Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2385
Views
0
Helpful
1
Replies

9300 Catalyst switch ssh access and management port

cyberops123
Level 1
Level 1

‎09-20-2018 09:00 PM

 Hi 

 

I am currently working on 9300 switches for DMZ network upgrade and I have couple questions regarding this switch .

 1-Does anyone know if the control plane and data plane are seperated completed or together on this switch ? cause I see there is a management interface in the back and we are planning to use that port giving  IP address connecting to internal Core switch for access .I just wanna make sure we dont create security issue here .

 

2-I configured ssh access on this switch and I am only able to ssh from management port and getting ssh error from network ports for some reason. they are all in vlan 1 and I basically created SVI for VLAN 1 with giving iP address but when I test with my laptop directly connecting , I get ssh error however I am able to ping management interface .

I also check line vty access list and there is nothing blocking on that .

 

Any idea what might be the issue ?

 

I would appreciate if I get help on my questions 

 

Thanks again 

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎09-21-2018 12:29 AM

Management port can be use for OOB Management purpose.

 

For your case you need to take some extra steps, Since this DMZ.

 

1. Make sure this connecting port is secure and only given access IP range can only access.

2. VLAN 1 is bad idea, suggest to use any other VLAN.

3. SSH error, what is the error you getting ? have you created RSA keys ?

 

post full configuration.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents