09-27-2017 11:27 PM - edited 03-05-2019 09:12 AM
helllo
i have cisco router 860 andit has two networks: WAN 132.66.x.x
LAN 10.10.10.x
VLAN1 10.10.10.10 also DHCP
every time i want to connect to the PC on the network 10.10.10.x via SSH on Router i want to make a tunnel using port 2222.
for example i am on the network 132.66.x.x opening SSH putty and type the router's ip 10.10.10.10 or 132.66.x.x . and then after i authenticates i want to get directly to the PC 10.10.10.84 . which command i should run on the router in order to do it.
09-28-2017 02:23 AM
09-28-2017 03:06 AM - edited 09-28-2017 03:09 AM
Hello
@evgenie.daniel1 wrote:every time i want to connect to the PC on the network 10.10.10.x via SSH on Router i want to make a tunnel using port 2222.
On the router:
conf t
ip ssh port 2222 rotary 1
line vty x x
rotary 1
transport input ssh
Provding you have ssh access to the router you should then be able to access the router via ssh on port 2222
res
Paul
09-28-2017 03:27 AM
09-28-2017 03:52 AM - edited 09-28-2017 03:54 AM
and another thing:
if i want to allow other people outside the 132.66.x.x network to reach the Router 132.66.210.72 via port 2222 (but first they need to connect to VPN ), i am not need to connect VPN cause i am on the 132.66.x.x network. do i need to enter additional commands to the router in order to make it work ?
09-28-2017 04:09 AM
So now you get a password prompt ? You have 'login local' configured, that means you have to use the username/password configured on the router.
09-28-2017 04:15 AM - edited 09-28-2017 04:16 AM
it's working only for me siting on the 132.66.x.x network and it also leting me log the usename "intelwifi" but the password not, telling me "access denied"(see the attached file), but when i connect to 22 port like i used before it does letting me to log with the username and with the password. and another thing, port 2222 not working for the people that connecting VPN to use the 132.66.x.x network, they still can use port 22 as before.
09-28-2017 04:25 AM
Hello,
if you have not done so yet, configure an RSA key:
crypto key generate rsa modulus 1024
You can also try to configure ssh version 2:
ip ssh version 2
09-28-2017 04:37 AM - edited 09-28-2017 04:37 AM
09-28-2017 04:43 AM
Do you actually see connection attempts at the device with address 10.10.10.84 ?
09-28-2017 04:54 AM
09-28-2017 04:55 AM
but again it is only from my network. i need it also to the outside, the vpn users. now vpn users only can use 132.66.210.72 ssh 22 only.
09-28-2017 07:35 AM
Hello,
what do you have configured under 'Preferred SSH protocol version' in Putty ?
For VPN clients, you will first have to set the Cisco up as a VPN server, unless you have some other way of providing VPN client connectivity ?
09-28-2017 01:07 PM - edited 09-28-2017 01:09 PM
They use any connect of cisco.they connect to vpn server of the organisation. . No need for vpn server on the router.
09-28-2017 01:13 PM
What internal IP addresses are being assigned to the VPN users ? The only way you can get them to access 10.10.10.84 from an internal address is to somehow connect the Cisco to the rest of your network...
09-28-2017 01:22 PM
They are getting ip of wan 132.66.x.x. They need to connect to the ubuntu pc port ssh 22 via port 2222 of cisco 132.66.210.72 using any client like putty and etc. Ubuntu ip address is 10.10.10.84 located on the Lan network of 10.10.10.x.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide