Verify the current configuration, Enable telnet or ssh access, Check the access list – Nortel Networks NN46120-104 User Manual
Page 146
146
Troubleshooting the NVG
Cannot Connect to VPN Gateway through Telnet or
SSH
Verify the Current Configuration
Connect through a console connection and check that Telnet or SSH
access to the VPN Gateway is enabled. By default, remote connections
to the NVG are disabled for security reasons. Type the command
/cfg/sys/adm/cur
to see whether remote access through Telnet or
SSH is enabled.
>> # /cfg/sys/adm/cur Collecting data, please wait...
Administrative Applications:
CLI idle timeout = 1h
Telnet CLI access = off
SSH CLI access = off
Enable Telnet or SSH Access
If your security policy affords enabling remote connections to the VPN
Gateway, type the command
/cfg/sys/adm/telnet
to enable Telnet
access, or the command
/cfg/sys/adm/ssh
to enable SSH access.
Apply your configuration changes.
>> # /cfg/sys/adm/ssh
Current value:
off
Allow SSH CLI access (on/off): on
>> Administrative Applications# apply
Changes applied successfully.
Check the Access List
If you find that Telnet or SSH access is enabled but you still can’t
connect to the VPN Gateway using a Telnet or SSH client, check whether
any hosts have been added to the Access List. Type the command
/cfg/sys/accesslist/list
to view the current Access List.
>> # /cfg/sys/accesslist/list
1:
192.168.128.78, 255.255.255.0
When Telnet or SSH access is enabled, only those hosts listed in the
Access List are allowed to access the VPN Gateway over the network. If
no hosts have been added to the Access List, this means that any host
is allowed to access the VPN Gateway over the network (assuming that
Telnet or SSH access is enabled).
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.