Hey folks! After many months of absorbing the enormous amount of collective knowledge found on this site, I have finally come to a question I am having a hard time answering.
First off let me say THANK YOU to all the folks who spend their time contributing to TEK-TIPS. The majority of the threads I have been following and soaking in are Cisco related and therefore I would like to call out CiscoGuy33, burtsbees, lerdalt and maczen particularly for there advice, opinions and other valuable knowledge.
Some quick background - I have been working in the industry for some time now- cumulative experience about 6-8 years. Many different projects and technologies during this time. Lately, I have decided to focus my studies on Cisco technologies and certification as I was exposed early on and have always had an affinity for the network.
So I have gathered some gear, cables, a rack, books and other study materials and have been exploring and honing skills with the help of you all as well as Jeremy Cioara, Todd Lammle and The Bryant Advantage.
The question:
I would like to get SSH working on my 2511 and for the life of me, am stuck at finding which IOS I need in order to make this a reality. Google searches kick out 12.2T train as a starting point and Cisco itself has removed the 2500 series devices from the feature navigator - so I am stuck.
Why SSH? Well - I think I have the concept of deny by default built into me - and as such ALWAYS look for the secure way of doing something. No I don't have the the 2511 set up with a public IP on the Net, but that doesn't mean I wouldn't like to - hence SSH.
Below is a working config - The particular IOS I am running now is: c2500-c-l.123-22.bin
TIA for any insight you can lend.
~atomsnine
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AS
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxx
!
no aaa new-model
ip subnet-zero
no ip domain lookup
ip domain name xxxxxxx.ssh
ip host R1 2001 100.1.1.1
ip host R2 2002 100.1.1.1
ip host R3 2003 100.1.1.1
ip host PIX 2005 100.1.1.1
ip host SW1 2006 100.1.1.1
ip host SW2 2007 100.1.1.1
ip host SW3 2008 100.1.1.1
!
!
!
!
!
interface Loopback0
ip address 100.1.1.1 255.255.255.255
!
interface Ethernet0
ip address 192.168.1.40 255.255.255.0
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip http server
ip classless
!
banner motd ^C
******************************
UNAUTHORIZED ACCESS PROHIBITED
******************************
^C
!
line con 0
exec-timeout 0 0
password 7 xxxxxxxxxxxxxxxxxxx
logging synchronous
login
line 1 16
no exec
transport input all
line aux 0
line vty 0 3
password 7 xxxxxxxxxxxxxxxxxxx
login
transport input telnet
line vty 4
password 7 xxxxxxxxxxxxxxxxxxx
logging synchronous
login
transport input telnet
!
end
First off let me say THANK YOU to all the folks who spend their time contributing to TEK-TIPS. The majority of the threads I have been following and soaking in are Cisco related and therefore I would like to call out CiscoGuy33, burtsbees, lerdalt and maczen particularly for there advice, opinions and other valuable knowledge.
Some quick background - I have been working in the industry for some time now- cumulative experience about 6-8 years. Many different projects and technologies during this time. Lately, I have decided to focus my studies on Cisco technologies and certification as I was exposed early on and have always had an affinity for the network.
So I have gathered some gear, cables, a rack, books and other study materials and have been exploring and honing skills with the help of you all as well as Jeremy Cioara, Todd Lammle and The Bryant Advantage.
The question:
I would like to get SSH working on my 2511 and for the life of me, am stuck at finding which IOS I need in order to make this a reality. Google searches kick out 12.2T train as a starting point and Cisco itself has removed the 2500 series devices from the feature navigator - so I am stuck.
Why SSH? Well - I think I have the concept of deny by default built into me - and as such ALWAYS look for the secure way of doing something. No I don't have the the 2511 set up with a public IP on the Net, but that doesn't mean I wouldn't like to - hence SSH.
Below is a working config - The particular IOS I am running now is: c2500-c-l.123-22.bin
TIA for any insight you can lend.
~atomsnine
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AS
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxx
!
no aaa new-model
ip subnet-zero
no ip domain lookup
ip domain name xxxxxxx.ssh
ip host R1 2001 100.1.1.1
ip host R2 2002 100.1.1.1
ip host R3 2003 100.1.1.1
ip host PIX 2005 100.1.1.1
ip host SW1 2006 100.1.1.1
ip host SW2 2007 100.1.1.1
ip host SW3 2008 100.1.1.1
!
!
!
!
!
interface Loopback0
ip address 100.1.1.1 255.255.255.255
!
interface Ethernet0
ip address 192.168.1.40 255.255.255.0
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip http server
ip classless
!
banner motd ^C
******************************
UNAUTHORIZED ACCESS PROHIBITED
******************************
^C
!
line con 0
exec-timeout 0 0
password 7 xxxxxxxxxxxxxxxxxxx
logging synchronous
login
line 1 16
no exec
transport input all
line aux 0
line vty 0 3
password 7 xxxxxxxxxxxxxxxxxxx
login
transport input telnet
line vty 4
password 7 xxxxxxxxxxxxxxxxxxx
logging synchronous
login
transport input telnet
!
end
