Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Cisco 2811 telnet/ssh

Posted on 2013-06-18
4
Medium Priority
?
1,772 Views
Last Modified: 2013-06-28
Hello i need a reminder on how to configure telnet/ssh to remotely administer a router via its outside interface configured with a public IP...

is this all i need?

=========================
access-list 1 permit any any


line vty 0 4
 access-class 1 in
 privilege level 15
 password xxxxxxxxxxxxx
 login
 transport input all

==========================
0
Comment
Question by:lurezero
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 4

Expert Comment

by:MarcusSjogren
ID: 39257592
Hi,

Not sure about "access-class 1 in" but other than that - yea, its all you need for basic telnet access.
You can also define authentication-groups etc to authenticate against radius servers etc.
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 600 total points
ID: 39257626
Well, the "privilege 15" isn't mandatory. It just lets you bypass having to manually get to privileged mode.

And I'm assuming that you have an access-list 1 that is permitting a specific IP address (or network) that is allowed to log in to the router.

If so, you're all set. I would probably change the "transport input all" to "transport input ssh telnet". No need to open up every service if you're not using it.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 39258443
You may want to re-evaluate applying acl permitting any any on a public interface?

Using an inside private IP should suffice. You just need to configure static NAT to that IP on port 23 (telnet),

I also would not recommend running a telnet session (unsecure - plain text transmission) over the internet.

Consider SSH (port 22)
0
 
LVL 12

Accepted Solution

by:
ryan80 earned 1400 total points
ID: 39260309
that is fine for telnet but there is other work that needs to be done for ssh.

you need to make sure that your router has a hostname

#hostname whatever

You need to configure the ip domain name

#ip domain-name whatever.com

you need to generate the rsa key

#crypto key generate rsa

you will need to have a username and password for ssh to work I always use a global username and password or aaa, but i believe that you can just define it under the line vty as well.

# username whatevername password whateverpassword
under line vty # login LOCAL


Now ssh should work as well.
http://www.trainsignal.com/blog/configure-secure-shell-ssh-on-cisco-router
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question