[c-nsp] Telnet to Pix via VPN
David Coulson
david at davidcoulson.net
Sun Feb 7 10:20:45 EST 2010
8.0(3) on both Pix515 and ASA5510
On 2/7/10 10:05 AM, David White, Jr. (dwhitejr) wrote:
> Hi David,
>
> It sounds like you are running into CSCsj53102. What version are you
> running on your 8.0 devices?
>
> Sincerely,
>
> David.
>
> David Coulson wrote:
>
>> I have a number of ASAs and Pix devices with interconnected VPNs. From
>> each LAN I can telnet into the local device, however on both an
>> ASA5510 and Pix515 running 8.0 I am unable to telnet into the device
>> from across a VPN. An older Pix501 running 6.3 will allow me. I can
>> ping across the VPNs to each device.
>>
>> In all cases 'management-access inside' is enabled and the appropriate
>> remote subnet is in a 'telnet x.x.x.x y.y.y.y' statement. The telnet
>> client thinks the connection is open, but I don't get a login prompt.
>>
>> Log output when I attempt to telnet to the 515 - Not sure I understand
>> the TCP intercept part of this. Maybe that is the smoking gun.
>>
>> Feb 06 2010 21:36:13: %PIX-6-302013: Built inbound TCP connection 367
>> for outside:172.17.6.102/3158 (172.17.6.102/3158) to NP Identity
>> Ifc:172.16.5.1/23 (172.16.5.1/23)
>> Feb 06 2010 21:36:13: %PIX-6-302014: Teardown TCP connection 367 for
>> outside:172.17.6.102/3158 to NP Identity Ifc:172.16.5.1/23 duration
>> 0:00:00 bytes 0 Flow terminated by TCP Intercept
>> Feb 06 2010 21:36:13: %PIX-6-302013: Built inbound TCP connection 368
>> for outside:172.17.6.102/3158 (172.17.6.102/3158) to NP Identity
>> Ifc:172.16.5.1/23 (172.16.5.1/23)
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
More information about the cisco-nsp
mailing list