SSH on 2950 Series

E1or0 · December 2009

is there any ( cryptographic software image ) available for the 2950 switch to implement ssh ? I'ved look in cisco.com i haven't been able to find any

jason_lunde · December 2009

There is, I have it implemented on mine. Use the software advisor on this page. You do have to have a CCO login though. Sorry, I am to lazy to boot my switches to see the image name.

Support Tools & Resources - Cisco Systems

ColbyG · December 2009

Look for k9.

E1or0 · December 2009

jason_lunde I tried downloading the tool but this is what I'm getting in return

Forbidden File or Application

The file or application you are trying to access may require additional entitlement or you are trying to access a file with an invalid name. Additional entitlement levels are granted based on a users relationship with Cisco on a per-application basis.
If you feel you have reached this page in error, please try one of the following methods to locate your document:

If you are manually entering the URL into your browser location bar, be sure to include the file name of the page you are trying to access (file names typically end in .htm, .html or .shtml).
Use the Search feature located in the upper right section of this page.
Return to the Cisco.com Home or select a primary site area from the top navigation bar.
Consult with your Cisco Account Manager to confirm you have the appropriate entitlement to access this page.

If you would like to contact someone about this problem, please click on the Contacts & Feedback link below.

I have a CCO account it seems liek is not working for me anymore, is this image standard for every 2950 switch? or there is different versions ???

Colby K9? What is that exactly can you be more specific

Thank you guys

E1or0 · December 2009

Colby nice job on that blog of yours by the way

mikej412 · December 2009

Log in to your guest level CCO account first.

Then go to the software download link
... then Switches
... then LAN Switches
... then Cisco Catalyst 2950.... yada yada yada
... then IOS software
... then pick your release and then one of the K9 feature sets

I just tried the tar file with the 2950 web stuff "download now" option, etc... non-java, accept, click the 3rd download link again, etc.... and it worked for me with my guest level account.

E1or0 · December 2009

Mike I was able to download the latest release of the IOS image now when it comes to doing a back up of my existing IOS on the switch to a ftpt server and reloading the new one how i would do that? I know how to do it on layer 3 ( Router ) I have never done it on a switch, will be first time, the way I have the switch connected is port 1 of the switch to the Ethernet port of my router.

when I try to ping the Ethernet interface of the router from the pc that i have connected to the switch is timing out, if you have time Mike give me a hand here, I was able to download the image, I just need to back up the existing one and reload the new one

Thanks in advance Guys

E1or0 · December 2009

Switch#copy flash:c2950-i6q4l2-mz.121-13.EA1.bin tftp
Address or name of remote host []? 192.168.20.2
Destination filename [c2950-i6q4l2-mz.121-13.EA1.bin]?
%Error opening tftp://192.168.20.2/c2950-i6q4l2-mz.121-13.EA1.bin (Socket error)

I'm half way now Mike I'm able to ping from router to PC and from PC to router's Ethernet interface with the switch in between, ( I had my Router OFF Haha !!! Unbelievable

) Now I'm stuck with this error that I'm getting Am I doing something wrong here?

ConstantlyLearning · December 2009

E1or0 wrote: »

I'm half way now Mike I'm able to ping from router to PC and from PC to router's Ethernet interface with the switch in between, ( I had my Router OFF Haha !!! Unbelievable ) Now I'm stuck with this error that I'm getting Am I doing something wrong here?

t.f.t.p server running yeah?

E1or0 · December 2009

Yup T.F.T.P Server already running I'm able to ping it fine

mikej412 · December 2009

Which t.ftp server? Is security on it set to allow uploads?

Are you pinging from the switch to the t.ftp server? Or the t.ftp server to the switch? Either way -- could still be a PC firewall issue.

E1or0 · December 2009

This is the layout

Router Ethernet Interface

Switch Port 1

PC

Switch Port 11

PC ( Switch in Between ) Router

From the router console I'm able to ping the t.f.t.p server fine, before I was not able due to my firewall i already disable the firewall

From pc I'm able to ping Router's Ethernet interface fine

there is communication through the switch between t.f.t.p server and router, I don't see a reason for this output that I'm getting when i try to send a copy of my existing switch IOS to the server

again I'm able to ping forth and back just fine

t.f.t.p server security settings are set to send and receive files no firewall is running right now

By the way from the switch console I'm not able to ping PC neither Router Ethernet Interface, could this be the problem?

elegua · December 2009

E1or0 wrote: »

This is the layout

Router Ethernet Interface
Switch Port 1

PC
Switch Port 11

PC ( Switch in Between ) Router

From the router console I'm able to ping the t.f.t.p server fine, before I was not able due to my firewall i already disable the firewall

From pc I'm able to ping Router's Ethernet interface fine

there is communication through the switch between t.f.t.p server and router, I don't see a reason for this output that I'm getting when i try to send a copy of my existing switch IOS to the server

again I'm able to ping forth and back just fine

t.f.t.p server security settings are set to send and receive files no firewall is running right now

By the way from the switch console I'm not able to ping PC neither Router Ethernet Interface, could this be the problem?

I just did a password recovery and update to one of my 2950 20 min ago and this is what i did:

Switch: assigned an ip address to vlan 1 in the same subnet that my router and PC, ping PC (from the switch) and got a respond.

used this cmd: copy tftp: flash: and followed the steps, got my new IOS installed and switch is running just fine.

Before install the new IOS erase the old IOS because you'll running out of space, just do: delete flash:name_of_the_flash

if you need to know the exact name just type dir flash:

Try that and see what happen.

Hope this help.

mikej412 · December 2009

E1or0 wrote: »

By the way from the switch console I'm not able to ping PC neither Router Ethernet Interface, could this be the problem?

Yes, that's a problem.

Have you configured the "administrative vlan" on the switch? Usually you just use the default VLAN 1 and do the interface vlan 1 command and then the ip address .... command. Otherwise you won't be able to access the rest of the network. You'd also usually add the ip default gateway on the switch so that it could access/be accessed from other networks.

E1or0 · December 2009

I just did that, yup I forgot to configure an ip address on my vlan, I'm still in the learning process guys:) WOW Finally we got a FIX here... Thank you VERY Much Guys you all have been a great help, I already backed up my existing IOS image, the new image comes with a html directory should I replaced the existing HTML directory with the new one as well or doesn't really matter?

if the html directory needs to be replaced with the new one how is it to copy the entire directory to the t.f.t.p server instead of going file per file inside that directory

mikej412 · December 2009

There is an archive command on the switch that you use to update/upgrade the switch IOS and html files from the tar archive on the t-ftp server.

Upgrading Software Images on Catalyst 2950 and 2955 Series Switches Using the Command Line Interface - Cisco Systems

E1or0 · December 2009

archive tar /xtract tftp://< server ip>/<filename> flash

Thanks Mike

mission accomplished, I ran the archive tar command and everything got dis-compressed just fine, end result I upgraded my 2950 switch to the latest IOS image release, and added couple of new features that I didn't have before, now i can implement ssh which was my main goal for today.

I don't know what I would of done without all the help provided from all of you guys.

mikej412
elegua
ConstantlyLearning
ColbyNA
jason_lunde

I Thank you again

BroadcastStorm · December 2009

E1or0 wrote: »

archive tar /xtract tftp://< server ip>/<filename> flash

Thanks Mike mission accomplished, I ran the archive tar command and everything got dis-compressed just fine, end result I upgraded my 2950 switch to the latest IOS image release, and added couple of new features that I didn't have before, now i can implement ssh which was my main goal for today.

I don't know what I would of done without all the help provided from all of you guys.

mikej412
elegua
ConstantlyLearning
ColbyNA
jason_lunde

I Thank you again

YAY YAY YAY

veritas_libertas · December 2009

@E1or0: Do you have the URL for the page you found that bin file on? I tried looking and the closest similar name I found was:

c2950-i6q4l2-mz.121-13.EA1.bin

I am hoping to get SSH going on my 2950 soon for CCNA studies. Thanks for bringing up this topic by the way. I didn't think the 2950 had SSH.

MentholMoose · December 2009

veritas_libertas wrote: »

@E1or0: Do you have the URL for the page you found that bin file on? I tried looking and the closest similar name I found was:

c2950-i6q4l2-mz.121-13.EA1.bin

I am hoping to get SSH going on my 2950 soon for CCNA studies. Thanks for bringing up this topic by the way. I didn't think the 2950 had SSH.

The image file from his Trivial File Transfer Protocol (anyone know why this acronym is censored??) error log is his old one that doesn't support SSH, so don't look for that one. It doesn't appear to be available for download any more anyway (you can check by accessing the Cisco Feature Navigator, choosing "Search by Image" and inputting the filename).

To find the software you're looking for, you should use the Cisco Feature Navigator. In this case you would choose "Search by Feature", search for "SSH" in the feature list and choose version 1 or 2 server support and submit it. On the next page choose the platform (CAT2950) and you will get a list of software images for the 2950 that has SSH server support. The newest seems to be "c2950-i6k2l2q4-mz.121-22.EA13.bin" which supports both a version 1 and 2 SSH server. Click on the filename, choose "Image Download", and follow the instructions to download it.

Alternatively, access the Download Software page, go to Switches, log on, find your 2950 switch, choose IOS Software, and under Latest Releases you will find a bin file (or the tar if you want the web interface) with the description "C2950 EI AND SI IOS CRYPTO IMAGE". Follow the instructions to download it.

veritas_libertas · December 2009

MentholMoose wrote: »

To find the software you're looking for, you should use the Cisco Feature Navigator. In this case you would choose "Search by Feature", search for "SSH" in the feature list and choose version 1 or 2 server support and submit it. On the next page choose the platform (CAT2950) and you will get a list of software images for the 2950 that has SSH server support. The newest seems to be "c2950-i6k2l2q4-mz.121-22.EA13.bin" which supports both a version 1 and 2 SSH server. Click on the filename, choose "Image Download", and follow the instructions to download it.

Okay, that is the one I downloaded. That should be perfect

Thanks for the help!

SSH on 2950 Series

Comments