-1

I want to connect a cisco router (2950 series) to my normal broadband router supplied by my ISP. I want to test whether I can access the router over the public internet for configuration/management. I have a public IP address from my ISP, that I will use for testing purposes.

Note: security, ACL's and networking best practises are outside the scope of this task. This is just to carry out some basics tests and to proof that the router can be configured remotely.

It is my understanding that I need to do the following:

-Configure the router with the public IP address supplied by the ISP.

-enable telnet/ssh

-enable the interface that is connected to the router

Is this correct? If I connect the router to my broadband device with a CAT5, will I be able to access it over the internet using Putty?

Any advice would be great :)

Many thanks.

NewJoiner
  • 7
  • 1
  • Security is never outside the scope of any networking task ;) . Don't forget to disable the public interface when you're done testing! – cxw Aug 27 '15 at 09:50
  • Thanks cxw. I hope to get into the security elements once I got this up and running :) – NewJoiner Aug 27 '15 at 09:55

1 Answers1

0

Notwithstanding your point about security, the more I think about it, the more convinced I am you can't wait until later. The risk, if you do, is that someone will brick your router with the latest zero-day. Add to your list:

  1. Change the router password before you plug it in to the network. Use as long a password as the router will take.

  2. Check the CVE database for your hardware. Make sure you have any of the necessary patches and avoid any known-vulnerability situations.

Good luck!

cxw
  • 196
  • 1
  • 2
  • 9
  • Happy to help! -- and welcome to Server Fault! If this answer was helpful, would you hit the up arrow next to the answer? That will help others reading the question later, will give me some reputation, and will give you a badge for your first upvote :) . Also check out the tour at http://serverfault.com/tour . – cxw Aug 27 '15 at 14:44
  • i would also like to add that you might want to think about doing this a different way altogether. You could use a VPN or set up teamviewer on an internal PC, for example. It seems it would be a bit more secure as it would be far less of a juicy target. – Philosophene Sep 04 '15 at 18:03