Contents

Connecting to and Managing Cisco Firewalls

To connect to and manage a Cisco firewall you need three things,

  1. To be in possession of a password, (and in some cases a username).
  2. Have the ‘Method of Access granted to you’ (or have physical access to the firewall).
  3. Know a ‘Method of Access‘ to the firewall for management.

Unless your firewall is brand new (in which case the passwords will either be or cisco), to access a Cisco firewall you will need a password, (this stands to reason it is a security device after all!).

As for usernames, with a few exceptions, you do not USUALLY need a username. Those exceptions being;

  1. Access via SSH needs a username (before version 8.4 you could use the username pix, and the Telnet password, this no longer works).
  2. If you have set up authentication to be done by AAA.

Cisco Firewall Forgotten Password Recovery

If you do not know the password then you need to perform some password recovery.

1. Console Cable: This uses the rollover cable that came with the firewall, They are usually pale blue in colour, and the more modern ones have a moulded serial socket on them. The older ones have a grey network to serial converter that plugs on the end. Access is via some Terminal Emulation Software, e.g. PuTTy or HyperTerminal. This method of access is enabled by default, but requires physical access to the devices console port.

2. Telnet: This simply allows connection via a telnet client, all versions of Windows have one, though Microsoft have done a good job of Hiding it in Windows 7. You can also use PuTTy, HyperTerminal, or another third party telnet client. This is considered the LEAST SECURE method of connection, (as passwords are sent in clear text). On a new firewall the telnet password is usually set to cisco (all lower case).

3. Web Browser: (How the vast majority of people access the firewall). Depending on the age and version of the firewall dictates what “Web Server” you are connecting to, devices running Version 7 and above use the “Adaptive Security Device Manager”. Cisco firewalls running an Operating system of version 6 and below use the “PIX Device Manager”. Both the ADSM and the PDM have a similar look and feel, and both require you have to Java installed and working.

4. SSH: Secure Sockets Handshake: This is sometimes called “secure telnet” as it does not send passwords and user names in clear text. It requires you supply a username and a password. Firewalls running an OS older than 8.4 can use the username of pix and the telnet password. After version 8.4 you need to enable AAA authentication and have a username and password setup for SSH access.

5. ASDM Client software: (Version 7 firewalls and above). You will need to have the software installed on your PC for this to work (you can download it from the firewall’s web interface, or install from the CD that came with the firewall).

Cisco ASA Remote Management via VPN

Even if you allow traffic for a remote subnet, there are additional steps you need to take to allow either a remote client VPN session, or a machine at another site that’s connected via VPN. Click here for details.

Connecting to a Cisco Firewall Using a Console Cable

Obviously before you start you will need a console cable, you CAN NOT use a normal network cable, OR a crossover cable as they are wired differently! They are wired the opposite way round at each end, for this reason some people (and some documentation) refer to them as rollover cables. They are usually Pale blue (or black). Note if you find your console cable is too short you can extend it with a normal network cable coupler and a standard straight through network cable.

Will nelnet remove late payments

On each end of the console cable the wiring is reversed.

Will nelnet remove late payments

Old (Top) and New (Bottom) versions of the Console Cable.

Note: If you don’t have a serial socket on your PC or Laptop you will need a USB to Serial converter (this will need a driver installing to add another COM Port to the PC).

Option 1 Using PuTTY for Serial Access.

1. Connect your console cable, then download and run PuTTy. (I’m assuming you are using the COM1 socket on your machine, if you have multiple serial sockets then change accordingly).

2. By default PuTTy will connect with the correct port settings, if you want to change the settings see the option I’ve indicated below. Simply select Serial and then ‘Open’.

3. You will be connected. (Note: The password you see me entering below is the enable password).

Option 2 Using HyperTerminal for Serial Access

1. Connect your console cable, then download install and run HyperTerminal. (Note: With Windows XP and older it’s included with Windows, look in > All Programs > Communications). Give your connection a name > OK.

2. Change the ‘Connect Using’ option to COM1 > OK.

3. Set the connection port settings from top to bottom, they are, 9600, 8, None, 1, None > Apply > OK.

4. You will be connected. (Note: The password you see me entering below is the enable password).

Connecting to a Cisco Firewall via Telnet

To connect via telnet, the IP address you are connecting from (or the network you are in) has to have been granted access. If you cannot access the firewall using Telnet then you will need to connect via a console cable. Note Windows 7/2008/Vista needs to have telnet added.

Option 1 Use Windows Telnet Client for Firewall Access

1. Ensure you have a network connection to the firewall and you know its IP address > Start.

2. In the search/run box type cmd .

3. Execute the telnet command followed by the IP address of the firewall.

4. Enter the telnet password (default password is cisco).

Option 2 Use PuTTy for Telnet Firewall Access

1. Ensure you have a network connection to the firewall and you know its IP address > Launch PuTTy.

2. Select Telnet > Enter the IP address of the firewall > Open.

3. Enter the telnet password (default password is cisco).

Option 2 Use HyperTerminal for Telnet Firewall Access

1. Ensure you have a network connection to the firewall and you know its IP address > Launch HyperTerminal.

2. Give the connection a name > OK.

3. Change the ‘Connect using’ section to TCP/IP (Winsock) > Enter the IP address of the firewall > OK.

4. Enter the telnet password (default password is cisco).

Connect to to a Cisco Firewall via Web Browser

Also to access via this method you need to know the firewall’s “Enable Password”. If you use a proxy server then you will need to remove it from the browser settings while you carry out the following. Ensure also that you have Java installed and working.

1. Ensure you have a network connection to the firewall and you know its IP address > launch your web browser.

2. If you are using IE7 (or newer) you will need to click “Continue to this web site (not Recommended)”. IE6 Users will see this instead.

3. Click “Run ASDM” (older versions say ‘Run ADSM Applet’). Note: for information on the other option ‘Install ASDM launcher…’ see connecting via ASDM).

The Startup Wizard is for setting up a new firewall, I don’t recommend you ever use this unless you follow this guide.

4. You might receive a few Java warning messages, answer them in the affirmative.

6. Enter the ‘Enable’ password > OK.

7. You will be connected.

Connecting to a Cisco Firewall via SSH

To connect via SSH the IP address of the PC you are on, (or the network it is in) needs to have been allowed SSH Access in the firewall’s configuration. You will also need an SSH Client, I prefer PuTTy because its free and works.

Note: After version 8.4 you can only access the Cisco ASA using AAA authentication, see here. Prior to version 8.4 you can use the username of ‘pix’ and the firewall’s telnet password.

1. Ensure you have a network connection to the firewall and you know its IP address > Launch PuTTy.

2. Tick SSH > enter the IP address of the firewall > Open.

3. The first time you connect you will be asked to accept the certificate > Yes.

4. You will be connected, supply the username and password configured for AAA access., (or username pix and the telnet password if you are older than version 8.4).

Connecting to a Cisco Firewall via ASDM Client Software

As the name implies you need a v7 (or newer) firewall running ASDM for this to work рџ™‚ Essentially this is just a “Posh” front end for the firewall’s internal web server, so the same rules apply, the http server must be enabled, the PC you are on (or the network it’s in) need to be allowed https access to the firewall. Also you will need to know the enable password.

1. Ensure you have a network connection to the firewall and you know its IP address > launch your web browser.

2. If you are using IE7 (or newer) you will need to click “Continue to this web site (not Recommended)”. IE6 Users will see this instead.

3. Select ‘Install ASDM Launcher and Run ASDM’.

4. The username is usually blank (unless you are using AAA), and you will need to enter the enable password.

5. Run (or save if you want to install manually later).

6. Accept all the defaults.

7. The ASDM, will once again ask for the password. (By default it will place a shortcut on the desktop for the next time you need to access the firewall).

8. The ASDM will launch and you will be connected.

Connecting to a Cisco Firewall via Pix Device Manager

1. Open your web browser and navigate to the following,

Note if you are using IE7 (or newer) you will need to click “Continue to this web site (not Recommended)”.

IE6 Users will see this instead

2. If Prompted leave the username blank, and the password is the firewall’s enable password.

Note if you are using AAA you might need to enter a username and password.

3. You will see this.

4.You might receive a few Java warning messages, answer them in the affirmative, on some newer versions of Java you may also need to enter the password a second time.

