Wired Intelligent Edge (Campus Switching and Routing)

Reply
Occasional Contributor II

ip ssh source-interface

Hi Guys, 

 

I'm having issues with defining a source interface for my SSH sessions.

 

We have a 3810M stack deployed in a datacenter where we have a management subnet that is not directly connected to our default route to get to the branch sites. 

 

Here's a fictive IP plan that represents the situation:

VLAN | IP Config IP Address Subnet Mask Std Local
-------------------- + ---------- --------------- --------------- ----------
MGMT | Manual 10.20.20.254 255.255.255.0 No No
DATA   | Manual 10.10.20.254 255.255.255.248 No No

 

ip route 0.0.0.0 0.0.0.0 10.10.20.253

 

10.10.20.253 is the ip address of the firewall.

 

When I try to SSH to a brach the switch uses the "Outgoing-interface" policy to select the SSH source address and thus chooses the wrong ip address. We have a firewall between the DC and branches that only allows SSH from the management subnet. 

 

On first glance there seems to be no option in configuring the SSH source interface. 

Is there a configuration option in a sub-config or something like that? 

 

I would like to not make any changes to the firewall. 

 

Thanks in advance guys!

 

Kind regards,

 

Michael. 

 

 

MVP Expert

Re: ip ssh source-interface

when use the SSH client of the switch there is no option for select interface ?




PowerArubaSW: Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP... More info


PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...) More info


PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)


PowerArubaIAP: Powershell Module to use Aruba Instant AP




ACMP 6.4 / ACMX #107 / ACCP 6.5
Highlighted
Occasional Contributor II

Re: ip ssh source-interface

Hi,

 

I do not have a "source" option when trying to connect. 

 

Kind regards, 

 

Michael. 

Occasional Contributor I

Re: ip ssh source-interface

"ip source-interface telnet <interface>" also controls the SSH ip source address.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: