Question ASA 5505

Unanswered Question
Dec 15th, 2008
User Badges:

Hi,


I have some questions on ASA.


1°/ How to enable the SSH connection on OUTSIDE interface? I want that a specific host can connect on ASA to the OUTSIDE interface.


2°/ With this command


access-list outside_access_in extended permit icmp host 172.16.0.5 192.168.1.0 255.255.255.0

I can permit a connection from the host 192.168.1.0/24 only to a specific host 172.16.0.5, is-it possible specify a range of host or a network address?





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
m.sir Tue, 12/16/2008 - 00:37
User Badges:
  • Gold, 750 points or more

1)

ssh IP_you_want_allow outside

for example you want allow host 50.50.50.50 to access with ssh to outside int

ssh 50.50.50.50 outside

check this document for more info

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml

2)

actually with this command you permit access from host 172.16.0.5 to network 192.168.1.0

you can add another host as another line in the access list or specify with mask all subnet or part of subnet

M

p.maillot Tue, 12/16/2008 - 03:58
User Badges:

1°) Ok for SSH from inside host but I have a problem on outside interface "Putty error connexion refused"


My outside interface is behind a router and my host are before the router


2°) the command host 172.16.0.5 can add only host 172.16.0.5, is-it possible to add host 172.16.0.5 to 172.16.0.10 for exemple?

Actions

This Discussion