beautypg.com

Verify the current configuration, Enable telnet or ssh access, Check the access list – Nortel Networks NN46120-104 User Manual

Page 146

background image

146

Troubleshooting the NVG

Cannot Connect to VPN Gateway through Telnet or
SSH

Verify the Current Configuration

Connect through a console connection and check that Telnet or SSH
access to the VPN Gateway is enabled. By default, remote connections
to the NVG are disabled for security reasons. Type the command

/cfg/sys/adm/cur

to see whether remote access through Telnet or

SSH is enabled.

>> # /cfg/sys/adm/cur Collecting data, please wait...

Administrative Applications:

CLI idle timeout = 1h

Telnet CLI access = off

SSH CLI access = off

Enable Telnet or SSH Access

If your security policy affords enabling remote connections to the VPN
Gateway, type the command

/cfg/sys/adm/telnet

to enable Telnet

access, or the command

/cfg/sys/adm/ssh

to enable SSH access.

Apply your configuration changes.

>> # /cfg/sys/adm/ssh

Current value:

off

Allow SSH CLI access (on/off): on

>> Administrative Applications# apply

Changes applied successfully.

Check the Access List

If you find that Telnet or SSH access is enabled but you still can’t
connect to the VPN Gateway using a Telnet or SSH client, check whether
any hosts have been added to the Access List. Type the command

/cfg/sys/accesslist/list

to view the current Access List.

>> # /cfg/sys/accesslist/list

1:

192.168.128.78, 255.255.255.0

When Telnet or SSH access is enabled, only those hosts listed in the
Access List are allowed to access the VPN Gateway over the network. If
no hosts have been added to the Access List, this means that any host
is allowed to access the VPN Gateway over the network (assuming that
Telnet or SSH access is enabled).

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.