Cannot telnet into live router

Minary

I have 3 routers.

I can telnet into one ( and a switch ) and cannot telnet into 2 of them.
THe routers I can't telnet into are 2612 and 2610.

I have tried reseting, working from clean config etc.

I get this: [Connection to 10.1.1.2 closed by foreign host]

Here is the config

R2_C2612#show run
Building configuration...

Current configuration : 733 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2_C2612
!
boot-start-marker
boot-end-marker
!
enable password 1234
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
ip domain name LABDOMAIN
!
!
username ian password 0 1234
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.1.2 255.0.0.0
half-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface TokenRing0/0
no ip address
shutdown
ring-speed 16
!
ip default-gateway 10.1.1.4
no ip http server
ip classless
!
!
!
line con 0
line aux 0
line vty 0 4
password 1234
login
no exec
transport input telnet
!
!
end

RouteMyPacket

Why use Telnet? So take another look through the router config you posted, why have you configured it this way?

enable password? Why did you chose this versus "enable secret"?

This is a router with interface Ethernet0/0 assigned an IP of 10.1.1.2/8. Again, why would you chose a /8?

You have a local user configured, so why not use it for the VTY lines?

ip default-gateway is configured. Why is this configured on a router? Does the router not know how to route?

Try to think and answer these questions, I wanted to simply post a config for you but let's work on this here first and understand why you came to the current config.

fredrikjj

I know why, and it's kind of funny. Hint: show running config displays the full configuration command that you've entered, and not a partial command as you would enter it on the command line without using TAB.

EdTheLad

Add the following, at the moment you have disabled the exec shell.

config t
line vty 0 4
exec

Minary

This is a lab. Telnet does not matter (also ssh seems not to be supported by this firmware)
This is a lab. 10.1.1.1 /8 is easy to type and easy to see 10.2.2.2 etc.
This is a lab . secret does not matter
This is a lab. router points to my internet router

My mistake was that previously I had only used packet tracer and "no exec" turned off Exec timeout

thanks

xnx

How on earth did you get a CCNA if you're struggling with this...?

RouteMyPacket

Minary wrote: »

This is a lab. Telnet does not matter (also ssh seems not to be supported by this firmware)
This is a lab. 10.1.1.1 /8 is easy to type and easy to see 10.2.2.2 etc.
This is a lab . secret does not matter
This is a lab. router points to my internet router

My mistake was that previously I had only used packet tracer and "no exec" turned off Exec timeout

thanks

Does not matter eh? I beg to differ but you appear to have things under control so good luck

Minary

So what's the problem ?

theodoxa

Minary wrote: »

My mistake was that previously I had only used packet tracer and "no exec" turned off Exec timeout

Interesting. I had not run into that PT quirk before.

"exec-timeout 0 0"

achieves the same result on a real router.

websponge

xnx wrote: »

How on earth did you get a CCNA if you're struggling with this...?

really helpful there...

Minary

Well the point of getting real routers is to work through the quirks like this.

fredrikjj

No exec and no-exec-timeout are two different commands. Ed pointed this out in post #3. The issue is people trying to enter no exec-timeout and thinking that no exec is a shortcut.

Let's use the command reference:

exec

To allow an EXEC process on a line, use the exec line configuration command. To turn off the EXEC process for the specified line, use the no form of this command.

exec
no exec

Usage Guidelines

When you want to allow an outgoing connection only for a line, use the no exec command. When a user tries to Telnet to a line with the no exec command configured, the user will get no response when pressing the Return key at the login screen.


exec-timeout
To set the interval that the EXEC command interpreter waits until user input is detected, use the exec-timeout line configuration command. To remove the timeout definition, use the no form of this command.

exec-timeout minutes I]seconds[/I
no exec-timeout

Minary

Yeah. This is what I found out the hard way.

Why does IOS use "no exec" when it seems to be ambiguous ?

EdTheLad

It's not ambiguous at all, when you telnet to the router, the router opens an exec shell. This can be disabled via the cli as you saw using "no exec" , if you don't type commands into the exec shell within a period which can be configured using the exec-timeout command the shell kicks you out.

Minary

I understand what they both do and was using it previously to turn off timeouts.

I meant ambiguous the way the IOS means it. When more of a command is needed to clarify which command is meant. It would be better if it was exec-shell for exec or use extime for timeout.

Anyway. I think we have explored this enough.

DoubleNNs

I learned something from this thread.

Knew of no exec-timeout command, but didn't know of the no exec command.

Honestly, I could see myself doing the same thing in the future, had I not stumbled onto this thread.

Packet Tracer does not include the no exec command in it, which might produce bad habits of using the incorrect shorthand if hadn't spent more time w/ GNS3/physical equip.