At the very least, I would recommend using a "secure" way to get into your
network; SSH, VPN, etc.
And then, once inside, you could access switch by internal address.
In general - I would *almost* never make a switch have an external address,
and would certainly never telnet into it from outside unless over an
encrypted tunnel ... unless I like having my switch access passwords being
world-readable as my telnet session is cruising through the 'net.
... especially if you use the same access passwords on multiple network
devices, in which case you would be 'handing out' your passwords to other
things as well ... *fun*.
Granted, the real world frequently gets in the way of great ideas ... but
this is one of those things that I would argue with a client over.
Thanks!
TJ
-----Original Message-----
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Friday, June 22, 2001 13:09
To: [EMAIL PROTECTED]
Subject: Re: Remote Access to Lan Switch [7:9435]
And think about whether you really want to do this? It sounds like a
security risk that may not be worth taking.
Priscilla
At 09:16 PM 6/21/01, EA Louie wrote:
>If you have control over the firewall, you'll have to map an address on the
>outside of the firewall to your switch.
>
>example:
>If your firewall outside interface is 121.1.5.2, and you have 121.1.5.3 as
>an available ip address on that outside subnet, and your switch was at
>198.1.1.1, then you'd map 121.1.5.3 to 198.1.1.1 in the firewall.
>
>If you had no available outside ip addresses, then you could map a port on
>your firewall's outside ip address to the inside switch. In this example,
>maybe you'd map port 55 to the switch.
>
>Your firewall administrator can probably help you out with this. If you
are
>the firewall administrator, then read up on the configuration of your
>firewall on how to do this.
>
>-e-
>
>----- Original Message -----
>From: Magenta Bloom
>To:
>Sent: Thursday, June 21, 2001 2:58 PM
>Subject: Remote Access to Lan Switch [7:9435]
>
>
> > I just gave my switch an Internal IP address. How do I remotely access
>this
> > switch from outside the network? The switch is behind a firewall.
> > I cannnot just type 198.x.x.x ... With a router, I can telnet using the
> > external address. However, how would I get remote access to internal
> > clients?
> > _________________________________________________________________
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
________________________
Priscilla Oppenheimer
http://www.priscilla.com
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9957&t=9435
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
