03-24-2020 04:37 AM
Hello,
I've a new 9200 switch and want to add SSH to the Management interface.
Normaly I use SVI, but for this I want to use the Mgmt interface.
SSH is enabled, key generated.
Gateway for Mgmt-vrf is correct, I can ping the switch on the Mgmt interface.
An ACL is created for the line vty 0-15 that allows only SSH from several servers.
When I connect by using SSH to this port I get the message 'Connection Refused'
Is there an implecit ACL somewhere for this interface ? Or vrf ?
Or do I modify the port Gi0/0 that SSH may come from this interface ?
Thanks in advanced.
AvR
Solved! Go to Solution.
03-24-2020 06:16 AM
I found the following things:
- set the ACL including 'vrfname Mgmt-vrf'
and I got some issues with the terminalemulator whe are using.
I found also the option 'access-class <ACLNAME> in vrf-also', but when using this I get the message over al the vty lines '% Access-class <ACLNAME> is not configured'
Very odd.
So I have standing now:
line vty 0 4
access-class <ACLNAME> in vrfname Mgmt-vrf
exec-timeout 15 0
length 0
transport input ssh
03-24-2020 06:16 AM
I found the following things:
- set the ACL including 'vrfname Mgmt-vrf'
and I got some issues with the terminalemulator whe are using.
I found also the option 'access-class <ACLNAME> in vrf-also', but when using this I get the message over al the vty lines '% Access-class <ACLNAME> is not configured'
Very odd.
So I have standing now:
line vty 0 4
access-class <ACLNAME> in vrfname Mgmt-vrf
exec-timeout 15 0
length 0
transport input ssh
10-20-2022 06:09 AM
SSH is enabled by default on these machines. everything works also without ACL.
you need to add a user of level 15 and specify the local db in line via the console
username super privelege 15 secret youpassword
line vty 0 4
login local
transport input ssh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide