How to configure a Cisco switch for remote management via ssh

In this lab, I will share with us on how to configure a Cisco switch for remote management via ssh. One of the best things you can do as a network administrator is to setup your network devices for secured seamless login and non-complex logical management.

One of my readers contacted me and requested for help in configuring his Cisco switch for remote management. What he pointed out specifically as his problem was that while he could login and manage his switch when on the same network with the switch, he could not do the same when connecting to the switch from a remote network. Having reviewed his requirements, I felt it would be nice to share the solution here so others can learn or refresh their minds from it, despite how simple it is.

Network Topology

Cisco switch for remote management via ssh

Objective

The objective of this lab is to configure the switch for remote management such that the laptop PC residing on a remote network be used to login and manage it via ssh.  To accomplish this, the following will be done:

On the routers

(i)  Configure interfaces

(ii)  Advertise networks using eigrp

On the switch

(i) Configure an IP address for the management interface

(ii) Assign the switch a default gateway

(iii) Configure enable secret password

(iv) Configure ssh

On the PCs

(i) Assign IP addresses, subnetmask and default gateways.

Implementation.

The following configuration commands will the required to configure a Cisco switch for remote management. The commands used here a for the lab represented in the network topology used here. However, the solution can be achieved in many different ways.

 

You may also like: How to create read-only user accounts on a Cisco router using Packet Tracer

 

Configuration commands on Router1

Router1(config)#interface Serial0/3/0

Router1(config-if)#ip address 192.168.1.1 255.255.255.0

Router1(config-if)#clock rate 64000

Router1(config-if)#no shut

Router1(config-if)#int f0/0

Router1(config-if)#ip add 192.168.0.1 255.255.255.0

Router1(config-if)#no shut

Router1(config-if)#exit

Router1(config)#

Router1(config)#router eigrp 1

Router1(config-router)#network 192.168.0.0

Router1(config-router)#network 192.168.1.0

Router1(config-router)#no auto-summary

Router1(config-router)#exit

Router1(config)#exit

Router1#copy run start

Configuration commands on Router0

Router0(config)#interface Serial0/3/0

Router0(config-if)#ip address 192.168.1.2 255.255.255.0

Router0(config-if)#no shut

Router0(config-if)#int f0/0

Router0(config-if)#ip add 192.168.2.1 255.255.255.0

Router0(config-if)#no shut

Router0(config-if)#exit

Router0(config)#router eigrp 1

Router0(config-router)#network 192.168.1.0

Router0(config-router)#network 192.168.2.0

Router0(config-router)#no auto-summary

Router0(config-router)#exit

Router0(config)#exit

Router0#copy run start

Configuration commands on the switch

Switch#conf t

Switch(config)#int vlan 1

Switch(config-if)#ip add 192.168.2.2 255.255.255.0

Switch(config-if)#no shut

Switch(config)#ip default-gateway 192.168.2.1

Switch(config)#username admin password cisco

Switch(config)#hostname timigate

timigate(config)#ip dmain-name yourdomain.com

timigate(config)#crypto key generate rsa

timigate(config)#ip ssh authentication 3

timigate(config)#ip ssh time-out 30

timigate(config)#line vty 0 4

timigate(config-line)#transport input ssh

timigate(config-line)#exit

timigate(config)#exit

timigate#copy run start

Verification

To verify that I have configured the Cisco switch for remote management via ssh, I try to access the switch using the laptop on the network 192.168.0.0/24 using ssh. Remember that both the laptop and the switch are on different networks. See the result below.

Cisco switch for remote management via ssh

If you enjoyed this tutorial, please subscribe to this blog to receive my posts via email. Also subscibe to my YouTube channel, like my Facebook page and follow me on Twitter. To get the Packet Tracer file for this lab, simply drop your email address in the comment section of this blog.

Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *