Connecting to my switch remotely?

gizbuggizbug Member Posts: 14 ■□□□□□□□□□
in CCNA & CCENT
I setup my cisco 2950 for SSH and Telnet access.
I have my switch plugged into my Asus 87R router.

From my Mac laptop, I go into terminal (as I don't know a good alternative to Putty on Mac), type SSH and my host name (I setup a DDNS through no-ip.com) but I can't connect. Get something about port 22. I have port 22 on my router forwarded using my computers internal IP address.

What am I missing?
· Share on FacebookShare on Twitter

Comments

  • DCDDCD Member Posts: 475 ■■■■□□□□□□
    Show your configuration for your VTY line and can you connect from the inside of your network? And what was the exact error message.
    · Share on FacebookShare on Twitter
  • Jon_CiscoJon_Cisco Member Posts: 1,772 ■■■■■■■■□□
    Test your settings internally and make sure your isp does not block any of the ports you are trying to use.

    I don't know anything about the router your using but testing it internally is the first thing that comes to mind.
    · Share on FacebookShare on Twitter
  • gizbuggizbug Member Posts: 14 ■□□□□□□□□□
    DCD wrote: »
    Show your configuration for your VTY line and can you connect from the inside of your network? And what was the exact error message.

    I can connect internally via putty via Serial, but SSH, not internally either. I guess Ill have to run back through this lesson and find out whats wrong....



    line con 0
    exec-timeout 0 0
    password 7 14141B180F0B
    logging synchronous
    login
    line vty 0 4
    password 7 14141B180F0B
    login
    line vty 5 15
    password 7 14141B180F0B
    login
    · Share on FacebookShare on Twitter
  • DCDDCD Member Posts: 475 ■■■■□□□□□□
    You will nee to add this command to your vty lines, And have you configured the switch for SSH?
    (config)#line vty 0 4
    (config-line)#transport input ssh
    · Share on FacebookShare on Twitter
  • gizbuggizbug Member Posts: 14 ■□□□□□□□□□
    I think I found my issue.

    show ip int brief shows

    Vlan1 192.168.1.202 YES manual up up
    FastEthernet0/1 unassigned YES unset administratively down down
    FastEthernet0/2 unassigned YES unset administratively down down
    FastEthernet0/3 unassigned YES unset administratively down down
    FastEthernet0/4 unassigned YES unset administratively down down
    FastEthernet0/5 unassigned YES unset administratively down down
    FastEthernet0/6 unassigned YES unset administratively down down
    FastEthernet0/7 unassigned YES unset administratively down down
    FastEthernet0/8 unassigned YES unset administratively down down
    FastEthernet0/9 unassigned YES unset administratively down down
    FastEthernet0/10 unassigned YES unset administratively down down
    FastEthernet0/11 unassigned YES unset down down
    FastEthernet0/12 unassigned YES unset down down
    FastEthernet0/13 unassigned YES unset down down
    FastEthernet0/14 unassigned YES unset down down
    FastEthernet0/15 unassigned YES unset down down
    FastEthernet0/16 unassigned YES unset down down
    FastEthernet0/17 unassigned YES unset down down
    FastEthernet0/18 unassigned YES unset down down
    FastEthernet0/19 unassigned YES unset down down
    FastEthernet0/20 unassigned YES unset down down
    FastEthernet0/21 unassigned YES unset down down
    FastEthernet0/22 unassigned YES unset down down
    FastEthernet0/23 unassigned YES unset down down
    FastEthernet0/24 unassigned YES unset down down

    Since they are all down, if my ethernet is from one of those ports, to my router, that may be the issue. So I have to retrace my notes, and figure out how to ENABLE/UP their status and protocol. I can also telnet in locally/remotely, just not SSH, so it's narrowing down the field somewhat
    · Share on FacebookShare on Twitter
  • clarsonclarson Member Posts: 903 ■■■■□□□□□□
    to have ssh work you will need to issure a crypto key command. and for the crypto key command to work you have to set an ip domain name.
    · Share on FacebookShare on Twitter
  • JeanMJeanM Member Posts: 1,117
    gizbug wrote: »
    I think I found my issue.

    show ip int brief shows

    Vlan1 192.168.1.202 YES manual up up
    FastEthernet0/1 unassigned YES unset administratively down down
    FastEthernet0/2 unassigned YES unset administratively down down
    FastEthernet0/3 unassigned YES unset administratively down down
    FastEthernet0/4 unassigned YES unset administratively down down
    FastEthernet0/5 unassigned YES unset administratively down down
    FastEthernet0/6 unassigned YES unset administratively down down
    FastEthernet0/7 unassigned YES unset administratively down down
    FastEthernet0/8 unassigned YES unset administratively down down
    FastEthernet0/9 unassigned YES unset administratively down down
    FastEthernet0/10 unassigned YES unset administratively down down
    FastEthernet0/11 unassigned YES unset down down
    FastEthernet0/12 unassigned YES unset down down
    FastEthernet0/13 unassigned YES unset down down
    FastEthernet0/14 unassigned YES unset down down
    FastEthernet0/15 unassigned YES unset down down
    FastEthernet0/16 unassigned YES unset down down
    FastEthernet0/17 unassigned YES unset down down
    FastEthernet0/18 unassigned YES unset down down
    FastEthernet0/19 unassigned YES unset down down
    FastEthernet0/20 unassigned YES unset down down
    FastEthernet0/21 unassigned YES unset down down
    FastEthernet0/22 unassigned YES unset down down
    FastEthernet0/23 unassigned YES unset down down
    FastEthernet0/24 unassigned YES unset down down

    Since they are all down, if my ethernet is from one of those ports, to my router, that may be the issue. So I have to retrace my notes, and figure out how to ENABLE/UP their status and protocol. I can also telnet in locally/remotely, just not SSH, so it's narrowing down the field somewhat


    If you can telnet locally/remotely, then it's not the interface/protocol up/down status .
    2015 goals - ccna voice / vmware vcp.
    · Share on FacebookShare on Twitter
  • gizbuggizbug Member Posts: 14 ■□□□□□□□□□
    clarson wrote: »
    to have ssh work you will need to issure a crypto key command. and for the crypto key command to work you have to set an ip domain name.

    I have issue a crypto key command, and set an ip domain name. Can you explain exactly what the ip domain is and what it does? When I think Domain name, i think of a website name that I use when I open up a web browser such as IE.

    BTW, I reentered my SSH info (host,ip,username,reissue crypto key, login local) and now I can ssh in =)
    · Share on FacebookShare on Twitter
  • JeanMJeanM Member Posts: 1,117
    Check this out, step by step and explanations.

    Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX - Configuring Secure Shell (SSH) [Cisco Catalyst 2960-X Series Switches] - Cisco





    Step 4
    ip domain-name domain_name


    Example:
    Switch(config)# ip domain-name your_domain
    Configures a host domain for your Switc


    2015 goals - ccna voice / vmware vcp.
    · Share on FacebookShare on Twitter
  • spacenoxxspacenoxx Member Posts: 28 ■□□□□□□□□□
    Can you ping your switch. If all interfaces are down how is your switch connected to your Router?
    · Share on FacebookShare on Twitter
Sign In or Register to comment.