Telnet to a Cisco 1700 Router

140 pts.
Cisco 1700
Cisco router configuration
Cisco Routers
Remote administration
Router configuration
I have a cisco 1700 router, when I telnet to it from a remote site, it comes back saying "connection closed by remote host". I have checked the vty lines and verified the password. even more interesting is that when I telnet to it when directly connected via ethernet, it allows me to connect. remotely, I can telnet to the switch where it's connected to but not the the router itself.

Answer Wiki

Thanks. We'll let you know when a new response is added.

First u see the reachability from ur host ip address to router. If it is possible ti reach there & see ACL in ur router. whethere it is permitted or denied from ur system.

Then check ur vty terminal configuration :
Router(config)#line vty 0 4
Router(config-line)#password cisco

whether telnet/ssh is allowed on ur router or not.

Router(config-line)#transport input telnet ssh

either u can configure both of them at a time or any one at a time, it depend on ur desire.

Plz pardon me, if i left anything overhere to tell u.

You need to check NAT translations. Your access-list for NAT most likely looks like below:

access-list 100 per ip any any

the source “any” is causing problem. Specify your source address/network(s) in NAT ACL to be site specific. For example, if your LAN is, use ACL below for NAT.

access-list 100 per ip any

Hope this helps.

Discuss This Question: 3  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Troy Tate
    Try a tracert from both devices to determine if the traffic is not making it back to the remote telnet host.
    0 pointsBadges:
  • Nb0x
    You are seeing 'connection closed by remote host' so you are definitely connecting to the telnet port of some device. Might not be the WAN interface of that 1700 router however! Quick thing you can do is use nmap to identify the router from the remote site. For example nmap -O {IP Address of WAN interface of 1700}. If you can confirm that the IP address that you are attempting to connect to from the remote site is in fact the WAN interface on the 1700 then you need to logon to that route from the LAN side and check what access list are defined on inbound traffic from the WAN. Let me know how you go.
    35 pointsBadges:
  • NWEA
    check your on vty port - login commad is entered or not. If you enter password and not login command then router doesn't give telnet access.
    55 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: