cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
15621
Views
0
Helpful
36
Replies

tunneling using SSH port 2222

evgenie.daniel1
Level 1
Level 1

helllo

i have cisco router 860 andit has two networks: WAN 132.66.x.x

LAN 10.10.10.x

VLAN1 10.10.10.10   also DHCP

 

every time i want to connect to the PC on the network 10.10.10.x via SSH on Router i want to make a tunnel using port 2222.

 

for example i am on the network 132.66.x.x opening SSH putty and type the router's ip 10.10.10.10  or 132.66.x.x . and then after i authenticates i want to get directly to the PC 10.10.10.84 . which command i should run on the router in order to do it.

36 Replies 36

but when i choose not the ssh on the putty but raw like this it's getting me to the 10.10.10.84 PC. but i wonder if it is ok:

 

 

Hello


@evgenie.daniel1 wrote:

every time i want to connect to the PC on the network 10.10.10.x via SSH on Router i want to make a tunnel using port 2222.

 


On the router:
conf t

ip ssh port 2222 rotary 1
line vty x x
rotary 1
transport input ssh

Provding you have ssh access to the router you should then be able to access the router via ssh on port 2222

res
Paul

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

done it. nothing is changed:

and another thing:

if i want to allow other people outside the 132.66.x.x network to reach the Router 132.66.210.72 via port 2222 (but first they need to connect to VPN ), i am not need to connect VPN cause i am on the 132.66.x.x network. do i need to enter additional commands to the router in order to make it work ? 

 

 

So now you get a password prompt ? You have 'login local' configured, that means you have to use the username/password configured on the router.

it's working only for me siting on the 132.66.x.x network and it also leting me log the usename "intelwifi" but the password not, telling me "access denied"(see the attached file), but when i connect to 22 port like i used before it does letting me to log with the username and with the password. and another thing,  port 2222  not working for the people that connecting VPN to use the 132.66.x.x network, they still can use port 22 as before.

Hello,

if you have not done so yet, configure an RSA key:

crypto key generate rsa modulus 1024

You can also try to configure ssh version 2:

ip ssh version 2

done. still access denied:

Do you actually see connection attempts at the device with address 10.10.10.84 ?

only when i choose RAW on putty with 2222 port and IP 132.66.210.72

 

:

 

 

but again it is only from my network. i need it also to the outside, the vpn users. now vpn users only can use 132.66.210.72   ssh 22  only.

Hello,

what do you have configured under 'Preferred SSH protocol version' in Putty ?

For VPN clients, you will first have to set the Cisco up as a VPN server, unless you have some other way of providing VPN client connectivity ?

They use any connect of cisco.they connect to vpn server of the organisation. . No need for vpn server on the router.

What internal IP addresses are being assigned to the VPN users ? The only way you can get them to access 10.10.10.84 from an internal address is to somehow connect the Cisco to the rest of your network...

They are getting ip of wan 132.66.x.x. They need to connect to the ubuntu pc port ssh 22 via port 2222 of cisco 132.66.210.72 using any client like putty and etc. Ubuntu ip address is 10.10.10.84 located on the Lan network of 10.10.10.x.