Hi Nick,

NickAgr68 · ‎05-11-2016

Hey everyone, I'd really appreciate some help on this. I'm brand new to networking and I recently setup a new Cisco 2960 switch that I'm trying to access remotely using telnet. I can access the switch over my LAN, on the same network, however, if I go to access it from a remote location, I cannot gain access to the switch anymore. I know this is probably a basic but I have been searching for days to find an answer to this and really trying to learn.

Just a few more details, I'm trying to do this using Putty. When I go to access my switch using the IP (10.0.1.12) that I assigned it in a remote location (say my brothers house), is that the right process? Am I even going about this the right way?

Any and all help will be greatly appreciated

Here is how my switch is configured right now:

Current configuration : 1528 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Switch
!
enable secret 5 $1$Y.J.$NIio2C0gWB7VOU4ZtWPGZ/
enable password 7 1307121E070D
!
username RichardSwitch1 password 7 04590E0A0320
no aaa new-model
system mtu routing 1500
udld aggressive

ip subnet-zero
!
!
mls qos map cos-dscp 0 8 16 26 32 46 46 56
!
!
macro global description cisco-global
errdisable recovery cause link-flap
errdisable recovery interval 60
no file verify auto
!
spanning-tree mode rapid-pvst
spanning-tree loopguard default
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport mode access
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
macro description cisco-desktop
spanning-tree portfast
spanning-tree bpduguard enable
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface GigabitEthernet0/1
!
interface Vlan1
ip address 10.0.1.12 255.255.255.0
no ip route-cache
!
ip default-gateway 10.0.1.1
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
password 7 0006160A085A
login
rotary 23
transport input telnet
line vty 5 15
password 7 01110308570A
login
!
end

Aditya Ganjoo · ‎05-11-2016

Hi Nick,

Are you able to ping the telnet IP from the remote location ?

If yes you should be able to access the switch.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

NickAgr68 · ‎05-11-2016

Hello Aditya,

Thanks for the fast response. I can not ping it from the remote location. It keeps giving an error of Request Timed out.

Aditya Ganjoo · ‎05-11-2016

Hi Nick,

Are you able to ping it from the place where you are able to access the telnet session ?

If yes then you need to make sure that the device is reachable from the remote location.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

NickAgr68 · ‎05-11-2016

Yes, I can ping it from there no problem. It's only when I'm outside of my house that I cannot ping it or access it.

How would I go about making it reachable from the remote location based upon my current configuration?

Kind Regards,

Nick

Aditya Ganjoo · ‎05-11-2016

Hi Nick,

You can try using the public IP from the remote location of the switch.

We just need to make sure the IP you use from the remote location is reachable.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

NickAgr68 · ‎05-11-2016

Hi Aditya,

When I am on my lan where I can telnet into my switch, I can ping the switch (along with my public IP and say 8.8.8.8) and access it no problem.

When I am at any other location whether it be a starbucks, familys house, etc. That is when I am unable to access the IP address that I set for the switch which is 10.0.1.12.
When I ping the public IP from any remote location that I am at or say 8.8.8.8, I get a reply right away. However, when I ping the IP that I made, that is when I get "request timed out." It would do the same if you were to attempt to ping it at 10.0.1.12.

If I google whats my ip, I do get a public IP and I can ping that from any remote location, even the one where I am attempting to ping my switch.

Kind Regards,

Nick

Aditya Ganjoo · ‎05-11-2016

Hi Nick,

The IP 10.0.1.12 is a private IP and you would not be able to access it from a remote location.

You need to have either a publicly routable IP to access the switch.

What is the IP of your PC in the LAN ?

Is it also having the same network schema ?

Regards,

Aditya

Please rate helpful posts and mark correct answers.

NickAgr68 · ‎05-11-2016

Hi Aditya,

Ok, that is actually very helpful. Again, I am so new to networking and didn't think about this and it makes sense.

The IP of my PC is 10.0.1.33. I would say so because it is set up the same way.

So in order to access my switch from a remote location, I am going to need to configure a public IP for it? If so, what would be the best way to approach doing it?

Thank you for all of your help by the way, I really appreciate it.

Kind Regards,

Nick

Aditya Ganjoo · ‎05-11-2016

Hi Nick,

Glad to assist :)

If you need to access it from a remote location you need to configure a public IP on one of the interfaces.

Then you can use the same IP to access the telnet services from the remote location.

Here is a link that may help you :

http://www.petenetlive.com/KB/Article/0000934

This will also let you control the access of switch from the internet as you would be able to specify from which remote network you can access the switch.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

NickAgr68 · ‎05-11-2016

Hi Aditya,

Ok, right on, i'm working on this as we speak!

For this public IP, would it be one that I would be from say "icanhazip.com?" Or would I be attempting to create a new one?

Also, would this be assigned to one of my Vlan interfaces? Or FastEthernet/GigabitEthernet?

Kind Regards,

Nick

Aditya Ganjoo · ‎05-11-2016

Hi Nick,

You can assign it to any of the interfaces that does not have any IP configured.

If you have a local ISP then you can go ahead and ask them a public IP to use.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

NickAgr68 · ‎05-12-2016

Hi Aditya,

Ok, I think i'm getting closer now.

1. I can't setup ssh on my 2960 because of the IOS version, so that's why i'm just using telnet

2. I assigned vlan 3 a public IP address that I can ping from any remote location now, but when I try to telnet into it, I am get a "Network connection timed out" error inside of Putty.

3. The public IP that I am using is the public IP that my home network is on.

I followed the link you posted to setup telnet and I am still able to access it on my home network, however not from a remote location.

Also I should add, the public IP that I assigned interface VLAN 3, cannot use telnet from my home network. It also give a network connection timed out error.

Kind Regards,

Nick

Aditya Ganjoo · ‎05-12-2016

Hi Nick,

From your remote PC can you do a telnet <public IP of switch >, do you see a blank window ?

Also did you make any other changes except the VLAN 3 IP assignment ?

Regards,

Aditya

Please rate helpful posts and mark correct answers.

NickAgr68 · ‎05-12-2016

Hi Aditya,

When I go to my remote PC on putty to use telnet and type in the IP that I have on Vlan 3, a blank black box comes up like it normally would, however, it doesn't give me an option to sign in with the username and password. It just gives an error "Network Connection timed out"

I haven't made any changes besides adding the public IP. One thing I did do though was add the subenet 255.255.255.0 right after the IP address to assign it to vlan 3

Kind Regards,

Nick

Telnet remotely