05-30-2007 02:52 PM - edited 02-21-2020 01:32 AM
Hi I am getting the following errors when trying to ssh between 2 servers over the VPN tunnel. I see it is going out of my acl_inside access-list but I do not see it reaching the VPN acess list. There is no natting between the 2 ips.
# no natting for 10.13.36.0 subnet to 10.2.0.0 subnet
access-list nonat extended permit ip 10.13.36.0 255.255.254.0 10.2.0.0 255.255.192.0
# acl_in access list
access-list acl_in line 4 extended permit tcp host 10.13.37.245 host 10.2.12.202 (hitcnt=28)
access-list acl_in line 31 extended permit ip 10.13.36.0 255.255.254.0 10.2.0.0 255.255.192.0 (hitcnt=462)
# VPN access list
access-list XO_access_in line 5 extended permit tcp host 10.2.12.202 eq ssh host 10.13.37.245 (hitcnt=0)
%PIX-2-106001: Inbound TCP connection denied from 10.13.37.245/58736 to 10.2.12.202/22 flags SYN on interface inside
# show version
Cisco PIX Security Appliance Software Version 7.0(4)
Device Manager Version 5.0(4)
Compiled on Thu 13-Oct-05 21:43 by builders
System image file is "flash:/pix704.bin"
05-30-2007 03:12 PM
Any chance of getting more complete configs?
05-31-2007 07:04 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: