How can I provide access to non-routable addr across wan

Unanswered Question
Apr 4th, 2007
User Badges:

I have my management interfaces on my switches on a 10. vlan and want to setup secure access to them across my wan. Are there any ways to accomplish this? My switch is a 6509 with sup 720. I have a routable interface on it as well. tks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paolo bevilacqua Thu, 04/05/2007 - 01:41
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

what prevents you from routing these addresses as well ?

schunks Thu, 04/05/2007 - 03:54
User Badges:

Inside my building I can route to it. It's only when I go from outside our building I can't reach it. I can only manage my local router... they will not allow my 10. net to be an advertised route inside their configs. Additionally, I don't really want it publicly visible. It's a nice layer of security. But, now I have a need for remote management.

paolo bevilacqua Thu, 04/05/2007 - 04:23
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

"security" is very nice until prevents you from doing something - happens often.

Anyway, you can either allow managment access with a routable address, or carry your private addresses inside a GRE tunnel. The latter will require a router under your control installed on the other side of networks not carrying your "10".

bporter78 Thu, 04/05/2007 - 07:21
User Badges:

Ummm why don't you just setup a static NAT on your firewall. So your 10.0.0.1 is Natted to port 22 on the external IP address of your firewall (this will provide SSH access to your 6509)


Cheers,

Peter

Actions

This Discussion