Solved: Can't SSH to Cisco Router from Internet

jaesposito · ‎03-22-2010

All,

I am unable to successfully SSH to my Cisco 837 from the Internet. I believe that I've narrowed down the problem to the access-list applied to the 'line vty 0 4" configuration in my router. Can my expert friends here please confirm that I need to add the source public ip address to my access-list in order to permit a remote SSH from the Internet to my Cisco 837 router? Here are the config lines I'm questioning:

------------------------

access-list 23 permit 10.10.10.0 0.0.0.255
access-list 23 deny any

line vty 0 4
access-class 23 in
exec-timeout 120 0
length 0
transport input ssh

------------------------

I can SSH into the router from my LAN 10.10.10.0/24 without an issue. It's just SSH from the Internet that is failing.

Thanks very much for the help!

James

Jon Marshall · ‎03-22-2010

James

Yes you will have to permit your public internet IP. Make sure if you do this you only allow your IP as otherwise it is not secure. If your public IP is dynamically assigned then advisable not to do it if you can help it.

Jon

View solution in original post

Jon Marshall · ‎03-22-2010

James

Yes you will have to permit your public internet IP. Make sure if you do this you only allow your IP as otherwise it is not secure. If your public IP is dynamically assigned then advisable not to do it if you can help it.

Jon