Re: [OSL | CCIE_Security] Virtual Telnet Issue on ASA

[Tyson Scott]

Jamie,

 

I have found this issue on all versions of the ASA.  Sometimes it works for
me and sometimes it doesn't.  I can do the exact same configuration and
sometimes it works and sometimes it doesn't.  I personally have not figured
out why it works for me at times and at others it doesn't work for me.  If
anyone else knows I would like to hear an answer?

 

Regards,

 

Tyson Scott - CCIE #13513 R&S and Security

Technical Instructor - IPexpert, Inc.


Telephone: +1.810.326.1444 
Cell: +1.248.504.7309
Fax: +1.810.454.0130
Mailto:  tsc...@ipexpert.com

 

Join our free online support and peer group communities:
<http://www.IPexpert.com/communities> http://www.IPexpert.com/communities

 

IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On Demand
and Audio Certification Training Tools for the Cisco CCIE R&S Lab, CCIE
Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE Storage
Lab Certifications.

 

From: ccie_security-boun...@onlinestudylist.com
[mailto:ccie_security-boun...@onlinestudylist.com] On Behalf Of Jamie
Brogdon
Sent: Sunday, October 04, 2009 3:54 PM
To: ccie_security@onlinestudylist.com
Subject: [OSL | CCIE_Security] Virtual Telnet Issue on ASA

 

Everyone,

 

I'm working on the Vol.1 (Ver 5) ASA Lab and have an issue with virtual
telnet. The ASA is configured to allow virtual telnet to 192.1.24.9 and I
have a static entry for 24.9. When I try to telnet to ASA from R2, the host
times out with the following seen in the ASA logs:

 

SEC-ASA1# sh run static

static (inside,outside) 192.1.24.9 192.1.24.9 netmask 255.255.255.255

 

SEC-ASA1# sh run virtual

virtual telnet 192.1.24.9

 

 

ASA Log:

 

%ASA-6-302013: Built inbound TCP connection 2670 for
outside:192.1.24.2/12201 (192.1.24.2/12201) to inside:192.1.24.9/23
(192.1.24.9/23)

%ASA-6-110003: Routing failed to locate next hop for TCP from
outside:192.1.24.2/12201 to inside:192.1.24.9/23

 

 

I would think that the ASA should definitely know how to get to 192.1.24.9,
since it lives on the ASA. Has anyone seen this or am I missing something? I
am running version 8.0(2) on an emulated ASA.

 

Thanks for the help.

 

 

Thanks,
Jamie Brogdon, CCIE #6541 (SP and R&S) / JNCIE-M #381 
Verizon Telecom, IP Networks 
703-579-7354 (cell)

 


_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com