How to show a specific port in a router 6509?

Unanswered Question
Apr 22nd, 2009

This router currently has IOS 12.2. My task is to find out SSH connections from a source ip to a destination ip. I believe ssh port number is 22(correct me if I'm wrong).

The user in the office is using an app that uses SSH connection to connect to a datacenter at another location. So, what command do i use to find out that it actually goes through our office router(6509)?

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Wed, 04/22/2009 - 11:53

Hello Lei,

you need to use an extended ACL.

access-list 111 permit tcp host user-ip destination-ip eq 22

then you have two choices

use

debug ip packet det 111

or you apply a modified ACL like

access-list 112 permit tcp host user-ip destination-ip eq 22 log

access-list 112 permit ip any any

applied on the SVI where the user is:

int Vlan X

ip access-group 112

in the same way you can think to analyze the return path.

ACLs for return path have to be like

access-list 113 permit tcp host server-addr eq 22 host user-ip-addr

don't use the debug without the ACL.

verify the ACL numbers you use are not already present in the device.

Hope to help

Giuseppe

Actions

This Discussion