I have few computers behind PIX 501. Few of them has no access to internet (access-list inside line 1 deny ip host 192.168.1.10 etc) and others have full access. Now I want to give some of those denied computers an SSH access to outside. I have tried
access-list inside line 6 permit tcp host 192.168.1.10 eq ssh any eq ssh
, but SSH-client says Connection Refused. Do I need some other access-rules or is the problem somewhere else?
You need to have the permit line before the deny line.
access-list inside permit tcp host 192.168.1.10 any eq ssh
access-list inside deny ip host 192.168.1.10 any
Please rate helpful posts.