[72862] in North American Network Operators' Group
Re: Loss of Telnet Capability to 6509
daemon@ATHENA.MIT.EDU (Richard J. Sears)
Wed Jul 28 15:41:11 2004
Date: Wed, 28 Jul 2004 12:34:37 -0700
From: "Richard J. Sears" <rsears@adnc.com>
To: "Jason Frisvold" <friz@corp.ptd.net>
Cc: "Nanog" <nanog@nanog.org>
In-Reply-To: <EFE80D82AA4F264FB24E73BEAF72FC95083DC0@EXCHANGE5.corp.ptd.net>
Errors-To: owner-nanog-outgoing@merit.edu
Hi Jason,
the only ACL's on the vty's are the same across my entire farm of
routers and switches. And when I telnet to a box with an ACL, I get a
refused connection...this one is saying that it is timing out.
On Wed, 28 Jul 2004 15:33:45 -0400
"Jason Frisvold" <friz@corp.ptd.net> wrote:
>
> Do you have ACL's restricting access to the vty's? I've seen instances where telnet ports get locked up because of port scanning and/or attacks...
>
> --
> Jason Frisvold
> Penteledata
>
>
> > -----Original Message-----
> > From: Richard J. Sears [mailto:rsears@adnc.com]
> > Sent: Wednesday, July 28, 2004 2:54 PM
> > To: Nanog
> > Subject: Loss of Telnet Capability to 6509
> >
> >
> >
> > We posted this to cisco-nsp but someone suggested posting it here as
> > well...
> >
> >
> >
> > We have a 6509 running a SUP720 in IOS only mode (no cat os).
> >
> > At around 4am this morning, we lost our ability to telnet to
> > the router.
> > Running a tcpdump shows that the router never responds to the telnet
> > request.
> >
> > All functions and interfaces on the router seem fine (bgp,
> > etherchannel,
> > ibgp, vtp, hsrp) and I can console into the sup with no
> > problems at all,
> > we just cannot telnet into it. The CPU is at around 6%.
> >
> > I have checked all access lists on the router, none were added/removed
> > or modified on line vty that would cause this problem. All logging
> > appears normal.
> >
> > We are running Version 12.2(17a)SX3.
> >
> > Anyone have a similar problem or know how to check or restart
> > the telnet
> > process on the router without a reload...?
> >
> >
> > ******************************************
> > Richard J. Sears
> > Vice President
> > American Digital Network
> > ----------------------------------------------------
> > rsears@adnc.com
> > http://www.adnc.com
> > ----------------------------------------------------
> > 858.576.4272 - Phone
> > 858.427.2401 - Fax
> > INOC-DBA - 6130
> > ----------------------------------------------------
> >
> > I fly because it releases my mind
> > from the tyranny of petty things . .
> >
> >
> > "Work like you don't need the money, love like you've
> > never been hurt and dance like you do when nobody's
> > watching."
> >
> >
******************************************
Richard J. Sears
Vice President
American Digital Network
----------------------------------------------------
rsears@adnc.com
http://www.adnc.com
----------------------------------------------------
858.576.4272 - Phone
858.427.2401 - Fax
INOC-DBA - 6130
----------------------------------------------------
I fly because it releases my mind
from the tyranny of petty things . .
"Work like you don't need the money, love like you've
never been hurt and dance like you do when nobody's
watching."
