Can't SSH to Cisco Router from Internet

Answered Question
Mar 22nd, 2010

All,

I am unable to successfully SSH to my Cisco 837 from the Internet.  I believe that I've narrowed down the problem to the access-list applied to the 'line vty 0 4" configuration in my router.  Can my expert friends here please confirm that I need to add the source public ip address to my access-list in order to permit a remote SSH from the Internet to my Cisco 837 router?  Here are the config lines I'm questioning:

------------------------

access-list 23 permit 10.10.10.0 0.0.0.255
access-list 23 deny   any

line vty 0 4
access-class 23 in
exec-timeout 120 0
length 0
transport input ssh

------------------------

I can SSH into the router from my LAN 10.10.10.0/24 without an issue.  It's just SSH from the Internet that is failing.

Thanks very much for the help!

James

I have this problem too.
0 votes
Correct Answer by Jon Marshall about 6 years 8 months ago

James

Yes you will have to permit your public internet IP. Make sure if you do this you only allow your IP as otherwise it is not secure. If your public IP is dynamically assigned then advisable not to do it if you can help it.

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Jon Marshall Mon, 03/22/2010 - 11:26

James

Yes you will have to permit your public internet IP. Make sure if you do this you only allow your IP as otherwise it is not secure. If your public IP is dynamically assigned then advisable not to do it if you can help it.

Jon

Actions

This Discussion

Related Content