Cannot telnet into live router

MinaryMinary Member Posts: 74 ■■□□□□□□□□
I have 3 routers.

I can telnet into one ( and a switch ) and cannot telnet into 2 of them.
THe routers I can't telnet into are 2612 and 2610.

I have tried reseting, working from clean config etc.

I get this: [Connection to 10.1.1.2 closed by foreign host]

Here is the config

R2_C2612#show run
Building configuration...

Current configuration : 733 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2_C2612
!
boot-start-marker
boot-end-marker
!
enable password 1234
!
memory-size iomem 10
no aaa new-model
ip subnet-zero
ip cef
!
!
ip domain name LABDOMAIN
!
!
username ian password 0 1234
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Ethernet0/0
ip address 10.1.1.2 255.0.0.0
half-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface TokenRing0/0
no ip address
shutdown
ring-speed 16
!
ip default-gateway 10.1.1.4
no ip http server
ip classless
!
!
!
line con 0
line aux 0
line vty 0 4
password 1234
login
no exec
transport input telnet
!
!
end

Comments

  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    Why use Telnet? So take another look through the router config you posted, why have you configured it this way?

    enable password? Why did you chose this versus "enable secret"?

    This is a router with interface Ethernet0/0 assigned an IP of 10.1.1.2/8. Again, why would you chose a /8?

    You have a local user configured, so why not use it for the VTY lines?

    ip default-gateway is configured. Why is this configured on a router? Does the router not know how to route?

    Try to think and answer these questions, I wanted to simply post a config for you but let's work on this here first and understand why you came to the current config.
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • fredrikjjfredrikjj Member Posts: 879
    I know why, and it's kind of funny. Hint: show running config displays the full configuration command that you've entered, and not a partial command as you would enter it on the command line without using TAB.
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    Add the following, at the moment you have disabled the exec shell.

    config t
    line vty 0 4
    exec
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • MinaryMinary Member Posts: 74 ■■□□□□□□□□
    This is a lab. Telnet does not matter (also ssh seems not to be supported by this firmware)
    This is a lab. 10.1.1.1 /8 is easy to type and easy to see 10.2.2.2 etc.
    This is a lab . secret does not matter
    This is a lab. router points to my internet router

    My mistake was that previously I had only used packet tracer and "no exec" turned off Exec timeout

    thanks
  • xnxxnx Do they matter? UKMember Posts: 464 ■■■□□□□□□□
    How on earth did you get a CCNA if you're struggling with this...?
    Getting There ...

    Lab Equipment: Using Cisco CSRs and 4 Switches currently
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    Minary wrote: »
    This is a lab. Telnet does not matter (also ssh seems not to be supported by this firmware)
    This is a lab. 10.1.1.1 /8 is easy to type and easy to see 10.2.2.2 etc.
    This is a lab . secret does not matter
    This is a lab. router points to my internet router

    My mistake was that previously I had only used packet tracer and "no exec" turned off Exec timeout

    thanks

    Does not matter eh? I beg to differ but you appear to have things under control so good luck
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • MinaryMinary Member Posts: 74 ■■□□□□□□□□
    So what's the problem ?
  • theodoxatheodoxa Member Posts: 1,340 ■■■■□□□□□□
    Minary wrote: »
    My mistake was that previously I had only used packet tracer and "no exec" turned off Exec timeout

    Interesting. I had not run into that PT quirk before.

    "exec-timeout 0 0"

    achieves the same result on a real router.
    R&S: CCENT CCNA CCNP CCIE [ ]
    Security: CCNA [ ]
    Virtualization: VCA-DCV [ ]
  • webspongewebsponge Member Posts: 119
    xnx wrote: »
    How on earth did you get a CCNA if you're struggling with this...?
    really helpful there...
    CCDP Next
  • MinaryMinary Member Posts: 74 ■■□□□□□□□□
    Well the point of getting real routers is to work through the quirks like this.
  • fredrikjjfredrikjj Member Posts: 879
    No exec and no-exec-timeout are two different commands. Ed pointed this out in post #3. The issue is people trying to enter no exec-timeout and thinking that no exec is a shortcut.

    Let's use the command reference:

    exec

    To allow an EXEC process on a line, use the exec line configuration command. To turn off the EXEC process for the specified line, use the no form of this command.

    exec

    no exec

    Usage Guidelines

    When you want to allow an outgoing connection only for a line, use the no exec command. When a user tries to Telnet to a line with the no exec command configured, the user will get no response when pressing the Return key at the login screen.


    exec-timeout
    To set the interval that the EXEC command interpreter waits until user input is detected, use the exec-timeout line configuration command. To remove the timeout definition, use the no form of this command.

    exec-timeout minutes I]seconds[/I
    no exec-timeout

  • MinaryMinary Member Posts: 74 ■■□□□□□□□□
    Yeah. This is what I found out the hard way.

    Why does IOS use "no exec" when it seems to be ambiguous ?
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    It's not ambiguous at all, when you telnet to the router, the router opens an exec shell. This can be disabled via the cli as you saw using "no exec" , if you don't type commands into the exec shell within a period which can be configured using the exec-timeout command the shell kicks you out.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • MinaryMinary Member Posts: 74 ■■□□□□□□□□
    I understand what they both do and was using it previously to turn off timeouts.

    I meant ambiguous the way the IOS means it. When more of a command is needed to clarify which command is meant. It would be better if it was exec-shell for exec or use extime for timeout.

    Anyway. I think we have explored this enough.
  • DoubleNNsDoubleNNs Member Posts: 2,013 ■■■■■□□□□□
    I learned something from this thread.

    Knew of no exec-timeout command, but didn't know of the no exec command.

    Honestly, I could see myself doing the same thing in the future, had I not stumbled onto this thread.

    Packet Tracer does not include the no exec command in it, which might produce bad habits of using the incorrect shorthand if hadn't spent more time w/ GNS3/physical equip.
    Goals for 2018:
    Certs: RHCSA, LFCS: Ubuntu, CNCF CKA, CNCF CKAD | AWS Certified DevOps Engineer, AWS Solutions Architect Pro, AWS Certified Security Specialist, GCP Professional Cloud Architect
    Learn: Terraform, Kubernetes, Prometheus & Golang | Improve: Docker, Python Programming
    To-do | In Progress | Completed
Sign In or Register to comment.