hi,

aegirgylfa · ‎10-05-2016

I want to be able to connect my test environment from my office.

I'm running a testlab with 3x routers, 3x switches and a access switch.
this lab is not on the same floor as where my office is, and the only way to connect the lab to my office is through the production switch.
before I go further with this I wanted to see your thoughts on how you would accomplish it, and what I should beware of.

Dennis Mink · ‎10-05-2016

If you can physically patch from your desk to the lab, patch a console port of one of the lab switches

through to your desk.

If this is not possible, just add an unused IP address in the subnet your production laptop is in and telnet into that, just makes sure it does not exchange routes with anything in your prod network.

Please remember to rate useful posts, by clicking on the stars below.

aegirgylfa · ‎10-06-2016

production network: 192.168.1.0/24

production switch: 192.168.1.253

GW: 192.168.1.254

my laptop: 192.168.1.5

on the test router - int f0/0 192.168.1.250 (conneced to f0/1 to production switch)

on the test router - intf0/1 10.10.10.0/8

what ACL should i set on int f0/0 on the test router to only allow my laptop to ssh or telnet to the router, so I can work on the test environment?

Dennis Mink · ‎10-06-2016

you can stick an access class on your line vty 0 4 configurations

something like (off the top of my head)

access-list 45 permit host 192.168.1.5

access-list 45 deny any any

Please remember to rate useful posts, by clicking on the stars below.

johnlloyd_13 · ‎10-06-2016

hi,

you should review your IT/security policy, if you have one.

if the IT manager catches you and didn't have his permission to run your lab, you could lose your job.

better run your lab at home or in an isolated network.

Test lab connected to production switch.