RE: Loss of Telnet Capability to 6509

["Paul Ryan" <pryan () rogers wave ca>]

> From your console connection check what you have configured under VTY - just
in case someone has gone ahead and change to SSH for example.

transport input ######### - the specific config 


Also what does the "show line" give you ?

Paul

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Richard J. Sears
Sent: Wednesday, July 28, 2004 3:35 PM
To: Jason Frisvold
Cc: Nanog
Subject: Re: Loss of Telnet Capability to 6509


Hi Jason,

the only ACL's on the vty's are the same across my entire farm of
routers and switches. And when I telnet to a box with an ACL, I get a
refused connection...this one is saying that it is timing out.


On Wed, 28 Jul 2004 15:33:45 -0400
"Jason Frisvold" <friz () corp ptd net> wrote:

> Do you have ACL's restricting access to the vty's?  I've seen instances
where telnet ports get locked up because of port scanning and/or attacks...
> --
> Jason Frisvold
> Penteledata
>
>
> > -----Original Message-----
> > From: Richard J. Sears [mailto:rsears () adnc com] 
> > Sent: Wednesday, July 28, 2004 2:54 PM
> > To: Nanog
> > Subject: Loss of Telnet Capability to 6509
> >
> >
> >
> > We posted this to cisco-nsp but someone suggested posting it here as
> > well...
> >
> >
> >
> > We have a 6509 running a SUP720 in IOS only mode (no cat os). 
> >
> > At around 4am this morning, we lost our ability to telnet to 
> > the router.
> > Running a tcpdump shows that the router never responds to the telnet
> > request. 
> >
> > All functions and interfaces on the router seem fine (bgp, 
> > etherchannel,
> > ibgp, vtp, hsrp) and I can console into the sup with no 
> > problems at all,
> > we just cannot telnet into it. The CPU is at around 6%.
> >
> > I have checked all access lists on the router, none were added/removed
> > or modified on line vty that would cause this problem. All logging
> > appears normal.
> >
> > We are running Version 12.2(17a)SX3.
> >
> > Anyone have a similar problem or know how to check or restart 
> > the telnet
> > process on the router without a reload...?
> >
> >
> > ******************************************
> > Richard J. Sears
> > Vice President         
> > American Digital Network                          
> > ----------------------------------------------------
> > rsears () adnc com
> > http://www.adnc.com
> > ----------------------------------------------------
> > 858.576.4272 - Phone
> > 858.427.2401 - Fax
> > INOC-DBA - 6130
> > ----------------------------------------------------
> >
> > I fly because it releases my mind 
> > from the tyranny of petty things . . 
> >
> >
> > "Work like you don't need the money, love like you've
> > never been hurt and dance like you do when nobody's
> > watching."


******************************************
Richard J. Sears
Vice President         
American Digital Network                          
----------------------------------------------------
rsears () adnc com
http://www.adnc.com
----------------------------------------------------
858.576.4272 - Phone
858.427.2401 - Fax
INOC-DBA - 6130
----------------------------------------------------

I fly because it releases my mind 
from the tyranny of petty things . . 


"Work like you don't need the money, love like you've
never been hurt and dance like you do when nobody's
watching."