I'm having another issue with our Cisco 1720. We had a security audit done at the beginning of the year and they suggested we disable telnet and enable SSH on this router. All or Pix 501's have them, as well as our PIX 515. I'm wondering if the 1720 will allow SSH. I assume it does, because it's IOS, just like every other Cisco box, it's just not PIX IOS. Is SSH just a PIX IOS feature? I'd appreciate any help! Thanks!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Cisco 1720 SSH
- Thread starter OWFCUIT
- Start date
- Thread starter
- #2
jneiberger
Technical User
Your routers can support SSH if you have a crypto-capable IOS image. If your image name has "k9" in it anywhere you'll be able to do SSH. If not, you'll have to buy new licenses for crypto-capable images.
What IOS and feature set are you running?
What IOS and feature set are you running?
- Thread starter
- #4
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (C1700-Y-M), Version 12.1(5)T9, RELEASE SOFTWARE (fc1)
TAC Support: Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Sun 24-Jun-01 18:12 by cmong
Image text-base: 0x800080E0, data-base: 0x806A2DAC
ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
This is what i get when i "sh vers".. it appears to be crypto-capable, but it's showing it as a T9 not a K9. Maybe i shouldn't make so many assumptions.
Router uptime is 9 weeks, 6 days, 19 hours, 36 minutes
System returned to ROM by power-on
System image file is "flash:c1700-y-mz.121-5.T9"
cisco 1720 (MPC860) processor (revision 0x601) with 24576K/8192K bytes of memory .
Processor board ID JAD05290H10 (496071792), with hardware revision 0000
M860 processor: part number 0, mask 32
Bridging software.
X.25 software, Version 3.0.0.
1 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
2 Low-speed serial(sync/async) network interface(s)
WIC T1-DSU
IOS (tm) C1700 Software (C1700-Y-M), Version 12.1(5)T9, RELEASE SOFTWARE (fc1)
TAC Support: Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Sun 24-Jun-01 18:12 by cmong
Image text-base: 0x800080E0, data-base: 0x806A2DAC
ROM: System Bootstrap, Version 12.0(3)T, RELEASE SOFTWARE (fc1)
This is what i get when i "sh vers".. it appears to be crypto-capable, but it's showing it as a T9 not a K9. Maybe i shouldn't make so many assumptions.
Router uptime is 9 weeks, 6 days, 19 hours, 36 minutes
System returned to ROM by power-on
System image file is "flash:c1700-y-mz.121-5.T9"
cisco 1720 (MPC860) processor (revision 0x601) with 24576K/8192K bytes of memory .
Processor board ID JAD05290H10 (496071792), with hardware revision 0000
M860 processor: part number 0, mask 32
Bridging software.
X.25 software, Version 3.0.0.
1 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
2 Low-speed serial(sync/async) network interface(s)
WIC T1-DSU
jneiberger
Technical User
I believe that's the IP feature set. It also appears to be deferred. If you don't need the "T" features then I'd recommend getting the latest mainline 12.1 release. If you need those features then get the latest 12.2 mainline release.
You'll want to get the IP PLUS IPSEC 3DES feature set. The IP-only feature set does not support crypto.
You'll want to get the IP PLUS IPSEC 3DES feature set. The IP-only feature set does not support crypto.
- Thread starter
- #6
- Status
Similar threads
- Locked
- Question