cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
553
Views
0
Helpful
4
Replies

ssh ASA over RA VPN

gaurang_pandya
Level 1
Level 1

I have configured RA VPN terminating on my asa 7.0(7). I am able to connect to RA VPN and also manage servers behind ASA using RDP, am able to ping inside interface IP but not able to SSH to inside ip,

thought I have added SSH command allowing RA VPN ips, and management-access inside both the commands.

here are some lines of my config.

ip local pool RAIPRange 192.168.50.1-192.168.50.254 mask 255.255.255.0

management-access inside

ssh 192.168.50.0 255.255.255.0 inside

any idea..

4 Replies 4

husycisco
Level 7
Level 7

Hi Gaurang

Assuming outside interface is the termination interface for your RA VPN clients, 192.168.50.0 which is pool for RA VPN clients can not be considered as inside. You should add the folloiwng

ssh 192.168.50.0 255.255.255.0 outside

Maybe management-access inside works with this commadn and you might ssh the inside interface. Otherwise ssh to outside interface

Regards

Oh..i forgot to mention that..but I tried that already without luck. In-fact same config is working in another firewall that I had configured few months back..

Gaurang.

Can you reach to inside interface via ssh from a computer inside?

yes..that works..

Gaurang.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: