This post is more than 5 years old
4 Posts
0
55705
April 17th, 2012 09:00
Power connect 3524 Telent issue form remote network
Hello
I have several PowerConnect 3524 distributed on a network, all of the with TELNET and HTTP access enabled. The management IP addressesa are in the 10.10.10.0/24 network
If I try to access any of these switches from the same network:
- HTTP access works fine
- PING works fine
- TELNET works fine
If I try to access any of these switches from a different network (via router of course)
- HTTP access works fine
- PING works fine
- TELNET doesn't work
I get this message: 17-Apr-2012 16:51:46 %AAA-W-REJECT: New telnet connection for user line telnet, source 172.16.108.202 destination 10.10.10.8 REJECTED
Is there any limitation in the TELNET access to this switches to allow only connections from local network?
0 events found
raffacf
4 Posts
1
April 23rd, 2012 05:00
Hello all,
This issue is solved and it had nothing to do with the configuration of the switch. There was a firewall in the middle that was blocking the Telnet for this equipment.
Thanks for the help.
DELL-Willy M
802 Posts
0
April 17th, 2012 18:00
Let’s start with making sure the Initial Telnet Password is set up properly. Based on the 17-Apr-2012 16:51:46 %AAA-W-REJECT: New telnet connection for user line telnet, source 172.16.108.202 destination 10.10.10.8 REJECTED
1. To configure an initial Telnet password, enter the following commands:
console(config)# aaa authentication login default line
console(config)# aaa authentication enable default line
console(config)# line telnet
console(config-line)# login authentication default
console(config-line)# enable authentication default
console(config-line)# password XXX
2. If you have any ACL’s set up on the switch then you would need to specifically permit telnet access for the 172 network.
Syntax:
permit {any| protocol} {any|{source source-wildcard}} {any|{destination destination-wildcard}}[dscp number | ip-precedence number]
ACLs have an implicit deny at the end so if there was only a permit telnet 10.0.0.0 0.0.0.0 any or something similar then 172.16.0.0 would be blocked
Hope this helps,
Please keep us updated
raffacf
4 Posts
0
April 18th, 2012 02:00
Hi, Thank you for the fast response.
I had the TELNET password set properly. However, I run the commands again as you described. Still the same issue. I can telnet from the same network, but not from a different network. HTTP access works always fine (from different network and from the same network).
When I run the “#show access-lists” command I get this: “No ACLs are defined.”
This is the logging for two telnet attempts: firs from different network (rejected) and second from same network (accepted).
18-Apr-2012 09:33:00 %AAA-W-REJECT: New telnet connection for user line telnet, source 172.16.108.202 destination 10.10.10.8 REJECTED
18-Apr-2012 09:40:24 %AAA-I-CONNECT: User CLI session for user unKnown over telnet , source 10.10.10.6 destination 10.10.10.8 ACCEPTED
Any ideas?
DELL-Willy M
802 Posts
0
April 18th, 2012 17:00
Here is a link to the current firmware available for the 3524 switch. If you do not have the current firmware I would recommend upgrading the firmware. I know this is not a direct answer, but if there is anything unstable on the switch this will help correct those issues.
www.dell.com/.../DriverFileFormats
I will continue to look for any possible answers.
raffacf
4 Posts
0
April 19th, 2012 09:00
Hi, thanks for the suggestion. We tried the firmware upgrade trick but it didn't solve it. I will post the answer when we find it.