03-09-2021 08:31 AM
I'm very new to Cisco and this is my first configuring of one of their switches. No matter what I do I'm unable to ssh into this switch.
Building configuration...
Current configuration : 4458 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname myswitch
!
boot-start-marker
boot-end-marker
!
enable secret 5 ********
!
username testuser privilege 15 secret 5 ********************
!
!
no aaa new-model
switch 1 provision ws-c2960s-48fps-l
!
!
ip domain-name mydomain.com
!
!
crypto pki trustpoint TP-self-signed-2432171264
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2432171264
revocation-check none
rsakeypair TP-self-signed-2432171264
!
!
crypto pki certificate chain TP-self-signed-2432171264
certificate self-signed 01
***key was here redacted**
quit
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
ip ssh version 2
!
interface FastEthernet0
no ip address
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface Vlan1
ip address 10.0.0.220 255.255.255.0
!
ip default-gateway 10.0.0.1
ip http server
ip http secure-server
!
ip access-list standard TELNET-ACCESS
permit 10.0.0.110
!
line con 0
password *********
login
line vty 0 4
access-class TELNET-ACCESS in
exec-timeout 5 0
password *********
login local
transport input all
line vty 5 15
access-class TELNET-ACCESS in
password ******
login
transport input ssh
!
end
Solved! Go to Solution.
03-09-2021 08:36 AM
the high level you have access-list - only allowed IP 10.0.0.110 (are you using this IP to test ?)
if you have console access - remove ACL and test it.
line vty 0 4
no access-class TELNET-ACCESS in
line vty 5 15
no access-class TELNET-ACCESS in
03-09-2021 08:36 AM
the high level you have access-list - only allowed IP 10.0.0.110 (are you using this IP to test ?)
if you have console access - remove ACL and test it.
line vty 0 4
no access-class TELNET-ACCESS in
line vty 5 15
no access-class TELNET-ACCESS in
03-09-2021 09:34 AM
Hi there,
Best you check with your colleagues before removing that ACL as access to your equipment may be locked down to that host only.
But otherwise, I agree that's the issue. Either remove the ACL from VTY lines if permitted to do so or gain management access to your switch via this host only.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide