The IP address of BMS (Windows) server is 172.16.10.2, the user (172.16.65.66) telnet to the server remotely by SSH: telnet 172.16.10.2 9819, but when he login the TL1 interface:
Connected to 172.16.10.2 (172.16.10.2).
Escape character is '^]'.
0 2008-07-09 14:30:46
M 101 DENY
EN=76546023 ENDESC=The login address is not in the system ACL, please consult the administrator
1. Conact customer to get to know the the network diagram like the following.
SSH client(the first nat ip) ---- SSH server ---- Firewall(the secornd nat ip) ---- NMS server
(1)On the SSH server, the IP address of SSH client is translated to another IP address (the first NAT)
(2)On the firewall, the IP address of NMS server is translated to another IPaddress (the second NAT)
2. Add both the first NAT ip and second NAT ip to the BMS N2000 ACL policy.
then the problem was solved.
1. Do the same test at another different BMS server using the SSH client. it's normal. this mean the SSH telnet funcintion is ok.
2. It is possible that the root cause is the ACL configuration
Please check all the details for the same problem,especially the network diagram