cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
3448
Views
5
Helpful
3
Replies
drakeanke1
Beginner

Can't SSH into Switch from outside local network

Hi guys,

 

Currently have the following network set up (see attachment pls). Apparently I'm supposed to be able to connect to each switch using all 3 PC's.

At the moment, I can only SSH to a switch via their corresponding PC i.e. S1-3 via PC1-3.

I can however ping all PC's from a PC i.e. PC1-1 can ping PC1-2, and PC1-3 without issue. 

I'm still new to Cisco, and am confused as to how I can get from one PC to another, but not be able to connect or ping the switch that's in between them? Am I supposed to set up a static route on the server for it to get across to the switch?

 

Currently on each switch I have the following setup (just changed the hostname and IP for each switch)

!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname S1-1
!
enable secret 5 $1$mERr$9sGk8uZNjsRoeNXXRX8ZC.
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 110
ip domain-name pattersontribe.com
!
username cisco secret 5 $1$mERr$qk3CK1TOD8.wVdLl7Y7DC1
!
interface FastEthernet0/1
 duplex full
 speed 100
!
interface FastEthernet0/2
 switchport mode access
 switchport port-security
!
interface FastEthernet0/3 - FastEthernet0/24
 switchport access vlan 999
 switchport mode access
 shutdown
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.168.1.2 255.255.255.0
!
line con 0
 password 7 0822455D0A16511A17
 logging synchronous
 login
 history size 20
 exec-timeout 0 0
!
line vty 0 4
 exec-timeout 0 0
 password 7 0822455D0A16511A17
 logging synchronous
 login local
 history size 20
 transport input ssh
line vty 5 15
 login local
 transport input ssh
!

1 ACCEPTED SOLUTION

Accepted Solutions
Mark Malone
VIP Mentor

If you can ping each pc-pc you should be able to ssh to each switch as the path is already there, icmp ping  is layer 3 , ssh is layer 7 sits on top of the path , can you ping sw2 from pc1?  , your missing your default gateway on the switch pointing to the router ---ip default-gateway 192.168.1.1

 

Is there any acls blocking ssh from being passed through the router , turn on debug ip ssh and term mon on the switch your trying to connect to and initiate an ssh session from a pc not directly connected and see if the connection reaches it

View solution in original post

3 REPLIES 3
Mark Malone
VIP Mentor

If you can ping each pc-pc you should be able to ssh to each switch as the path is already there, icmp ping  is layer 3 , ssh is layer 7 sits on top of the path , can you ping sw2 from pc1?  , your missing your default gateway on the switch pointing to the router ---ip default-gateway 192.168.1.1

 

Is there any acls blocking ssh from being passed through the router , turn on debug ip ssh and term mon on the switch your trying to connect to and initiate an ssh session from a pc not directly connected and see if the connection reaches it

View solution in original post

edit: After entering the default gateways on the switches, I can ping the switches from all PC's and the SSH is working also.

Can't believe it was something so simple :L

Thanks for your help guys~

romanegger
Beginner

Did you create the crypto key?

 

crypto key generate rsa