Hi Segun I am able to telnet but with the ASA outside interface included in the interesting traffic of the VPN.
But still I am not able to access the inside interface across IPSec VPN. I am not sure, if telnet is allowed across ASA to another interface. With regards Kings On Fri, Oct 16, 2009 at 10:42 AM, Kingsley Charles < [email protected]> wrote: > Hi Segun > > My comments inline. > > With regards > Kings > > On Fri, Oct 16, 2009 at 10:04 AM, 'Segun Daini <[email protected]>wrote: > >> Hi King, >> >> You cannot telnet to the interface with lowest security level on ASA. >> >> <kings> sysopt connection permit-vpn should take care of it right? > > >> To telnet to the inside interface, create a static nat of the ip to >> outside. And permit access to it on the outside interface. >> > > >> <kings> If I configure static, the mapped IP should also be interesting >> traffic of the IPSec VPN, if I need to access inside through VPN. With VPN, >> I get the access to the inside network without the need of static right? >> Then to access the inside interface, is static rule neccessary? >> > > >> Regards >> >> ------------------------------ >> *From:* Kingsley Charles <[email protected]> >> *To:* [email protected] >> *Sent:* Fri, October 16, 2009 5:30:47 AM >> *Subject:* [OSL | CCIE_Security] Telnet across IPSec connection >> >> Hi all >> >> I am trying to telnet from the IOS router which is the remote IPSec peer >> to the outside and inside interface of the ASA. But the Telnet fails. >> >> >> The VPN tunnel is UP. >> >> The following are configured: >> >> sysopt connection permit-vpn >> >> access-list mine permit ip any any >> access-group mine in interface outside >> >> telnet 0.0.0.0 0.0.0.0 outside >> telnet 0.0.0.0.0 0.0.0.0 inside >> >> What is preventing me to telnet? >> >> >> >> >> >> With regards >> Kings >> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
