Tags: ,

Forum Replies

  1. Hi Rene,

    I have always done this using the command:

    ip http secure-server

    And then:

    control-plane host
      management-interface FastEthernet0/0 allow ftp https ssh tftp snmp


    transport input ssh

    I tried it the way you show by generating the crypto key as you have shown above and using the control-plane host lines and it seems to achieve the same results without specifying transport input ssh on the VTY lines. You can only SSH into the router. Is this achieving the same end? The only difference I can see by using your method and issuing a sh run is you don’t

    ... Continue reading in our forum

  2. Hello Matt!

    The way that you implement your configuration achieves something similar, but not exactly the same as that which Rene has done in his example.

    Rene’s example applies SSH on the VTY line. This means that you can connect to the device via SSH from any of its interfaces to the VTY connections. In your configuration, you are binding the ssh configuration only to the management interface. This of course is a legitamite configuration assuming you only apply out of band management, and if it works for you that’s great.

    Also, in your configuration the ip

    ... Continue reading in our forum

  3. Thanks Lazaros, that all makes sense, no need to tie up a port when you can use a virtual interface that can be access from any port. I’ll try this when I gat a chance. Matt.

  4. Hello Petr

    That’s a great idea. I will convey it to Rene to see if that can be added.



5 more replies! Ask a question or join the discussion by visiting our Community Forum