02-04-2015 08:28 AM - edited 03-11-2019 10:26 PM
I have two pieces of equipment on the inside of the network that people on the outside need to access via SSH. Is there a way to do this?
Mike
Solved! Go to Solution.
02-04-2015 11:19 AM
There are many ways:
Probably you'll pick solution 2, then the config could look like that on the ASA:
object network SERVER1 host 10.10.10.1 nat (inside,outside) static interface service tcp 22 221 object network SERVER2 host 10.10.10.2 nat (inside,outside) static interface service tcp 22 222 object network SERVER3 host 10.10.10.3 nat (inside,outside) static interface service tcp 22 223 access-list OUTSIDE-IN permit tcp any object SERVER1 eq 22 access-list OUTSIDE-IN permit tcp any object SERVER2 eq 22 access-list OUTSIDE-IN permit tcp any object SERVER3 eq 22
02-04-2015 11:19 AM
There are many ways:
Probably you'll pick solution 2, then the config could look like that on the ASA:
object network SERVER1 host 10.10.10.1 nat (inside,outside) static interface service tcp 22 221 object network SERVER2 host 10.10.10.2 nat (inside,outside) static interface service tcp 22 222 object network SERVER3 host 10.10.10.3 nat (inside,outside) static interface service tcp 22 223 access-list OUTSIDE-IN permit tcp any object SERVER1 eq 22 access-list OUTSIDE-IN permit tcp any object SERVER2 eq 22 access-list OUTSIDE-IN permit tcp any object SERVER3 eq 22
02-04-2015 11:29 AM
Choice number 2 was where I was heading. Thanks for the confirmation.
Thanks,
Mike
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: