Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

options to allow telnet in through ASA 5505

Hello, this 5505 is for a car dealership. A parts company has a server which needs to connect through the firewall from the internet and into a Linux server in the inside network using telnet. How do I set up a port translation so the user on the outside uses a non-standard port for telnet which maps to a server on the inside interface on port 23 (normal telnet port)?

3 REPLIES
Hall of Fame Super Blue

Re: options to allow telnet in through ASA 5505

tjd2112pcca wrote:

Hello, this 5505 is for a car dealership. A parts company has a server which needs to connect through the firewall from the internet and into a Linux server in the inside network using telnet. How do I set up a port translation so the user on the outside uses a non-standard port for telnet which maps to a server on the inside interface on port 23 (normal telnet port)?

static (inside,outside) tcp 195.17.17.10 8000 192.168.5.10 23

where the server on the outside would connect to 195.17.17.10 on port 8000 and this would get directed to 192.168.5.10 on port 23.

Be advised though that this is not recommended. A much better solution would be to VPN this connection or even ssh if at all possible.

Jon

New Member

Re: options to allow telnet in through ASA 5505

I take it the 195 address is the outside interface of the ASA? I asked them about using ssh but that is not an option.

Hall of Fame Super Blue

Re: options to allow telnet in through ASA 5505

tjd2112pcca wrote:

I take it the 195 address is the outside interface of the ASA? I asked them about using ssh but that is not an option.

Actually no it isn't the outside interface address, it is just a spare public IP. If you want to use the interface address -

static (inside,outside) tcp interface 8000 192.168.5.10 23

Jon

1431
Views
0
Helpful
3
Replies
CreatePlease to create content