5. The PDM opens. You are successfully connected.


will nelnet remove late payments

This article shows how to enable Telnet support in those Network Camera Servers this isn't enabled by default.

For development it might be useful to connect to the Network Camera by Telnet. Depending on what product is used, this is either enabled by default and have authentication or can be enabled by editing the /etc/inittab. If the product require editing of the /etc/inittab, there will be no authentication for the Telnet connection and no password will be required for access.

You should enable this option for experimental use only. Never leave the Telnet access enabled when having the Network Camera installed on a public site.

Open an ftp session towards the Network Camera and type the command viewed in bold below:

C:\Axis >ftp <ip address of camera>

Connected to <ip address of camera>

220 Axis 2100 Network Camera 2.12 Feb 05 2001 ready.

User (<ip address of camera>:(none)): root

331 User name okay, need password.

Password: pass (if not changed from default)

230 User logged in, proceed.

200 Command okay.

150 Opening data connection.

226 Transfer complete.

ftp: 1380 bytes received in 0,01Seconds 138,00Kbytes/sec.

At this stage, open the downloaded inittab file in an editor and find the following line:

Remove the preceding ”#”:

Go back to the ftp session and continue:

ftp> put inittab

200 Command okay.

150 Opening data connection.

226 Transfer complete.

ftp: 1414 bytes sent in 0,00Seconds 1414000,00Kbytes/sec.

250 Command successful.

Restart the camera and it will be possible to access with Telnet.

Axis does not take any responsibility for how these configuration changes may affect your system. If the modification fails or if you get other unexpected results, you may have to restore the factory default settings as described in the User’s Manual.


Router Expert: Understanding reverse telnet and IOS terminal lines

  • Share this item with your network:

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

Configuring out-of-band (OOB) terminal services on a 26xx or 3xxx series routers is one of those tasks that on.

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

the face seems quite simple, but becomes far more involved once you start. The reason for this lies not in the configuration of the terminal server to support DTE to DTE connections between itself and the connected devices. Rather it is in the administrative elements (i.e., defining user access, user authentication, and device access control) of the configuration that make deploying an OOB terminal server a challenge. This article will focus on how users interact with the terminal server and its connected devices through the use of:

  • Reverse telnet
  • Line and group rotaries
  • Terminal line interfaces

The easiest way to get your arms around the concept of reverse telnet is to start with the concept of forward telnet. Forward telnet is what's commonly referred to as "telnet.9quot; It is the process in which a line on the router accepts a connection on a terminal line interface. In other words, this is "normal9quot; telnet. The client opens a telnet session, the server accepts the session, and client now has a virtual terminal on the server. The key idea here is that the session is accepted into the line. This same idea holds true when using SSH to open a session (so in these instances the term "forward SSH" would apply). Here is a simple illustration:

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

The reverse telnet (and by extension reverse SSH) process is one in which a connection is established out of a terminal line, thus allowing communication to take place between a client and a directly connected upstream device. Here is another illustration:

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

Will nelnet remove late payments

Along with the session path, the other critical difference between forward telnet and reverse telnet is authentication. In order for a forward session to be opened, the IOS requires authentication to be in place and successful for the session to be established. When a reverse session is opened, the IOS provides the capability, but does not require authentication for the session to be established. Reverse telnet/SSH is how users interact with the devices connected to the terminal server's async line or the auxiliary line. Reverse telnet/SSH support is enabled using the line configuration command <transport input >. Here is a configuration example:

To connect using reverse telnet (SSH), you need to know the IP address of the terminal server hardware interface (or loopback interface) and the rotary group. The IOS uses rotaries to provide connectivity to line interfaces.

There are two types of rotaries: rotary groups and rotary lines. Rotary groups are used to provide connection access to one or more router line interfaces. The number of rotary groups a router can support depends on the hardware and IOS version. The base TCP port for group rotaries starts at 3000. To connect to a rotary group, a reverse telnet session is established to the TCP base port plus the rotary group number. For example, if the rotary group number is 47, the connection service port would be 3047. The most common use of rotary groups is for creating a dial-out modem pool. A group of async lines attached to modems are grouped to a single connection port. Users establish reverse telnet sessions to the rotary group. Then, once connected, the rotary group routes the session to a free group member.

Line rotaries behave the same way as group rotaries, except only a single line interface is associated with a line rotary. The TCP base port for line rotaries is 2000. To connect to a line rotary, a reverse telnet session is opened to the TCP base port 2000 plus the line number. So to connect to a device attached to async line 1, the line rotary port would be 2001. To connect to the device attached to line 1, a telnet connection to one of the router's IP interfaces at port 2001 needs to be opened.

If SSH support has been configured, the same holds true. An SSH client connection to port 2001 must be opened:

Understanding IOS terminal (Tty) lines

Once you understand how rotaries work, it becomes immediately apparent why understanding IOS terminal lines is important. The IOS supports four types of terminal lines: console, async, auxiliary and virtual. Each IOS line type has its own unique function, personality and purpose. The IOS uses line interfaces to provide asynchronous communication for IOS command-line interface (CLI) access and protocol-based data transmission. The IOS supports four types of terminal lines, but every line type is not supported in every hardware family. To see the terminal lines available on any given router, use the command <show line>. Here is the command output from a 2600 router with a NM-16A installed:

The <show line> command lists the available (and non-available) Tty lines by number, type, speed, and rotary, and provides stats on usage and operational state. (The * indicates the line is active.) The 2600 family is one of the three hardware lines (along with the 25xx and 3x00 series) that supports all four line types:

CTY: The console line provides hardware level CLI access. Wired as a DTE line without any handshaking support, it supports speeds up to 9600 baud. The CTY port is always Tty 0. The console port does not support reverse connections.

AUX : The auxiliary port provides a DTE asynchronous line for dial-in/dial-out support. The Aux line supports DTE to DCE handshaking and is capable of connection rates up to 115,200 baud (36,600 on lower end hardware). The AUX line Tty line number differs depending on whether the router hardware supports asynchronous serial lines, but the AUX line is always numbered as the last physical Tty port. The AUX line supports reverse connections through a line rotary with a base TCP port of 2000. This table list AUX line rotaries for the different hardware platforms:


Will a credit card company remove late payments from your account if you call them?

Would you like to merge this question into it?

already exists as an alternate of this question.

Would you like to make it the primary and merge this question into it?

Will nelnet remove late payments

Do credit card payments go into your account immediately or do you have to wait to receive payment from the credit card company?

How can you make the credit card company reopen an account and remove 'closed by credit grantor' from your credit report?

Will nelnet remove late payments

How can you dispute the late payment and overlimit fee on your credit card?

Will nelnet remove late payments

Can a credit card company charge off an account when they are receiving monthly payments?

Will nelnet remove late payments

Can you call your credit card company and have them freeze the account to stop incurring interest and have your payments go towards the principal?

Will nelnet remove late payments

What is the max charge for a late credit card payment?

If you authorize a credit card payment from your bank account one time can the card company keep removing money electronically without your permission?

Will nelnet remove late payments

After how many years are late payments removed I have credit cards in good standing with late payments from 082001 and 052002?

Will nelnet remove late payments

Can a credit repair company really help you remove your late payments from your credit history just by paying them a small fee of 600 plus?

Will nelnet remove late payments

Should I call my credit card company and let them know I will be a couple weeks late on the payment?

Will nelnet remove late payments

Can you call a credit card company before you are late to tell them you will not be able to keep making your minium payment?

Will nelnet remove late payments

Can a credit card company sue you after four late payments?

How late do you have to be on credit card payments for them to take action?

Will nelnet remove late payments

Can you remove a late payment from a credit report?

Will nelnet remove late payments

How do you remove late payments from a credit report?

Will nelnet remove late payments

If you quit paying credit card companies can they intercept PAYMENT FROm your checking account?

Will nelnet remove late payments

When do credit card companies report late payments to the credit bureaus?

Will nelnet remove late payments

Can you get a late payment removed from your credit report?

Will nelnet remove late payments

Can the credit card company charge a late fee the same day the credit card payment is due?

Will nelnet remove late payments

Can late payments be removed from your credit report?

Will nelnet remove late payments

Can you sue a credit card company for not removing a fraudulent account from your credit report?

Can 30-60 days late payment history be disputed or removed from your credit report after the account has been closed?