Thank you Brian. I found the problem is that: I have "autocommand access-enable host " on the vty line while there is no dynamic access list applied on the bri0 interface. Here is the complete configuration of r5 before removing the "autocommand access-enable host " from the vty lines.
r5#show run Building configuration... Current configuration : 2202 bytes ! ! Last configuration change at 00:10:38 UTC Fri Mar 12 1993 ! NVRAM config last updated at 00:10:44 UTC Fri Mar 12 1993 ! version 12.2 no service single-slot-reload-enable service timestamps debug datetime msec service timestamps log uptime no service password-encryption ! hostname r5 ! logging rate-limit console 10 except errors ! username omer password 7 14141B180F0B username r4 password 7 095E1B username r2 password 7 045802150C2E username r5 password 7 13061E010803 ip subnet-zero no ip finger no ip domain-lookup ! ip reflexive-list timeout 1000 no ip dhcp-client network-discovery isdn switch-type basic-ni ! ! ! ! interface Loopback5 ip address 5.5.5.5 255.255.255.0 ! interface Ethernet0 ip address 10.10.110.3 255.255.255.0 shutdown ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface BRI0 ip address 10.10.10.2 255.255.255.0 encapsulation ppp dialer callback-secure dialer idle-timeout 300 dialer enable-timeout 1 dialer map ip 10.10.10.1 name r2 class eng broadcast 8358661 dialer-group 1 isdn switch-type basic-ni isdn spid1 0835866201 isdn spid2 0835866401 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 snapshot server 5 ppp callback accept ppp authentication chap ppp chap hostname r5 ! router rip network 5.0.0.0 network 10.0.0.0 ! ip kerberos source-interface any ip classless ip route 0.0.0.0 0.0.0.0 10.10.10.1 ip route 0.0.0.0 0.0.0.0 10.10.110.16 ip http server ! ! ip access-list extended abc dynamic test permit ip any any permit tcp any host 10.10.110.3 eq telnet ip access-list extended inboundfilter permit igrp any any evaluate tcptraffic ip access-list extended outboundfilter permit tcp any any reflect tcptraffic timeout 5000 ! map-class dialer eng dialer callback-server username access-list 21 deny any access-list 100 permit tcp any any eq telnet access-list 100 permit icmp any any dialer-list 1 protocol ip list 100 ! snmp-server engineID local 5555555555 snmp-server engineID remote 10.10.10.1 2222222222 ! line con 0 exec-timeout 0 0 logging synchronous transport input none line aux 0 line vty 0 4 password cisco login ! ntp clock-period 17179628 end r5# ----- Original Message ----- From: "Brian McGahan" To: "'John Tafasi'" ; "'Cisco Group Study'" ; "'ccielab'" Sent: Friday, December 27, 2002 1:29 PM Subject: RE: No input access group defined for BRI0 > John, > > This is most likely due to the fact that you have a dynamic > access-list configured, yet the dynamic list is not applied to that > interface. Once you have the 'access-enable' command defined, telnet on > tcp 23 is used exclusively to authenticate. > > Try something like this: > > line vty 0 3 > autocommand access-enable host timeout 20 > line vty 4 > rotary 1 > > Now the router will listen on TCP 7001 for actual telnet traffic > to the CLI. > > HTH > > Brian McGahan, CCIE #8593 > Director of Design and Implementation > [EMAIL PROTECTED] > > CyscoExpert Corporation > Internetwork Consulting & Training > Voice: 847.674.3392 > Fax: 847.674.2625 > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of > > John Tafasi > > Sent: Friday, December 27, 2002 1:51 PM > > To: Cisco Group Study; ccielab > > Subject: No input access group defined for BRI0 > > > > Hi Groub, > > > > r2 and r5 are connected via isdn. I am trying to telnet to r5 from r2 > but > > I > > receive the message "No input access group defined for BRI0." Does > that > > mean > > you cannot access a router via its bri interface unless an access list > is > > configured on bri0? > > > > r2#telnet 10.10.10.2 > > Trying 10.10.10.2 ... Open > > > > > > User Access Verification > > > > Password: > > Password: > > No input access group defined for BRI0. > > [Connection to 10.10.10.2 closed by foreign host] > > . Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59866&t=59866 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
