Connecting to my switch remotely?

gizbug

I setup my cisco 2950 for SSH and Telnet access.
I have my switch plugged into my Asus 87R router.

From my Mac laptop, I go into terminal (as I don't know a good alternative to Putty on Mac), type SSH and my host name (I setup a DDNS through no-ip.com) but I can't connect. Get something about port 22. I have port 22 on my router forwarded using my computers internal IP address.

What am I missing?

DCD

Show your configuration for your VTY line and can you connect from the inside of your network? And what was the exact error message.

Jon_Cisco

Test your settings internally and make sure your isp does not block any of the ports you are trying to use.

I don't know anything about the router your using but testing it internally is the first thing that comes to mind.

gizbug

DCD wrote: »

Show your configuration for your VTY line and can you connect from the inside of your network? And what was the exact error message.

I can connect internally via putty via Serial, but SSH, not internally either. I guess Ill have to run back through this lesson and find out whats wrong....



line con 0
exec-timeout 0 0
password 7 14141B180F0B
logging synchronous
login
line vty 0 4
password 7 14141B180F0B
login
line vty 5 15
password 7 14141B180F0B
login

DCD

You will nee to add this command to your vty lines, And have you configured the switch for SSH?
(config)#line vty 0 4
(config-line)#transport input ssh

gizbug

I think I found my issue.

show ip int brief shows

Vlan1 192.168.1.202 YES manual up up
FastEthernet0/1 unassigned YES unset administratively down down
FastEthernet0/2 unassigned YES unset administratively down down
FastEthernet0/3 unassigned YES unset administratively down down
FastEthernet0/4 unassigned YES unset administratively down down
FastEthernet0/5 unassigned YES unset administratively down down
FastEthernet0/6 unassigned YES unset administratively down down
FastEthernet0/7 unassigned YES unset administratively down down
FastEthernet0/8 unassigned YES unset administratively down down
FastEthernet0/9 unassigned YES unset administratively down down
FastEthernet0/10 unassigned YES unset administratively down down
FastEthernet0/11 unassigned YES unset down down
FastEthernet0/12 unassigned YES unset down down
FastEthernet0/13 unassigned YES unset down down
FastEthernet0/14 unassigned YES unset down down
FastEthernet0/15 unassigned YES unset down down
FastEthernet0/16 unassigned YES unset down down
FastEthernet0/17 unassigned YES unset down down
FastEthernet0/18 unassigned YES unset down down
FastEthernet0/19 unassigned YES unset down down
FastEthernet0/20 unassigned YES unset down down
FastEthernet0/21 unassigned YES unset down down
FastEthernet0/22 unassigned YES unset down down
FastEthernet0/23 unassigned YES unset down down
FastEthernet0/24 unassigned YES unset down down

Since they are all down, if my ethernet is from one of those ports, to my router, that may be the issue. So I have to retrace my notes, and figure out how to ENABLE/UP their status and protocol. I can also telnet in locally/remotely, just not SSH, so it's narrowing down the field somewhat

clarson

to have ssh work you will need to issure a crypto key command. and for the crypto key command to work you have to set an ip domain name.

JeanM

gizbug wrote: »

I think I found my issue.

show ip int brief shows

Vlan1 192.168.1.202 YES manual up up
FastEthernet0/1 unassigned YES unset administratively down down
FastEthernet0/2 unassigned YES unset administratively down down
FastEthernet0/3 unassigned YES unset administratively down down
FastEthernet0/4 unassigned YES unset administratively down down
FastEthernet0/5 unassigned YES unset administratively down down
FastEthernet0/6 unassigned YES unset administratively down down
FastEthernet0/7 unassigned YES unset administratively down down
FastEthernet0/8 unassigned YES unset administratively down down
FastEthernet0/9 unassigned YES unset administratively down down
FastEthernet0/10 unassigned YES unset administratively down down
FastEthernet0/11 unassigned YES unset down down
FastEthernet0/12 unassigned YES unset down down
FastEthernet0/13 unassigned YES unset down down
FastEthernet0/14 unassigned YES unset down down
FastEthernet0/15 unassigned YES unset down down
FastEthernet0/16 unassigned YES unset down down
FastEthernet0/17 unassigned YES unset down down
FastEthernet0/18 unassigned YES unset down down
FastEthernet0/19 unassigned YES unset down down
FastEthernet0/20 unassigned YES unset down down
FastEthernet0/21 unassigned YES unset down down
FastEthernet0/22 unassigned YES unset down down
FastEthernet0/23 unassigned YES unset down down
FastEthernet0/24 unassigned YES unset down down

Since they are all down, if my ethernet is from one of those ports, to my router, that may be the issue. So I have to retrace my notes, and figure out how to ENABLE/UP their status and protocol. I can also telnet in locally/remotely, just not SSH, so it's narrowing down the field somewhat

If you can telnet locally/remotely, then it's not the interface/protocol up/down status .

gizbug

clarson wrote: »

to have ssh work you will need to issure a crypto key command. and for the crypto key command to work you have to set an ip domain name.

I have issue a crypto key command, and set an ip domain name. Can you explain exactly what the ip domain is and what it does? When I think Domain name, i think of a website name that I use when I open up a web browser such as IE.

BTW, I reentered my SSH info (host,ip,username,reissue crypto key, login local) and now I can ssh in

JeanM

Check this out, step by step and explanations.

Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX - Configuring Secure Shell (SSH) [Cisco Catalyst 2960-X Series Switches] - Cisco





Step 4
ip domain-name domain_name


Example:
Switch(config)# ip domain-name your_domain
Configures a host domain for your Switc

spacenoxx

Can you ping your switch. If all interfaces are down how is your switch connected to your Router?