Well, to answer your question, I don't want to telnet to the outside
interface from the inside. I want to telnet to the outside interface from
the outside, and clearly due to the NAT, the outside interface is the only
interface I can telnet to, and because of this stupid bug, I cannot. So
basically what it boils down to is that nobody from the outside can ever
telnet into the router, which bites.
And somebody asked what OS and what router I am using. It is 12.2(1), on a
2514.
""Allen May"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> OK I don't have the real answer but it seems that NAT overload is on the
> same IP address that you're trying to telnet to. That would be kind of
> weird for the box to receive a telnet request from & to the same IP.
>
> No flames but I'll just throw a suggestion to try (let me know if it
works).
> Try settting up an access-list for NONAT when going to that IP address.
> That will leave the source address alone. And it looks like you've set up
> an access-list to allow telnet to that interface already but double check
> that.
>
> I have to ask...why telnet to the outside interface from inside?
>
> Allen
>
>
> ----- Original Message -----
> From: "nrf"
> To:
> Sent: Friday, June 29, 2001 4:01 AM
> Subject: Strange situation with NAT and telnet [7:10387]
>
>
> > Hey all:
> >
> > I have this strange situation where I cannot telnet into my router.
This
> is
> > what happens.
> >
> > I am successfully running NAT (with overload), with no problem. I can
> > telnet into the interface that is the inside NAT with no problem. I can
> > also telnet into any non-NAT interface with no problem. The problem
> occurs
> > when I try to telnet into the interface that is the designated outside
NAT
> > interface. For example, when I fire up telnet from Windows and telnet
to
> > that outside NAT interface, it just shows that it is trying to connect,
> but
> > it never connects.
> >
> > Now, I can assure you that connectivity is fine. I can ping that
> interface.
> > People from the inside can get to the outside, with no problem. So it's
> not
> > a routing issue, I am sure.
> >
> > I have monitored what happens when I try to telnet, as I have an
> > access-class on the vty line that allows anything in (permit ip any
any),
> > but is set for logging. So I notice that telnet packets are indeed
being
> > permitted by the access-list, meaning the telnet request is hitting the
> > router successfully. On the console, I even get a message saying that
the
> > access-list is allowing a telnet packet in. So everything seems cool.
> But
> > somehow the router doesn't want to acknowledge the telnet request.
> >
> > Does anybody know what is up with that?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10454&t=10387
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
