SSH port redirection

Answered Question
Dec 28th, 2008
User Badges:

Friends,


I have ASA 5505 and want come in from outside world using SSH but i dont want using default SSH port (22).

How could i redirect SSH 22 port in 2233 port ?


Kind Regards

Giorgi

Correct Answer by cisco24x7 about 8 years 6 months ago

I think, if I am not mistaken, the user asked

to change the SSH listen port on the ASA

from the default 22 to something else. For

example, in Linux configuration of

/etc/ssh/sshd_config, you can do this:


# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options change a

# default value.


Port 2223

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::


I don't think it can be done with ASA. In

Cisco IOS, you can use the command "ip ssh port xxxx".


Correct Answer by Collin Clark about 8 years 6 months ago

static (inside,outside) tcp [public ip] 2233 tcp [private ip] 22 netmask 255.255.255.255


Hope that helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Collin Clark Mon, 12/29/2008 - 06:25
User Badges:
  • Purple, 4500 points or more

static (inside,outside) tcp [public ip] 2233 tcp [private ip] 22 netmask 255.255.255.255


Hope that helps.

batumibatumi Mon, 12/29/2008 - 06:55
User Badges:

Thanks for reply but your advice did not helped me. This solution i have already tried but no result.


Any idea ?


Kind Regards

Giorgi

Collin Clark Mon, 12/29/2008 - 07:07
User Badges:
  • Purple, 4500 points or more

Can you post your static and ACL statements?

Correct Answer
cisco24x7 Mon, 12/29/2008 - 07:33
User Badges:
  • Silver, 250 points or more

I think, if I am not mistaken, the user asked

to change the SSH listen port on the ASA

from the default 22 to something else. For

example, in Linux configuration of

/etc/ssh/sshd_config, you can do this:


# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options change a

# default value.


Port 2223

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::


I don't think it can be done with ASA. In

Cisco IOS, you can use the command "ip ssh port xxxx".


Collin Clark Mon, 12/29/2008 - 08:15
User Badges:
  • Purple, 4500 points or more

batumibatumi,


If that is what you're asking, cisco24x7 is correct, it can not be changed.

batumibatumi Mon, 12/29/2008 - 22:37
User Badges:

I'm asking that, when from outside world i type in Putty public IP address and port 22 - i'd like not to use ssh default port (22) - i wanna use other port for example 2233.


static (inside,outside) tcp 37.79.y.x 2244 10.0.0.1 ssh netmask 255.255.255.255 - 10.0.0.1 is the inside interface of ASA.


Kind Regards

Giorgi

cisco24x7 Tue, 12/30/2008 - 03:50
User Badges:
  • Silver, 250 points or more

If you want to do something like that, get a

Nokia or Checkpoint Secureplatform.

batumibatumi Tue, 12/30/2008 - 04:03
User Badges:

cisco24x7


You mean that on ASA it is not possible to do that ?

When i type my public IP and port (2233) i can access and using SSH from outside world ?


Kind Regards

Giorgi

cisco24x7 Tue, 12/30/2008 - 04:11
User Badges:
  • Silver, 250 points or more

NOT possible on ASA.


Nokia and Checkpoint SPLAT uses FreeBSD and

Linux OS, repsectively while ASA is not.

batumibatumi Tue, 12/30/2008 - 07:16
User Badges:

Thanks for answering...


Happy new Year... :)))


Kind Regards

Giorgi

Actions

This Discussion