01-14-2008 04:40 PM
I have ssh configured on my switches and would like to use CNA to manage them. Is this possible to do without using telnet?
Thank you.
01-22-2008 08:23 AM
It is only possible to do with telnet.
here is a good link for SSH configuration..
http://www.cisco.com/warp/public/707/ssh_cat_switches.html#switch
01-22-2008 05:19 PM
Do you mean without using HTTP ? CNA manages the device using HTTP/HTTPS
01-23-2008 07:26 PM
Ok. my goal here is to establish a secure connection when using the cna product. Can you assist me in making this happen? Commands that I need to run on the switch,etc.
Thank you for the reply.
01-23-2008 07:37 PM
For CNA to communicate securely with the devices, it can use HTTPS. This means the switch needs to be running a crypto (k9) image. Once you have that and configure the command "ip http secure-server" you can start using HTTPS - so CNA will discover the device and use HTTPS for communicating.
Please let me know if this helps.
01-24-2008 10:01 AM
Here are some details about the switches...They are all Cisco Catalyst 2950 24 port switches and they are running the 12.1(22)E8a crypto image. I have successfully configured ssh on the switches, but I do not see an option for ip http secure-server when I enter global config mode.
Any thoughts?
Thank you again for your help.
01-24-2008 10:20 AM
can you paste the output of the command "show ip http server status" ? It should tell us if secure server is running or not
01-25-2008 11:20 AM
Hi, thanks for the reply.
I tried running the command show ip http server status, but it is not a valid command.
01-25-2008 12:01 PM
It seems that SSL support is not available in the 12.1 IOS images and 2950 is still on 12.1 images so it will not support SSL so you cannot enable secure server. new devices like 2960 have SSL support.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: