cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2489
Views
0
Helpful
10
Replies

SSH port redirection

batumibatumi
Level 1
Level 1

Friends,

I have ASA 5505 and want come in from outside world using SSH but i dont want using default SSH port (22).

How could i redirect SSH 22 port in 2233 port ?

Kind Regards

Giorgi

2 Accepted Solutions

Accepted Solutions

Collin Clark
VIP Alumni
VIP Alumni

static (inside,outside) tcp [public ip] 2233 tcp [private ip] 22 netmask 255.255.255.255

Hope that helps.

View solution in original post

I think, if I am not mistaken, the user asked

to change the SSH listen port on the ASA

from the default 22 to something else. For

example, in Linux configuration of

/etc/ssh/sshd_config, you can do this:

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options change a

# default value.

Port 2223

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::

I don't think it can be done with ASA. In

Cisco IOS, you can use the command "ip ssh port xxxx".

View solution in original post

10 Replies 10

Collin Clark
VIP Alumni
VIP Alumni

static (inside,outside) tcp [public ip] 2233 tcp [private ip] 22 netmask 255.255.255.255

Hope that helps.

Thanks for reply but your advice did not helped me. This solution i have already tried but no result.

Any idea ?

Kind Regards

Giorgi

Can you post your static and ACL statements?

I think, if I am not mistaken, the user asked

to change the SSH listen port on the ASA

from the default 22 to something else. For

example, in Linux configuration of

/etc/ssh/sshd_config, you can do this:

# The strategy used for options in the default sshd_config shipped with

# OpenSSH is to specify options with their default value where

# possible, but leave them commented. Uncommented options change a

# default value.

Port 2223

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::

I don't think it can be done with ASA. In

Cisco IOS, you can use the command "ip ssh port xxxx".

batumibatumi,

If that is what you're asking, cisco24x7 is correct, it can not be changed.

I'm asking that, when from outside world i type in Putty public IP address and port 22 - i'd like not to use ssh default port (22) - i wanna use other port for example 2233.

static (inside,outside) tcp 37.79.y.x 2244 10.0.0.1 ssh netmask 255.255.255.255 - 10.0.0.1 is the inside interface of ASA.

Kind Regards

Giorgi

If you want to do something like that, get a

Nokia or Checkpoint Secureplatform.

cisco24x7

You mean that on ASA it is not possible to do that ?

When i type my public IP and port (2233) i can access and using SSH from outside world ?

Kind Regards

Giorgi

NOT possible on ASA.

Nokia and Checkpoint SPLAT uses FreeBSD and

Linux OS, repsectively while ASA is not.

Thanks for answering...

Happy new Year... :)))

Kind Regards

Giorgi

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: