cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

2367
Views
5
Helpful
7
Replies
Highlighted
Beginner

Unable to telnet from outside Cisco 877

Hi,

I am facing an issue with a cisco 877 router. I am not able to telnet to this router from outside using the public IP. I have also notices this works when the Nat is removed.

Config file is attached for reference.

Appreciate if anyone can suggest the solution to it.

Faizal

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions

Unable to telnet from outside Cisco 877

Hi Faizal,

You don't need to use that route map for the NAT, just use the ACL. In the ACL I can see a permit any that you should not use with NAT(Cisco doesn't recomment using permit any with NAT as it consumes to much resouces). Please specify the range of ip that you want to use NAT. I think that is why you cannot telnet from outside only if you disable NAT.

Please let me know if this worked.

Take care,

PaulC

View solution in original post

7 REPLIES 7
VIP Mentor

Re: Unable to telnet from outside Cisco 877

Hi Faizal,

Can you ping it ?

Can you traceroute to it.

Can u telnet from inside?

Do you have a route to get out of your home network?

Try with this:  ip route 0.0.0.0 0.0.0.0

Regards

Please rate if it helps.      

Beginner

Unable to telnet from outside Cisco 877

Hi Sandeep,

Yes, I can ping it from outside, I can traceroute to it from outiside and also telnet is working from inside.

There is a default to route to go outside.

Faizal

VIP Mentor

Unable to telnet from outside Cisco 877

In your ACL NAT_ACL please  change:

permit ip any any to:

permit ip 192.168.12.0 0.0.0.255 any

and then try??

Regards

Please rate if it helps.

Unable to telnet from outside Cisco 877

Hi Faizal,

You don't need to use that route map for the NAT, just use the ACL. In the ACL I can see a permit any that you should not use with NAT(Cisco doesn't recomment using permit any with NAT as it consumes to much resouces). Please specify the range of ip that you want to use NAT. I think that is why you cannot telnet from outside only if you disable NAT.

Please let me know if this worked.

Take care,

PaulC

View solution in original post

Beginner

Unable to telnet from outside Cisco 877

Alessio,

this line:

          ip access-list 101 permit tcp 192.168.12.0 0.0.0.255 host 91.72.59.154 eq 23

is redundant when it follows this line:

          ip access-list 101 permit ip 192.168.12.0 0.0.0.255 host 91.72.59.154

because "permit ip" includes tcp, udp and icmp.

Contributor

Re: Unable to telnet from outside Cisco 877

ip access-list extended VPN_TRAFFIC

permit ip 192.168.12.0 0.0.0.255 host 91.72.59.154

did you try to add that?

By the way you should do something different:

ip access-list 101 permit ip 192.168.12.0 0.0.0.255 host 91.72.59.154

ip access-list 101 permit tcp      192.168.12.0 0.0.0.255 host 91.72.59.154 eq 23

line vty 0 4

ip access-class 101 in

Let me know

Alessio

Beginner

Unable to telnet from outside Cisco 877

Had this same issue. Resolved it by removing the ACL statement

permit ip any any

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here