SSH Problem Incoming

Discussion in 'Cisco' started by Fred Atkinson, Apr 30, 2011.

  1. I have telnet blocked for management access on my Cisco 871
    SOHO router.

    From inside my network, I use Putty.exe to access the user
    interface. When I access it, I first get a prompt for my user name
    and then my password (I am using login local).

    From outside my network, if you use Putty.exe to access the
    user interface, you immediately get a password prompt (no prompt for a
    user ID).

    I can't seem to figure out why this is happening.

    Does anyone have any educated guesses?




    Fred
     
    Fred Atkinson, Apr 30, 2011
    #1
    1. Advertising

  2. On 30 Apr 2011 12:58:20 +1200, "Peter" <> wrote:

    >Hi Fred,
    >
    >> I have telnet blocked for management access on my Cisco 871
    >> SOHO router.
    >>
    >> From inside my network, I use Putty.exe to access the user
    >> interface. When I access it, I first get a prompt for my user name
    >> and then my password (I am using login local).
    >>
    >> From outside my network, if you use Putty.exe to access the
    >> user interface, you immediately get a password prompt (no prompt for a
    >> user ID).
    >>
    >> I can't seem to figure out why this is happening.

    >
    >This is because of different access Points in your Cisco Device.
    >Console access is local to the device trough the CON port of the
    >device, while Telnet is though the VTY Port. If you look at each of
    >those you will see why this is happening. My guess is that you have
    >set up security for your CONSOLE port but not your VTY port.
    >
    >Cheers......................pk.


    Thanks for the response but no.

    I checked that. I have 'login local' on both the vty and the
    con port.

    Regards,




    Fred
     
    Fred Atkinson, Apr 30, 2011
    #2
    1. Advertising

  3. Fred Atkinson

    Geatz

    Joined:
    Nov 6, 2007
    Messages:
    6
    Can you post your config?
     
    Geatz, May 3, 2011
    #3
  4. On 2 May 2011 16:12:07 +1200, "Peter" <> wrote:

    >Hi Fred,
    >
    >On Sat, 30 Apr 2011 01:58:18 UTC, Fred Atkinson
    ><> wrote:
    >
    >> On 30 Apr 2011 12:58:20 +1200, "Peter" <> wrote:
    >>
    >> >Hi Fred,
    >> >
    >> >> I have telnet blocked for management access on my Cisco 871
    >> >> SOHO router.
    >> >>
    >> >> From inside my network, I use Putty.exe to access the user
    >> >> interface. When I access it, I first get a prompt for my user name
    >> >> and then my password (I am using login local).
    >> >>
    >> >> From outside my network, if you use Putty.exe to access the
    >> >> user interface, you immediately get a password prompt (no prompt for a
    >> >> user ID).
    >> >>
    >> >> I can't seem to figure out why this is happening.
    >> >
    >> >This is because of different access Points in your Cisco Device.
    >> >Console access is local to the device trough the CON port of the
    >> >device, while Telnet is though the VTY Port. If you look at each of
    >> >those you will see why this is happening. My guess is that you have
    >> >set up security for your CONSOLE port but not your VTY port.
    >> >
    >> >Cheers......................pk.

    >>
    >> Thanks for the response but no.
    >>
    >> I checked that. I have 'login local' on both the vty and the
    >> con port.
    >>
    >> Regards,

    >
    >Can you post the current configs for the USERNAME, CONSOLE and VTY
    >ports please. Please ensure the Passwords are hidden. Here is a sample
    >of the partial configs from my Cisco 827 here at home. EG: -
    >
    >username peter privilege 15 password xxxxxxxx
    >
    >and
    >
    >access-list 120 permit tcp a.b.c.d 0.0.0.255 any
    >access-list 120 deny tcp any any range 0 65535 log
    >access-list 120 deny ip any any log
    >
    >line con 0
    > exec-timeout 15 0
    > password xxxxxxxx
    > stopbits 1
    >line vty 0 4
    > access-class 120 in
    > exec-timeout 15 0
    > password xxxxxxxx
    > transport input telnet ssh
    >!
    >
    >Using this I can access the device via its console port or via
    >TELNET/SSH
    >
    >Note that I have TELNET/SSH disabled outbound from the Router, IE it
    >ony lallows inbound acess. ACL 120 ensures that the Source is from my
    >Local LAN and nowhere else. It logs all other attempts.
    >
    >Cheers.................pk.


    Peter,

    It was finally got it resolved though I'm still not sure how the
    problem cleared.

    Thanks for your response.



    Fred
     
    Fred Atkinson, May 8, 2011
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Gelavis
    Replies:
    0
    Views:
    421
    John Gelavis
    Nov 27, 2003
  2. Mr Ping

    Ssh problem on a pix 501

    Mr Ping, Dec 18, 2004, in forum: Cisco
    Replies:
    9
    Views:
    4,353
    Mr Ping
    Dec 19, 2004
  3. Michael Bower
    Replies:
    3
    Views:
    4,593
    beenthere
    Oct 1, 2006
  4. Exclusive

    SSH login problem

    Exclusive, Dec 3, 2007, in forum: Cisco
    Replies:
    1
    Views:
    494
    Trendkill
    Dec 3, 2007
  5. Matthew Poole

    Problem tunneling ICQ over SSH

    Matthew Poole, Nov 4, 2004, in forum: NZ Computing
    Replies:
    1
    Views:
    482
    Oliver Pfeiffer
    Nov 23, 2004
Loading...

Share This Page