03-22-2010 11:04 AM - edited 03-11-2019 10:24 AM
All,
I am unable to successfully SSH to my Cisco 837 from the Internet. I believe that I've narrowed down the problem to the access-list applied to the 'line vty 0 4" configuration in my router. Can my expert friends here please confirm that I need to add the source public ip address to my access-list in order to permit a remote SSH from the Internet to my Cisco 837 router? Here are the config lines I'm questioning:
------------------------
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 23 deny any
line vty 0 4
access-class 23 in
exec-timeout 120 0
length 0
transport input ssh
------------------------
I can SSH into the router from my LAN 10.10.10.0/24 without an issue. It's just SSH from the Internet that is failing.
Thanks very much for the help!
James
Solved! Go to Solution.
03-22-2010 11:26 AM
James
Yes you will have to permit your public internet IP. Make sure if you do this you only allow your IP as otherwise it is not secure. If your public IP is dynamically assigned then advisable not to do it if you can help it.
Jon
03-22-2010 11:26 AM
James
Yes you will have to permit your public internet IP. Make sure if you do this you only allow your IP as otherwise it is not secure. If your public IP is dynamically assigned then advisable not to do it if you can help it.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide