How to configure an AR router which cannot be logged in to over Telnet

14

If an AR router cannot be logged in to over Telnet, log in to the device over the Console interface for service configuration and configure Telnet. Alternatively, log in to the device by using the web NMS for service configuration and configure Telnet.

Other related questions:
Can an AR router be logged in to over Telnet if Telnet is not enabled
The AR router cannot be loggeFor details about Telnet login moded in to over Telnet if Telnet is not enabled by running the telnet [ ipv6 ] server enable command. configuration on the router.

Failed to telnet to s series switch
For S series switches (except S1700 switches), if you fail to log in to the Telnet server through Telnet, troubleshoot the failure as follows: 1. Check whether the number of login users reaches the upper limit. Log in to the switch through the console port, and run the display users command to check whether all VTY user interfaces are in use. By default, the maximum number of VTY user interfaces is 5. You can run the display user-interface maximum-vty command to check the maximum number of login users allowed by a switch. 2. Check whether an ACL is configured in the VTY user interface view. (Telnet IPv4 is used as an example.) Run the user-interface vty command on the Telnet server to enter the user interface view. Then run the display this command to check whether an ACL is configured in the VTY user interface view. If so, record the ACL number. Run the display acl acl-number command on the Telnet server to check whether the IP address of the Telnet client is denied in the ACL. If so, run the undo rule rule-id command in the ACL view to delete the deny rule, then run the related command to permit the IP address of the client in the ACL. 3. Check whether the access protocol is correctly configured in the VTY user interface view. Note that by default, the switch uses Telnet in V200R006 and earlier versions, so you do not need to configure protocol inbound telnet; the switch uses SSH in V200R007 and later versions, so you must configure protocol inbound telnet if you want to log in through Telnet. Run the user-interface vty command on the Telnet server to enter the user interface view and then run the display this command to check whether protocol inbound is set to telnet or all. (By default, the system supports the SSH protocol.) If protocol inbound is not set to telnet or all, run the protocol inbound { telnet | all } command to allow Telnet users to connect to the switch. 4. Check whether an authentication mode is set for login users in the user interface view. - If password authentication is configured using the authentication-mode password command, you must enter the password upon login. - If AAA authentication is configured using the authentication-mode aaa command, you must run the local-user command to create a local AAA user.

What to do if a WLAN device cannot be logged in through Telnet
For WLAN devices, if an error occurs when you log in to the Telnet server through Telnet, perform the following checks: 1. Check whether the number of users logging in to the server has reached the upper limit. Log in to the server through the console port and run the display users command to check whether all the current VTY channels are occupied. By default, the maximum number of users supported by VTY channels is 5. Run the display user-interface maximum-vty command to query the maximum number of users supported by the current VTY channels. 2. Check whether an ACL is configured in the VTY user interface view. (Telnet IPv4 is used as an example.) On the Telnet server, run the user-interface vty command to enter the user interface view, and then run the display this command to check whether an ACL rule is configured on the VTY user interface. If an ACL rule has been configured, record the ACL number. Run the display acl acl-number command on the Telnet server to check whether the IP address of the Telnet client is denied in the ACL. If the IP address of the client is denied, run the undo rule rule-id command in the ACL view to delete the denial rule, and then run relevant commands to modify the ACL, allowing access of the IP address of the client. 3. Check whether the access protocol configured in the VTY user interface view is correct. On the Telnet server, run the user-interface vty command to enter the user interface view, and then run the display this command to check whether the protocol inbound on the VTY user interface is Telnet or all. If none of these 2 options is selected, run the protocol inbound { telnet | all } command to modify the configurations, allowing Telnet users to access the server. 4. Check whether the login authentication mode is configured in the user interface view. - If the login authentication mode of VTY channels has been configured to password by running the authentication-mode password command, you must enter the password when logging in to the server. - If the authentication mode has been configured to aaa by running the authentication-mode aaa command, you must run the local-user command to create local user AAA.

Telnet account permission configuration method on an AR router
In the user interface view, run the user privilege level command to configure user priorities in the user interface. If the user access permission configured in user interface conflicts with the actual operation permission, the actual operation permission prevails.

Telnet timeout period configuration method on an AR router
In the user interface view, run the idle-timeout < minutes > [< seconds >] command to set user connection timeout period. By default, the user connection timeout period is five minutes. If the period is set to 0 or the value is too long, a terminal will hang in login state, which poses a security risk. You are advised to run a lock command to lock the current connection.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top