Solved: Configuring a Cisco 2690 Switch for Practice

dr3amHigher · ‎09-29-2021

Hello everyone, I am still a student and fairly new at this stuff. I am configuring a Cisco 2690 switch to practice against. It is plugged up via the console cable to my computer and I am using SCREEN to configure it. I have reset it to factory settings then did the initial configuration

Steps to factory reset:

Hold down mode while powering on machine, opened terminal and did screen [file location]

switch: flash_init 
switch: del flash:config.text 
switch: del flash: vlan.dat (no file for this)
switch: boot

Would you like to enter the initial configuration dialog? [yes/no]:
% Please answer 'yes' or 'no'.

host name: myswitch 
// set passwords

Configure SNMP Network Management? [no]: no

Enter interface name used to connect to the
management network from the above interface summary: vlan1
Configure IP on this interface?[yes]: no

I did not set the IP because I need to set up this as a DHCP server to serve me an IP so that I can SSH into it.

myswitch>enable
myswitch#configure terminal
myswitch(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.10
myswitch(config)#ip dhcp pool test
myswitch(dhcp-config)#network 192.168.1.0 255.255.255.0
myswitch(dhcp-config)#default-router 192.168.1.1
myswitch(dhcp-config)#dns-server 4.4.4.4
myswitch(dhcp-config)#exit
myswitch(config)#interface vlan 1
myswitch(config-if)#ip address 192.168.1.5  255.255.255.0
myswitch(config-if)#no shutdown
myswitch(config-if)#exit
myswitch(config)#exit
myswitch#

and I enabled SSH

 myswitch# config t
//left out ip domain-name 

// Generate RSA keys for encryption
 myswitch(config)# crypto key generate rsa
  
 Choose the size of the key modulus in the range of 360 to 2048 for your
    General Purpose Keys. Choosing a key modulus greater than 512 may take
    a few minutes.
  
  How many bits in the modulus [512]: 512
Choose 1024 if you want higher security.

Configure VTYs (Virtual Terminal Lines)
  myswitch(config)# line vty 0 4
  myswitch(config-line)# login local
  myswitch(config-line)# transport input ssh
  myswitch(config-line)# exit
  myswitch(config)# username [name] password [password]

Set time-out interval
  myswitch(config)# line vty 0 4
  myswitch(config-line)# exec-timeout 5

  myswitch#show ip int brief (Only Vlan1 is showing with the ip address I created)
  myswitch# sh ip ssh (SSH is showing as enabled)

The SSH does not work and I am unsure of what else I'm missing on this.

paul driver · ‎09-29-2021

Hello

wrote:

ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp pool test
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 4.4.4.4

interface vlan 1
ip address 192.168.1.5 255.255.255.0
no shutdown

The dhcp server doesn’t have the correct D/G in the dhcp pool I would say its need to be 192.168.1.5
Also are you able to obtain an ip address from this dhcp pool, Is the routed vlan 1 interface actually up, if not you need to enable an access port for that routed interface to come up, as I am assuming you have no trunks links?

sh ip int brief

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Richard Burts · ‎09-29-2021

We have some information but not enough to be able to identify the problem. You have indicated that you have a console connection to the switch and that works. You have assigned an IP address to vlan 1 and you have enabled ssh. This is a good start. But we need more information. Where are you attempting to test ssh from? Is it a device that is connected to the switch? Does that device have an IP address? If so what is its IP address? Can that device ping the IP address of the switch?

HTH

Rick

dr3amHigher · ‎09-29-2021

I am attempting to test from a terminal on the computer the switch is connected to. I just tried to ping the switch's IP address and that did not work.

Richard Burts · ‎09-29-2021

Thanks for the additional information. If ping is not successful then there is a problem with IP connectivity. And problems with IP connectivity will prevent SSH from working. So testing for connectivity is a good first step in investigating problems using SSH.

So the computer is connected to the switch using an Ethernet cable to connect the Ethernet port of the computer to an interface on the switch. Is that correct? Does the computer have an IP address on its Ethernet interface? Can you post the output of ipconfig on the computer?

HTH

Rick

balaji.bandi · ‎09-29-2021

Can you post-show run full config to look or follow below guide :

https://ipwithease.com/how-to-configure-ssh-version-2-on-cisco-router/

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎09-29-2021

Hello,

the switch configuration is by the book. You need to be able to ping the Vlan 1 interface (obviously) for SSH connectivity to work. What 'terminal' are you trying to connect from ? Is that terminal's IP address in the 192.168.1.0/24 range ?

paul driver · ‎09-29-2021

Hello

wrote:

ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp pool test
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 4.4.4.4

interface vlan 1
ip address 192.168.1.5 255.255.255.0
no shutdown

The dhcp server doesn’t have the correct D/G in the dhcp pool I would say its need to be 192.168.1.5
Also are you able to obtain an ip address from this dhcp pool, Is the routed vlan 1 interface actually up, if not you need to enable an access port for that routed interface to come up, as I am assuming you have no trunks links?

sh ip int brief

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul