From: Mannan Venkatesan (mv_lab@xxxxxxxxxxx)
Date: Sun Feb 03 2002 - 11:02:41 GMT-3
> Should it be 'access-list 130 permit tcp any host 172.17.59.19 eq
telnet'???
>
> Mannan
>
> ----- Original Message -----
> From: "atul pawar" <atulpawar@hotmail.com>
> To: <ccielab@groupstudy.com>
> Sent: Sunday, February 03, 2002 1:31 PM
> Subject: lock and key access list problem
>
>
> > Hi Guyes
> > I am tesing a lock and key config but not able to get it working.
> > I want to allow Telnet access to 170.100.1.1 (which is a loopback
> interface
> > on router TS) from any host using Lock and key . TS is talking BGP to R1
> via
> > ethernet. When I telnet from R1 to TS it asks me for the username
;accepts
> > the password and drops the connection as expected. Then again when
telnet
> > from R1 to TS ie To 170.100.1.1 it asks me for username and password and
> > follwing happens
> >
> >
> > r1#telnet 170.100.1.1
> > Trying 170.100.1.1 ... Open
> >
> >
> > User Access Verification
> >
> > Username:atul
> > Password:
> > List#130-firewall already contains this IP address pair
> > [Connection to 170.100.1.1 closed by foreign host]
> >
> > Following are the configs for TS and R1
> > ts#
> >
> > !
> > interface Loopback5
> > ip address 170.100.1.1 255.255.0.0
> > no ip directed-broadcast
> > !
> > interface Ethernet0
> > ip address 172.17.59.19 255.255.255.240
> > ip access-group 130 in
> > no ip mroute-cache
> > no cdp enable
> > !
> > ip classless
> > access-list 130 permit tcp any any eq bgp
> > access-list 130 dynamic firewall timeout 100 permit ip any any
> > access-list 130 permit tcp any host 170.100.1.1 eq telnet
> > !
> > line vty 0 4
> > login local
> > autocommand access-enable timeout 5
> >
> >
> > Any help to get this working would be great
> > Regards,
> > Atul
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > Atul
> >
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:10 GMT-3