Solved: c3560 switch is not allowing telnet or SSH

Bienvenu Ngala · ‎10-09-2012

Hi,

I have got my ccna voice lab configured and is up and running, my switch is configured with 2 differents Vlans (Data & Voice) and the fa 0/1 is configured as trunk port connecting to the CME router. I can telnet or ssh to all the devices on the network but only the switch in not accepting the request the only message I am getting is "request timeout".

Please could someone help me with the correct set up procedure.

Best regards,

John Blakley · ‎10-09-2012

Are you connecting your computer directly to this switch and trying to telnet? The problem I believe is that all of your switchports (at least from what I see) are configured for vlan 10. There isn't a vlan 10 interface to route between vlan 10 and vlan 1.

Try this:

On one port that you'll connect your PC to, make that an access port to vlan 1. Then change your address on your pc to 192.168.1.10 255.255.255.0 Gateway 192.168.1.7.

Then see if you can ping and telnet into the switch. If so, and you're wanting your pc to be on vlan 10, you'll need to create a L3 svi for it:

int vlan 10

ip address x.x.x.x 255.255.255.0

Then you should be able to route between everything.

HTH,

John

HTH, John *** Please rate all useful posts ***

View solution in original post

Sandeep Choudhary · ‎10-09-2012

can you show your config of the switch?

just check:

Router_or_Switch#

`02`	`Router_or_Switch#configure terminal`

`03`	`Enter configuration commands, one per line. End with CNTL/Z.`

`04`	`Router_or_Switch(config)#line vty 0 4`

`05`	`Router_or_Switch(config-line)#login local`

`06`	`Router_or_Switch(config-line)#transport input telnet ssh`

`07`	`Router_or_Switch(config-line)#exit`

`08`	`Router_or_Switch(config)#username cisco password cisco`

`09`	`Router_or_Switch(config)#ip domain-name cisco.net`

`10`	`Router_or_Switch(config)#crypto key generate rsa`

Choose the size of the key modulus in the range of 360 to 2048 for your

General Purpose Keys. Choosing a key modulus greater than 512 may take

few minutes.

Regards

Bienvenu Ngala · ‎10-09-2012

Thank you very much for your response, all these details are already set up. If I took the switch off the network it will telnet or SSH proparly as a standalone but the only trouble is when the switch is back on the network as I discribed on my initial question.

John Blakley · ‎10-09-2012

Please post your config...

HTH, John *** Please rate all useful posts ***

Bienvenu Ngala · ‎10-09-2012

Hi,

I am not able to ping to the switch when connected. Please my config as you requested

Raju Sekharan · ‎10-09-2012

If ping is not working,problem is your reachability

Remove "ip default-gateway 192.168.1.1" with "ip route 0.0.0.0 0.0.0.0 192.168.1.1"

Ip default-gateway command should only be used when ip routing is disabled on the Cisco router.

/Raju

****rate if the post helps******

Raju Sekharan · ‎10-09-2012

1. Are you able to ping to the switch, when it is connected to network

2.If you are able to ping, then enable " debug telnet" and debug ip tcp transactions" on switch and try telnet from remote side. Then provide us the debugs

idris..frederick · ‎10-09-2012

If you can telnet to all but the switch... and you are timing out. Telnet is not configured properly. I'd console in and verify that first.

Bienvenu Ngala · ‎10-09-2012

Hi, Please find attached my config.

Sandeep Choudhary · ‎10-09-2012

HI Bienvenu,

I just mention in my last post abouth the whole configration.

U did not configure Login local in Line vty 0 15 .

Please do it and test again:

line vty 0 15

password 7 123C091E17075C517C72

login local

logging synchronous

transport input telnet ssh

Regards

Please rate if it helps.

Bienvenu Ngala · ‎10-09-2012

Hi,

I have tested the config, but the switch is not giving me any chance to input the configuration. I have attached the output.

cadet alain · ‎10-09-2012

Hi,

as AAA is enabled then the default login authentication method using username/password should be applied to vty lines

and so login local should have no effect unless AAA was disabled and the OP would want to use username/password when telnetting. What is puzzling me is that the device doesn't ask for a username/password though? Is it a different

behavior on switch versus router?

Regards.

Alain

Don't forget to rate helpful posts.

John Blakley · ‎10-09-2012

Are you connecting your computer directly to this switch and trying to telnet? The problem I believe is that all of your switchports (at least from what I see) are configured for vlan 10. There isn't a vlan 10 interface to route between vlan 10 and vlan 1.

Try this:

On one port that you'll connect your PC to, make that an access port to vlan 1. Then change your address on your pc to 192.168.1.10 255.255.255.0 Gateway 192.168.1.7.

Then see if you can ping and telnet into the switch. If so, and you're wanting your pc to be on vlan 10, you'll need to create a L3 svi for it:

int vlan 10

ip address x.x.x.x 255.255.255.0

Then you should be able to route between everything.

HTH,

John

HTH, John *** Please rate all useful posts ***