTU 1514 bytes, BW 56 Kbit/sec, DLY 5000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation UNKNOWN, loopback not set
Keepalive set (10 sec)
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

Georg Pauwen · ‎02-23-2018

Hello,

can you traceroute to the IP address you are trying to reach through Telnet ? I have a feeling that the problem is at your source. Where are you trying to telnet from, a PC, laptop, another router ?

View solution in original post

Seb Rupik · ‎02-21-2018

Hi there,

Please can you supply the entire running config of the router?

cheers,

Seb.

prince.p · ‎02-22-2018

i can able to login with other two interface . only in interface GigabitEthernet0/0 i cannot login with telnet

Tri#show run
Building configuration...

Current configuration : 2147 bytes
!
! No configuration change since last restart
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Tri
!
boot-start-marker
boot-end-marker
!
!
enable secret 5
enable password
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.27.2**.* 172.27.2**.**
!
ip dhcp pool Voice
network 172.27.2**.* 255.255.255.***
dns-server ******
default-router 172.27.2**.*
!
!
ip name-server 4.****
ultilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9 sn FG********
!
!
username ***** privilege 15 password
username ****** privilege 15 password
username ****** privilege 15 password
!
!
!
!
!
!
interface Loopback0
ip address 172.28.2**.* 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description #WAN_INTERFACE#
ip address 182.7*.*.** 255.255.255.252
ip accounting output-packets
ip accounting mac-address output
ip flow ingress
ip flow egress
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description #firewall Primary WAN#
ip address 182.74.2**.*** 255.255.255.2**
ip accounting output-packets
ip flow ingress
ip flow egress
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address 172.27.2**.* 255.255.0.0
ip accounting output-packets
ip flow ingress
ip flow egress
ip nat inside
ip nat enable
ip virtual-reassembly in
duplex auto
speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 182.7*.*.9**
!
!
!
!
control-plane
!
!
!
line con 0
password
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password 7
login local
transport input all
!
scheduler allocate 20000 1000

Georg Pauwen · ‎02-22-2018

Hello,

GigabitEthernet0/0 has a public IP address and is directly connected to your ISP, right ? And GIgabitEthernet0/1 is connected to your firewall with...another public IP ? Which two interfaces let you successfully establish a TELNET connection ? GigabitEthernet0/1 and 0/2, or the loopback interface ?

At the very least, your NAT configuration is partial and won't work...

prince.p · ‎02-22-2018

yes .you are right. till last week i can able to login using both the WAN interface ip address . but sudden today when i check i cannot able to login with interface 0/0

Richard Burts · ‎02-22-2018

Your hiding addresses makes it difficult to keep track of what is going on and which interface is doing what. For example it is difficult to know where your default route is pointing.

I do not see anything in this config that would treat telnet requests differently. So I am wondering if it might be some routing problem or some policy issue. Are you able to ping to the G0/0 address from the host where you are attempting telnet? Is it possible that the provider has implemented some policy to prevent telnet to addresses in subnets where they are directly connected?

One thing to do would be to turn on debug and see if there is debug output when you attempt to telnet. This would verify whether the telnet request is getting to your router.

HTH

Rick

HTH

Rick

johnlloyd_13 · ‎02-22-2018

hi,

from which source IP or network are you trying to telnet?

was there any recent change in your network?

can you post a traceroute from the source machine or server you've telnet?

prince.p · ‎02-22-2018

i tried to to login with internal and external IP address . i can able to ping the IP address of gi 0/0.but it is not allowing me to login with the interface IP address using telnet. till last week it i can able to login with that interface .

in the gi 0/0 i observe there is two input error. so whether it will be the problem for not login in telnet or some other issue in router.

Gateway of last resort is 182.75.8.87 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 182.75.8.87

other end of the gi0/0 is connected with service provider router.

Georg Pauwen · ‎02-23-2018

Hello,

can you traceroute to the IP address you are trying to reach through Telnet ? I have a feeling that the problem is at your source. Where are you trying to telnet from, a PC, laptop, another router ?

prince.p · ‎02-23-2018

thanks for your response. now i found the issue. the issue is in my laptop. i can able to access router in different laptop.

thanks for all

prince.p · ‎02-23-2018

thanks for your response. now i found the issue. the issue is in my laptop. i can able to access router in different laptop

Richard Burts · ‎02-23-2018

Thanks for posting back to the forum and letting us know that the problem was on your laptop and not a configuration problem on the router. When things do not work as expected we tend to start with an assumption that there is a problem on our router. This serves as a good lesson that we should be aware of the possibility that the problem is something other than our router.

HTH

Rick

HTH

Rick