cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1789
Views
0
Helpful
3
Replies

options to allow telnet in through ASA 5505

tjd2112pcca
Level 1
Level 1

Hello, this 5505 is for a car dealership. A parts company has a server which needs to connect through the firewall from the internet and into a Linux server in the inside network using telnet. How do I set up a port translation so the user on the outside uses a non-standard port for telnet which maps to a server on the inside interface on port 23 (normal telnet port)?

3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

tjd2112pcca wrote:

Hello, this 5505 is for a car dealership. A parts company has a server which needs to connect through the firewall from the internet and into a Linux server in the inside network using telnet. How do I set up a port translation so the user on the outside uses a non-standard port for telnet which maps to a server on the inside interface on port 23 (normal telnet port)?

static (inside,outside) tcp 195.17.17.10 8000 192.168.5.10 23

where the server on the outside would connect to 195.17.17.10 on port 8000 and this would get directed to 192.168.5.10 on port 23.

Be advised though that this is not recommended. A much better solution would be to VPN this connection or even ssh if at all possible.

Jon

I take it the 195 address is the outside interface of the ASA? I asked them about using ssh but that is not an option.

tjd2112pcca wrote:

I take it the 195 address is the outside interface of the ASA? I asked them about using ssh but that is not an option.

Actually no it isn't the outside interface address, it is just a spare public IP. If you want to use the interface address -

static (inside,outside) tcp interface 8000 192.168.5.10 23

Jon

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: