options to allow telnet in through ASA 5505

Unanswered Question
Feb 26th, 2010

Hello, this 5505 is for a car dealership. A parts company has a server which needs to connect through the firewall from the internet and into a Linux server in the inside network using telnet. How do I set up a port translation so the user on the outside uses a non-standard port for telnet which maps to a server on the inside interface on port 23 (normal telnet port)?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Fri, 02/26/2010 - 08:29

tjd2112pcca wrote:

Hello, this 5505 is for a car dealership. A parts company has a server which needs to connect through the firewall from the internet and into a Linux server in the inside network using telnet. How do I set up a port translation so the user on the outside uses a non-standard port for telnet which maps to a server on the inside interface on port 23 (normal telnet port)?

static (inside,outside) tcp 195.17.17.10 8000 192.168.5.10 23

where the server on the outside would connect to 195.17.17.10 on port 8000 and this would get directed to 192.168.5.10 on port 23.

Be advised though that this is not recommended. A much better solution would be to VPN this connection or even ssh if at all possible.

Jon

tjd2112pcca Fri, 02/26/2010 - 08:38

I take it the 195 address is the outside interface of the ASA? I asked them about using ssh but that is not an option.

Jon Marshall Fri, 02/26/2010 - 11:16

tjd2112pcca wrote:

I take it the 195 address is the outside interface of the ASA? I asked them about using ssh but that is not an option.

Actually no it isn't the outside interface address, it is just a spare public IP. If you want to use the interface address -

static (inside,outside) tcp interface 8000 192.168.5.10 23

Jon

Actions

This Discussion