ā05-07-2010 10:39 AM - edited ā03-11-2019 10:42 AM
Need some help on ASA5520. It's the first time configuring it and all servers are reachable and work but there's one specific Server which I need SSH access I made the custom configuration but no joy.
Following the information from "Sh run" about SSH config
object-group service SSH tcp
description ACESSO_SSH
port-object eq ssh
ssh 10.6.84.45 255.255.255.255 inside
ssh 10.6.84.70 255.255.255.255 inside
ssh 10.6.84.44 255.255.255.255 inside
ssh 10.6.84.49 255.255.255.255 inside
ssh VLAN84_DADM-3040 255.255.255.0 inside
ssh 10.6.84.18 255.255.255.255 inside
ssh timeout 60
ssh version 1
Thaaanks !
Solved! Go to Solution.
ā05-07-2010 11:12 AM
Amanda,
If you need to establish an SSH session from the inside interface to the DMZ, you need NAT (if having nat-control enabled).
i.e
nat (inside) 1 0 0
global (DMZ) 1 interface
With the above configuration you should be able to SSH to the DMZ server from the inside LAN (assuming the name of the interfaces are inside and DMZ respectively).
Federico.
ā05-07-2010 10:42 AM
Amanda
The configuration that you posted is the list of IPs allowed to establish an SSH connection to the ASA.
You need to be able to SSH to a server or to the ASA itself?
What's the IP of such server?
Federico.
ā05-07-2010 11:04 AM
I need to stablish the SSH connection from my LAN to the server. Before we had a PIX we didn't have any problem , but after the migration i'm unable to do so.
The ip of my server is 172.16.0.3 and it is on the DMZ interface.
Amanda.
ā05-07-2010 11:12 AM
Amanda,
If you need to establish an SSH session from the inside interface to the DMZ, you need NAT (if having nat-control enabled).
i.e
nat (inside) 1 0 0
global (DMZ) 1 interface
With the above configuration you should be able to SSH to the DMZ server from the inside LAN (assuming the name of the interfaces are inside and DMZ respectively).
Federico.
ā05-07-2010 11:23 AM
All ok !
Thanks Mate !
ā05-07-2010 11:26 AM
Good news ;-)
Thanks for the rating!
Federico.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: