How can I provide access to non-routable addr across wan

Unanswered Question
Apr 4th, 2007

I have my management interfaces on my switches on a 10. vlan and want to setup secure access to them across my wan. Are there any ways to accomplish this? My switch is a 6509 with sup 720. I have a routable interface on it as well. tks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
schunks Thu, 04/05/2007 - 03:54

Inside my building I can route to it. It's only when I go from outside our building I can't reach it. I can only manage my local router... they will not allow my 10. net to be an advertised route inside their configs. Additionally, I don't really want it publicly visible. It's a nice layer of security. But, now I have a need for remote management.

Paolo Bevilacqua Thu, 04/05/2007 - 04:23

"security" is very nice until prevents you from doing something - happens often.

Anyway, you can either allow managment access with a routable address, or carry your private addresses inside a GRE tunnel. The latter will require a router under your control installed on the other side of networks not carrying your "10".

bporter78 Thu, 04/05/2007 - 07:21

Ummm why don't you just setup a static NAT on your firewall. So your is Natted to port 22 on the external IP address of your firewall (this will provide SSH access to your 6509)




This Discussion