This post is more than 5 years old
4 Posts
0
55677
Power connect 3524 Telent issue form remote network
Hello
I have several PowerConnect 3524 distributed on a network, all of the with TELNET and HTTP access enabled. The management IP addressesa are in the 10.10.10.0/24 network
If I try to access any of these switches from the same network:
- HTTP access works fine
- PING works fine
- TELNET works fine
If I try to access any of these switches from a different network (via router of course)
- HTTP access works fine
- PING works fine
- TELNET doesn't work
I get this message: 17-Apr-2012 16:51:46 %AAA-W-REJECT: New telnet connection for user line telnet, source 172.16.108.202 destination 10.10.10.8 REJECTED
Is there any limitation in the TELNET access to this switches to allow only connections from local network?
raffacf
4 Posts
1
April 23rd, 2012 05:00
Hello all,
This issue is solved and it had nothing to do with the configuration of the switch. There was a firewall in the middle that was blocking the Telnet for this equipment.
Thanks for the help.
DELL-Willy M
802 Posts
0
April 17th, 2012 18:00
Let’s start with making sure the Initial Telnet Password is set up properly. Based on the 17-Apr-2012 16:51:46 %AAA-W-REJECT: New telnet connection for user line telnet, source 172.16.108.202 destination 10.10.10.8 REJECTED
1. To configure an initial Telnet password, enter the following commands:
console(config)# aaa authentication login default line
console(config)# aaa authentication enable default line
console(config)# line telnet
console(config-line)# login authentication default
console(config-line)# enable authentication default
console(config-line)# password XXX
2. If you have any ACL’s set up on the switch then you would need to specifically permit telnet access for the 172 network.
Syntax:
permit {any| protocol} {any|{source source-wildcard}} {any|{destination destination-wildcard}}[dscp number | ip-precedence number]
ACLs have an implicit deny at the end so if there was only a permit telnet 10.0.0.0 0.0.0.0 any or something similar then 172.16.0.0 would be blocked
Hope this helps,
Please keep us updated
raffacf
4 Posts
0
April 18th, 2012 02:00
Hi, Thank you for the fast response.
I had the TELNET password set properly. However, I run the commands again as you described. Still the same issue. I can telnet from the same network, but not from a different network. HTTP access works always fine (from different network and from the same network).
When I run the “#show access-lists” command I get this: “No ACLs are defined.”
This is the logging for two telnet attempts: firs from different network (rejected) and second from same network (accepted).
18-Apr-2012 09:33:00 %AAA-W-REJECT: New telnet connection for user line telnet, source 172.16.108.202 destination 10.10.10.8 REJECTED
18-Apr-2012 09:40:24 %AAA-I-CONNECT: User CLI session for user unKnown over telnet , source 10.10.10.6 destination 10.10.10.8 ACCEPTED
Any ideas?
DELL-Willy M
802 Posts
0
April 18th, 2012 17:00
Here is a link to the current firmware available for the 3524 switch. If you do not have the current firmware I would recommend upgrading the firmware. I know this is not a direct answer, but if there is anything unstable on the switch this will help correct those issues.
www.dell.com/.../DriverFileFormats
I will continue to look for any possible answers.
raffacf
4 Posts
0
April 19th, 2012 09:00
Hi, thanks for the suggestion. We tried the firmware upgrade trick but it didn't solve it. I will post the answer when we find it.