cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1004
Views
0
Helpful
4
Replies
pierre512
Beginner

Hi everyone. I'm trying to use SSH for router and switch

I'm trying to do that in cisco paket racer

in switch i have vlan 10 and vlan 20 and in the router port0/0 i used no ip add then i used encapsulation dot1q to share the port with this tow vlan i have. 

i did the SSH in the router and in the switch in vlan1 but now i can go in into the router with a pc who is connected to vlan 10 or 20 but i can't connect the switch

have anyone an answer for why i can't connect the switch with SSH

1 ACCEPTED SOLUTION

Accepted Solutions

because the switch has a different IP address and belongs to VLAN 1

 

On Router, try add below config

 

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.0.0.1 255.255.255.0

no shutdown

 

On SWITCH :

ip default-gateway 10.0.0.1

 

Try Ping from router to 10.0.0.15  - Ping ok ?

Try ping from switch to 10.0.0.1 - Ping ok ?

 

Add RSA Keys for SSH :

 

######### Generate SSH keys :

ip domain-name bb.com  (change what ever you like)
crypto key generate rsa  ( use 1024 or higher for security)

 

Then test from Device to connect to switch.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

4 REPLIES 4
balaji.bandi
VIP Guru

From Vlan 10 and 20 are you able to ping Router IP ?

 

can you post switch side and router relevant config to look ?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Yes i can pin router from vlan 10 and vlan 20

this is the router config

Current configuration : 1297 bytes

!

version 12.2

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname R1

!

!

!

enable secret 5 $1$mERr$3HhIgMGBA/9qNmgzccuxv0

!

!

ip dhcp excluded-address 192.168.1.1

ip dhcp excluded-address 192.168.2.1

!

ip dhcp pool vlan10

network 192.168.1.0 255.255.255.0

default-router 192.168.1.1

ip dhcp pool vlan20

network 192.168.2.0 255.255.255.0

default-router 192.168.2.1

!

!

!

ip cef

no ipv6 cef

!

!

!

username R1 secret 5 $1$mERr$3HhIgMGBA/9qNmgzccuxv0

!

!

!

!

!

!

!

!

ip domain-name R1.se

!

!

!

!

!

!

!

!

interface FastEthernet0/0

no ip address

duplex auto

speed auto

!

interface FastEthernet0/0.10

encapsulation dot1Q 10

ip address 192.168.1.1 255.255.255.0

!

interface FastEthernet0/0.20

encapsulation dot1Q 20

ip address 192.168.2.1 255.255.255.0

!

interface FastEthernet1/0

no ip address

duplex auto

speed auto

shutdown

!

interface Serial2/0

no ip address

shutdown

!

interface Serial3/0

no ip address

shutdown

!

interface FastEthernet4/0

no ip address

shutdown

!

interface FastEthernet5/0

no ip address

shutdown

!

ip classless

!

ip flow-export version 9

!

!

!

!

!

!

!

!

line con 0

!

line aux 0

!

line vty 0 4

login local

transport input ssh

line vty 5 15

login local

transport input ssh

!

!

!

end

 

and this is the switch one

Current configuration : 809 bytes

!

version 12.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname S1

!

enable secret 5 $1$mERr$3HhIgMGBA/9qNmgzccuxv0

!

!

!

ip domain-name S1.se

!

username S1 secret 5 $1$mERr$3HhIgMGBA/9qNmgzccuxv0

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

switchport mode trunk

!

interface FastEthernet1/1

switchport access vlan 10

switchport mode access

!

interface FastEthernet2/1

switchport access vlan 20

switchport mode access

!

interface FastEthernet3/1

!

interface FastEthernet4/1

!

interface FastEthernet5/1

!

interface Vlan1

ip address 10.0.0.15 255.255.255.0

!

!

!

!

line con 0

!

line vty 0 4

login local

transport input ssh

line vty 5 15

login local

transport input ssh

!

!

!

!

end

because the switch has a different IP address and belongs to VLAN 1

 

On Router, try add below config

 

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.0.0.1 255.255.255.0

no shutdown

 

On SWITCH :

ip default-gateway 10.0.0.1

 

Try Ping from router to 10.0.0.15  - Ping ok ?

Try ping from switch to 10.0.0.1 - Ping ok ?

 

Add RSA Keys for SSH :

 

######### Generate SSH keys :

ip domain-name bb.com  (change what ever you like)
crypto key generate rsa  ( use 1024 or higher for security)

 

Then test from Device to connect to switch.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Alvin5
Beginner

How to Enable SSH on Cisco Switch, Router and ASA
  1. Setup Management IP. First, make sure you have performed basic network configurations on your switch. ...
  2. Set hostname and domain-name
  3. Generate the RSA Keys. 
  4. Setup the Line VTY configurations. 
  5. Create the username password. 
  6. Verify SSH access.
  7. My Insite Macy's