Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5424
Views
5
Helpful
3
Replies

Can't SSH into Switch from outside local network

Go to solution
drakeanke1
Level 1
Level 1

‎07-02-2015 12:33 AM - edited ‎03-05-2019 01:47 AM

Hi guys,

 

Currently have the following network set up (see attachment pls). Apparently I'm supposed to be able to connect to each switch using all 3 PC's.

At the moment, I can only SSH to a switch via their corresponding PC i.e. S1-3 via PC1-3.

I can however ping all PC's from a PC i.e. PC1-1 can ping PC1-2, and PC1-3 without issue. 

I'm still new to Cisco, and am confused as to how I can get from one PC to another, but not be able to connect or ping the switch that's in between them? Am I supposed to set up a static route on the server for it to get across to the switch?

 

Currently on each switch I have the following setup (just changed the hostname and IP for each switch)

!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
service password-encryption
!
hostname S1-1
!
enable secret 5 $1$mERr$9sGk8uZNjsRoeNXXRX8ZC.
!
ip ssh version 2
ip ssh authentication-retries 2
ip ssh time-out 110
ip domain-name pattersontribe.com
!
username cisco secret 5 $1$mERr$qk3CK1TOD8.wVdLl7Y7DC1
!
interface FastEthernet0/1
 duplex full
 speed 100
!
interface FastEthernet0/2
 switchport mode access
 switchport port-security
!
interface FastEthernet0/3 - FastEthernet0/24
 switchport access vlan 999
 switchport mode access
 shutdown
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.168.1.2 255.255.255.0
!
line con 0
 password 7 0822455D0A16511A17
 logging synchronous
 login
 history size 20
 exec-timeout 0 0
!
line vty 0 4
 exec-timeout 0 0
 password 7 0822455D0A16511A17
 logging synchronous
 login local
 history size 20
 transport input ssh
line vty 5 15
 login local
 transport input ssh
!

Labels:
Preview file
235 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎07-02-2015 02:13 AM

If you can ping each pc-pc you should be able to ssh to each switch as the path is already there, icmp ping  is layer 3 , ssh is layer 7 sits on top of the path , can you ping sw2 from pc1?  , your missing your default gateway on the switch pointing to the router ---ip default-gateway 192.168.1.1

 

Is there any acls blocking ssh from being passed through the router , turn on debug ip ssh and term mon on the switch your trying to connect to and initiate an ssh session from a pc not directly connected and see if the connection reaches it

View solution in original post

3 Replies 3

Go to solution
Mark Malone
VIP Alumni
VIP Alumni

‎07-02-2015 02:13 AM

If you can ping each pc-pc you should be able to ssh to each switch as the path is already there, icmp ping  is layer 3 , ssh is layer 7 sits on top of the path , can you ping sw2 from pc1?  , your missing your default gateway on the switch pointing to the router ---ip default-gateway 192.168.1.1

 

Is there any acls blocking ssh from being passed through the router , turn on debug ip ssh and term mon on the switch your trying to connect to and initiate an ssh session from a pc not directly connected and see if the connection reaches it

Go to solution
drakeanke1
Level 1
Level 1
In response to Mark Malone

‎07-02-2015 04:14 PM

edit: After entering the default gateways on the switches, I can ping the switches from all PC's and the SSH is working also.

Can't believe it was something so simple :L

Thanks for your help guys~

0 Helpful

Go to solution
romanegger
Level 1
Level 1

‎07-02-2015 04:26 AM

Did you create the crypto key?

 

crypto key generate rsa

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card