Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5538
Views
0
Helpful
7
Replies

telnet, SSH to Switch - Cisco packet tracer

Go to solution
chiragom2341
Level 1
Level 1

‎12-01-2018 05:32 PM

Hi,

 

I am trying to telnet, SSH from PC to switch but not able to access it.

 

Following is the switch config:

 

Switch>en

Password:

Switch#

Switch#show runn

Building configuration...

 

Current configuration : 779 bytes

!

version 12.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

service password-encryption

!

hostname Switch

!

enable secret 5 $1$mERr$lR0f3Y7.dV8twYV5Sw9Wq1

!

!

!

!

username chirag privilege 1 password 7 082244471B180207131F0908

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

!

interface FastEthernet1/1

!

interface FastEthernet2/1

!

interface FastEthernet3/1

!

interface FastEthernet4/1

!

interface FastEthernet5/1

!

interface Vlan1

no ip address

shutdown

!

interface Vlan12

mac-address 0030.f28d.8101

ip address 172.16.24.6 255.255.255.0

!

ip default-gateway 172.16.24.1

!

!

!

!

line con 0

password 7 082244471B1802

!

line vty 0 4

password 7 082244471B1802

login

line vty 5 15

login

!

!

!

end

 

 

The PC IP address: 172.16.24.2/24. PC is directly connected to Switch through copper straight-through cable. The topology is implemented in Cisco Packet Tracer: PC - SWITCH - ROUTER (default gateway)

 

Why I can't do telnet even? I can ping to default gateway successfully (172.16.24.1) from PC. However, I can't ping to switch (172.16.24.6) from PC, it says request time-out.

 

Any assistance would be appreciated in understanding.

 

Thank you.

 

Regards,

Chirag

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to chiragom2341

‎12-02-2018 09:18 PM

Ok now i understand your problem.
Yes vlan 1 is the default vlan and as soon as you connect a device on any unconfigured, it will come up.
When creating a new SVI (interface vlan), you should have a device connected on a port with this VLAN configured, no matter it's an access or trunk port.

Now, to manage a switch, you can multiple solutions:
- use the embedded management port for OOB
Or
- create a svi for your management vlan.

This VLAN will surely be up because something else will be connected to this l2 vlan like a monitoring machine or another device.

There's also the loopback possibility, but you need to route your traffic over an existing svi to reach it.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

0 Helpful
7 Replies 7

Go to solution
chiragom2341
Level 1
Level 1

‎12-01-2018 07:07 PM

Any suggestions, please!

Regards,
Chirag
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to chiragom2341

‎12-01-2018 09:28 PM

Hi
Can you share your packet tracer file to take a look on your design and see what's going on?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
chiragom2341
Level 1
Level 1
In response to Francesco Molino

‎12-02-2018 04:00 AM

Hi Francesco,

 

It's working now. I actually didn't assign the VLAN12 to the switch port which connected to PC. As soon I assigned the port to VLAN12 and telnet worked. It means that SSH would work too (given that I applied the SSH require configuration) as I now have the connectivity.

 

I also assigned an IP address to VLAN1 in the same subnet and tried the telnet but it didn't work. I was hoping that VLAN1 is the default VLAN and it would allow me.

 

What I can see here is that at a time only one VLAN interface IP address is accessible. If the switch has multiple VLAN IP addresses then there is no connectivity if the switch port is not configured properly.

 

In a production network, I am sure, there are multiple VLANs configure in the switch then which one is preferred one for management VLAN? Will there be only one management VLAN at a given time? Can we do telnet or SSH to switch or router through the console?

 

Thank you very much for your time, appreciated!

 

Regards,

Chirag

testing for ssh.zip
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to chiragom2341

‎12-02-2018 05:59 PM

Hi

When you've all vlans, have you tried activating ip routing? I don't know how packet tracer works here but test it and I'm gonna try to install a windows VM to get Packet tracer and test it with your architecture.

If you're connected to console port, you won't need SSH or maybe I miss-understood your question. When connected to console, you can ssh another router if your lines permit it.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
chiragom2341
Level 1
Level 1
In response to Francesco Molino

‎12-02-2018 09:10 PM

Thanks, Francesco!

No routing enable, just static route configured! The main aim was to check, how many virtual interfaces switch can allow at a time to establish the connectivity for management purpose remotely. Suppose, there are 3 virtual interfaces in a switch, namely Interface VLAN2, VLAN3, and VLAN4 and all have the IP addresses assigned to it according to their subnet. However, when we do the telnet or ssh only one VLAN interface is accessible.

I figure out that the virtual interface would activate once it assigns to switch physical port. However, this doesn't apply to VLAN1. I assume that the Virtual Interface VLAN1 always present to all physical ports.

What is the good practice to manage the switch through remotely?

Thank you.
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to chiragom2341

‎12-02-2018 09:18 PM

Ok now i understand your problem.
Yes vlan 1 is the default vlan and as soon as you connect a device on any unconfigured, it will come up.
When creating a new SVI (interface vlan), you should have a device connected on a port with this VLAN configured, no matter it's an access or trunk port.

Now, to manage a switch, you can multiple solutions:
- use the embedded management port for OOB
Or
- create a svi for your management vlan.

This VLAN will surely be up because something else will be connected to this l2 vlan like a monitoring machine or another device.

There's also the loopback possibility, but you need to route your traffic over an existing svi to reach it.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
Dennis Mink
VIP Alumni
VIP Alumni

‎12-01-2018 10:22 PM

also stick the "transport input telnet ssh: on your vty 04  config. and create general RSA keys for ssh, but see if you can get it to work wioth telnet first

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents