392 words
2 minutes
Remote Access
2021-09-14
2025-01-12
Networking
cisco
Renaming

To name each equipment with a thoughtful nomenclature is to save time.

SW1 (Config) #HostName SW1

Telnet#

Telnet is the fastest way to configure, but is not secure. It is necessary to assign a password:

SW1 (config) #reable secret my_mdp

To reach your Telnet equipment, you need an active VLAN with an IP address.

TIP

It is advisable to use VLAN 99, to simplify the administration of equipment.

SW1 (config) #vlan 99
SW1 (config-vlan) #Exit
SW1 (Config) #INT VLAN 99
SW1 (Config-IF)#


%Link-5-Changed: VLAN99 interface, changed state to up
SW1 (Config-Iif) #ip Address 192.168.1.2 255.255.255.0
SW1 (Config-IF)#Exit
SW1 (Config) #ip Default-Gateway 192.168.1.254 /*LAN PANDERAL
  • Activate Telnet:
LINE VTY 0 1
NOTE

0 is the line of the line. `1 is the maximum number of simultaneous connections.

Line password configuration:

SW1 (Config-Line) #Password Mon_MDP
SW1 (Config-Line) #Login

Summary of Telnet commands#

Once your VLAN 99 is created and addressed, that your gateway is well defined; You can copy/paste these lines directly (by adapting your configuration), in your terminal:

conf t
int VLAN 99
IP Address 192.168.1.2 255.255.255.0
no shut
exit
IP Default-Gateway 192.168.1.1
LINE VTY 0 1
password mon_mdp
login

ssh#

The most secure means, it adds a layer of encryption. Its configuration is initially, similar to Telnet:

SW1 (Config) #INT VLAN 99
SW1 (Config-Iif) #ip Address 192.168.1.2 255.255.255.0
SW1 (Config-IF) #No Shut
SW1 (Config-IF)#Exit
SW1 (Config) #ip Default-Gateway 192.168.1.1 /*LAN PANDERAL
  • It is necessary to enter a domain name:
SW1 (Config) #IP Domain-Name 1234.com
  • Generation of RSA encryption keys:
SW1 (Config) #crypto Key Generate RSA
The name for the keys will be: sw1.1234.com
Choose The Size of the Key Modulus in the Range of 360 to 2048 for your
General Purpose Keys.Choosing A Key Modulus Greater Than 512 May Take
At Few minutes.


How Many Bits in the Modulus [512]: 2048
% Generating 2048 Bit RSA Keys, Keys will be unpopable ... [OK]
CAUTION

To avoid widespread safety faults with SSH V1, go to version 2:

SW1 (Config) #ip SSH version 2
  • Configuration of a login/password:
SW1 (config) #username admin password mon_mdp
  • Configuration of line 0, to declare that only 1 user on the SSH protocol will be authorized:
SW1 (Config) #line Vty 0 1
SW1 (Config-Line) #Login
SW1 (Config-Line) #transport Input SSH

SSH commands summary#

Copy/paste these lines directly (by adapting your configuration), in your terminal:

conf t
int VLAN 99
IP Address 192.168.1.2 255.255.255.0
no shut
exit
IP Default-Gateway 192.168.1.1
IP Domain-Name 1234.com
Crypto Key Generate RSA
2048
IP SSH version 2
Username admin password mon_mdp
LINE VTY 0 1
login
Transport input ssh
Remote Access
https://xsec.fr/posts/networking/acces-distants/
Author
Xsec
Published at
2021-09-14
License
CC BY-NC-SA 4.0
Create a DNS server on Debian
The hierarchy of CLI cisco
© 2025 Xsec. / RSS / Legal mentions