Thank you.

I am able to ssh into the inside interface but not to the outside interface or dmz

Should I need to add any access list

The two most important rules for the ASA:

1) Interface-ACLs are never involved when the communication is to the ASA (which is different to an IOS-router)

2) You can only reach the nearest interface when communicating to the ASA (again a difference to the router). The only exception is communication through a VPN where a configured Mgmt-interface can be reached.

--

Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Will I be able to ssh into the ASA using it's Public IP address

Thank you Karsten

How to configure the ssh for outside interface in the cisco Router 2800

I have configured the following on the outside interface

ip access-list extended dsl-in

permit icmp any host 67.*.*.*

permit tcp any host 67.*.*.* eq 22

But I am not able to ssh from outside . Following is the overload for the outside interface

ip nat inside source route-map dsl-nat interface FastEthernet0/2/0 overload

!

ip access-list extended pat-out

deny   ip any 10.0.0.0 0.255.255.255

deny   ip any 192.168.0.0 0.0.255.255

permit ip 10.10.0.0 0.0.255.255 any

permit ip 10.20.0.0 0.0.255.255 any

!

l

route-map dsl-nat permit 10

match interface FastEthernet0/2/0

!

!

The route-map is missing your acl "pat-out". And on the router you also need the piblic/private keypair. A SSH-config could look like that:

crypto key generate rsa general-keys modulus 2048 label SSH-KEYS

ip ssh version 2

ip ssh rsa keypair-name SSH-KEYS

ip ssh dh min size 2048

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Enabling SSH to ANY on the outside interface would not be a good idea. 

That command is not mandatory. It just makes sure that stronger cryptograhy has to be used. But it's only available in very new IOS-versions. SSH will work without that.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

I am still not able to ssh from outside using the public ip. It is a cisco 2800 router

when, I issue the command, it sows the following

(config)#$generate rsa general-keys modulus 2048 label SSH-KEYS

% You already have RSA keys defined named SSH-KEYS.

% They will be replaced.

% The key modulus size is 2048 bits

% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]

Well, then you already have the keys ...

What is your actual config? Any Log-messages while you try to connect?

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

we have recently installed ASA 5525 firewall.

Router1 ------MPLS------Router2-------ASA

                     |

                 Router3

Is the ASA blocking ssh for Router 1 and Router 3 ? I am able to ssh with private ips but not with public ips