12-28-2008 11:22 PM - edited 03-11-2019 07:30 AM
Friends,
I have ASA 5505 and want come in from outside world using SSH but i dont want using default SSH port (22).
How could i redirect SSH 22 port in 2233 port ?
Kind Regards
Giorgi
Solved! Go to Solution.
12-29-2008 06:25 AM
static (inside,outside) tcp [public ip] 2233 tcp [private ip] 22 netmask 255.255.255.255
Hope that helps.
12-29-2008 07:33 AM
I think, if I am not mistaken, the user asked
to change the SSH listen port on the ASA
from the default 22 to something else. For
example, in Linux configuration of
/etc/ssh/sshd_config, you can do this:
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
Port 2223
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
I don't think it can be done with ASA. In
Cisco IOS, you can use the command "ip ssh port xxxx".
12-29-2008 06:25 AM
static (inside,outside) tcp [public ip] 2233 tcp [private ip] 22 netmask 255.255.255.255
Hope that helps.
12-29-2008 06:55 AM
Thanks for reply but your advice did not helped me. This solution i have already tried but no result.
Any idea ?
Kind Regards
Giorgi
12-29-2008 07:07 AM
Can you post your static and ACL statements?
12-29-2008 07:33 AM
I think, if I am not mistaken, the user asked
to change the SSH listen port on the ASA
from the default 22 to something else. For
example, in Linux configuration of
/etc/ssh/sshd_config, you can do this:
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
Port 2223
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
I don't think it can be done with ASA. In
Cisco IOS, you can use the command "ip ssh port xxxx".
12-29-2008 08:15 AM
batumibatumi,
If that is what you're asking, cisco24x7 is correct, it can not be changed.
12-29-2008 10:37 PM
I'm asking that, when from outside world i type in Putty public IP address and port 22 - i'd like not to use ssh default port (22) - i wanna use other port for example 2233.
static (inside,outside) tcp 37.79.y.x 2244 10.0.0.1 ssh netmask 255.255.255.255 - 10.0.0.1 is the inside interface of ASA.
Kind Regards
Giorgi
12-30-2008 03:50 AM
If you want to do something like that, get a
Nokia or Checkpoint Secureplatform.
12-30-2008 04:03 AM
cisco24x7
You mean that on ASA it is not possible to do that ?
When i type my public IP and port (2233) i can access and using SSH from outside world ?
Kind Regards
Giorgi
12-30-2008 04:11 AM
NOT possible on ASA.
Nokia and Checkpoint SPLAT uses FreeBSD and
Linux OS, repsectively while ASA is not.
12-30-2008 07:16 AM
Thanks for answering...
Happy new Year... :)))
Kind Regards
Giorgi
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide