Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1886
Views
0
Helpful
9
Replies

How to change Cisco 4503 ssh port

dnwjdvkd
Level 1
Level 1

‎06-24-2019 04:48 AM

Hi, 
I should change Cisco 4503's ssh port today, but I couldn't change it.
I tried below command

 

WEB_BackBone#1(config)#ip ss?
% Unrecognized command
WEB_BackBone#1(config)#ss
WEB_BackBone#1(config)#ss?
% Unrecognized command
WEB_BackBone#1(config)#line vty 0 4
WEB_BackBone#1(config-line)#ss
WEB_BackBone#1(config-line)#ss?
% Unrecognized command
WEB_BackBone#1(config-line)#ip ?
netmask-format Change display of netmasks
tcp TCP options

WEB_BackBone#1(config-line)#ip t
WEB_BackBone#1(config-line)#ip tcp ?
input-coalesce-threshold Set the threshold that triggers packet coalescing
(20 default)


Cisco 4503 version is like below

WEB_BackBone#1#show version
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.06.03.E RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Wed 26-Aug-15 07:03 by prod_rel_team

 

Cisco IOS-XE software, Copyright (c) 2005-2015 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0.
(http://www.gnu.org/licenses/gpl-2.0.html) For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.

 

ROM: 15.0(1r)SG10
WEB_BackBone#1 uptime is 50 weeks, 1 day, 21 hours, 49 minutes
System returned to ROM by power-on
System image file is "bootflash:cat4500e-universal.SPA.03.06.03.E.152-2.E3.bin"
Jawa Revision 7, Winter Revision 0x0.0x41

Last reload reason: power-on

 

License Information for 'WS-X45-SUP7L-E'
License Level: ipbase Type: Permanent
Next reboot license Level: ipbase

cisco WS-C4503-E (MPC8572) processor (revision 6) with 2097152K bytes of physical memory.
Processor board ID SPE20120093
MPC8572 CPU at 1.5GHz, Supervisor 7L-E
Last reset from PowerUp
2 Virtual Ethernet interfaces
64 Gigabit Ethernet interfaces
2 Ten Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.

Configuration register is 0x2102

 

please inform me to change ssh port
Thanks.

Labels:
0 Helpful
9 Replies 9

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎06-24-2019 05:28 AM

Hello dnwjdvkd,

see the following thread

https://community.cisco.com/t5/switching/how-change-ssh-default-port-on-router/td-p/2231329

 

if the command

ip ssh port 2222 rotary 1

in global config is not supported you may need an upgrade to a more advance license.

Other colleagues have reported the command as not available in C2960 with LAN base license.

You have IP Base license on C4503.

Try to type the command above to see if it is an hidden command, if the command is refused you probably need an upgrade in license level.

 

Hope to help

Giuseppe

 

0 Helpful

dnwjdvkd
Level 1
Level 1
In response to Giuseppe Larosa

‎06-24-2019 07:27 AM

@Giuseppe Larosa


Thanks your response.

I tried "ip ssh port " command in global config mode

but while I tried the command, it display "Unrecognized command"

then now 4503's license is ipbase level. Do i need upgrade for the command?

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to dnwjdvkd

‎06-24-2019 12:42 PM

 You need a crypto image to enable SSH and crypto keys. the  image have 'k9' in the image file name.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

dnwjdvkd
Level 1
Level 1
In response to balaji.bandi

‎06-24-2019 03:26 PM

@balaji.bandi 

 

Thanks your response.
I ask you about this.
Cisco 4503 is configured line vty with “transport input command”
Do you mean “image upgrade” to “K9” for changing ssh port

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to dnwjdvkd

‎06-25-2019 12:06 AM

What i mean and belive is  First to support SSH you need have K9 based image. - yes required uplift version of image to support.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

dnwjdvkd
Level 1
Level 1
In response to balaji.bandi

‎06-25-2019 02:08 AM

@balaji.bandi 

Thank you for your sincere answer.

your answer gave me many help

0 Helpful

marce1000
VIP
VIP

‎06-25-2019 01:19 AM

 

 - Whilst it may be technically possible it is not advisable in terms of security : the standard port assignment range for protocols (1-1024) has an awareness purpose ; meaning that an SSH client has the right to not trust an ssh server (service) which does not use the standard ssh-port.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

dnwjdvkd
Level 1
Level 1
In response to marce1000

‎06-25-2019 02:14 AM

@marce1000 

Thanks 

I will refer your opinion

0 Helpful

marce1000
VIP
VIP
In response to dnwjdvkd

‎06-25-2019 05:38 AM

 

 - If you are looking to prevent ssh-access from unwanted sources , you may better look into acl-mechanisms to restrict managerial access from hosts under your control.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card