Can't telnet to CSR1000V Serial Port from Public Internet

Hi to All,

 

Problem Definition:

I can not connect to virtual serial port of my CSR vm router from public internet using 67.173.xx.230:4001 but I can connect to it from the LAN side using 192. 168.0.102:4001.

 

The 192.168.0.102 is the ip of the ESXi server. Proper port forwarding have been configured on my TP-L INK router that connects my LAN to the internet. On the TP-LINK router, port 4001 has been configured to be fowarded to 192.168.0.102.

 

I am sure I have no problem with port forwarding on my TP-LINK router. What could be the problem? Did I miss to make firewall configuration changes on the ESXi server? 

 

Please help!

Comments

  • BTW:

    This CSR vm router runs on  VMware ESXi 5.5.0 server (evalution)

  • did you make the FW change to allow serial changes?  I assume you did if you can telnet to it internally but just as a reminder - go here

    http://www.rogerperkin.co.uk/ccie/ccie-version-5/ccie-virtual-rack-csr-1000v-routers/ and look for this one

    Enable Serial port over Network in ESXi firewall

     

  • this is where your non-cisco networking may have to come into play - can you sniff and determine (or by logs) - whether your tp-link FW is blocking the connection - maybe you can sniff the switch port leading to the esx and see if your syn is getting there or being stopped by the FW - normally logs and acl's could tell u everything but maybe not so much in a home lab :(

  • this is where your non-cisco networking may have to come into play - can you sniff and determine (or by logs) - whether your tp-link FW is blocking the connection - maybe you can sniff the switch port leading to the esx and see if your syn is getting there or being stopped by the FW - normally logs and acl's could tell u everything but maybe not so much in a home lab :(

     

    I disabled the firewall on my TP-LINK router. The problem is still there. I strongly believe that it is the ESXi server who is responsible for this. When I try tenelting using Putty, I get disconnected immediately. When I use secureCRT, i do not see any messages linke "connection refused" or "connection timed out".

     

    I have to use ESXi 5.1. Which update of 5.1 is working for you?

  • this is where your non-cisco networking may have to come into play - can you sniff and determine (or by logs) - whether your tp-link FW is blocking the connection - maybe you can sniff the switch port leading to the esx and see if your syn is getting there or being stopped by the FW - normally logs and acl's could tell u everything but maybe not so much in a home lab :(

     

    I disabled the firewall on my TP-LINK router. The problem is still there. I strongly believe that it is the ESXi server who is responsible for this. When I try tenelting using Putty, I get disconnected immediately. When I use secureCRT, i do not see any messages linke "connection refused" or "connection timed out".

     

    I have to use ESXi 5.1. Which update of 5.1 is working for you?

  • TP-LINK is a home internet router just like linksys and netgear. 

Sign In or Register to comment.