I have a CIsco 2921 running IOS 15.3-3.M1. I am trying to create a zone based firewall rule to permit ssh traffic from any host outside my network to use NAT to forward port 8222 to 22 to connect to a specific server inside my network (192.168.10.10). The GigabitEthernet 0/0 address of my 2921 is 220.127.116.11 (I've modified the first 3 octets for this post) with netmask 255.255.255.252. Our Comcast modem is at IP address 18.104.22.168.
My class-map, policy-map and zone information are:
class-map type inspect match-any OUTSIDE_TO_INSIDE
description Outside to Inside traffic
match access-group name outside_to_inside
class-map type inspect match-any INSIDE_TO_OUTSIDE
However, the telnet returns without connecting to the 192.168.10.10 server.
I have not found anything helpful to determine what this means when searching Google. Can someone please help me understand this and also how to configure my firewall to make this work. Any help will be greatly appreciated.
Message was edited by: Paul Bratach Pasted the actual interface configuration, since I pasted the map and zone information twice by mistake.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...