Configuring ASA to allow for SFTP (tcp-22) access to external server

Unanswered Question
Sep 27th, 2007

I need to configure an ASA5505 (SW 7.2(2)) to allow for SFTP (tcp-22) access to an external server. All internal clients use a dynamic NAT/PAT to a single external address (outside interface). Below is the error I see on the ASA:


2 Sep 27 2007 20:54:32 106001 <SFTP-Server-Address> <ASA-outside-interface(NAT)-Address> Inbound TCP connection denied from <SFTP-Server-Address>/22 to <ASA-outside-interface(NAT)-Address>/1321 flags FIN ACK on interface outside


The ASA currently just has the default Security policy on it. Can anyone assist with this config.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
jsivulka Thu, 10/04/2007 - 06:39

In order to allow outbound SFTP traffic (TCP port 22) please adds the following line:

access-list outbound permit tcp any any eq 22

gander001 Tue, 02/10/2015 - 04:27

This solution doesn't work for me.

ASA5505

access-list outbound permit tcp any any eq 22

 

Actions

This Discussion