Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Configure Cisco ASA for remote access thru public ip

hi all,

please advise ice if it is possible to configure Cisco asa for remote access thru public ip?

regards,

john

1 ACCEPTED SOLUTION

Accepted Solutions

hi,

hi,

when you say 'remote access' do you mean SSH to the box or enable anyconnect feature on the ASA?

8 REPLIES
VIP Super Bronze

Hi,

Hi,

Yes, Cisco ASA can be configured for remote access/vpn.

HTH

hi,

hi,

when you say 'remote access' do you mean SSH to the box or enable anyconnect feature on the ASA?

New Member

Hi johnlloyd_13 ,

Hi johnlloyd_13 ,

SSH the box from external network using public.

Regards,

John

hi,

hi,

just enable SSH and specify the allowed network or host IPs to the ASA.

here's a useful link to enable SSH on the ASA:

http://wannabelab.blogspot.com/2014/01/configuring-my-cisco-asa-5505-home-lab.html

New Member

I did not see he use the

I did not see he use the public ip to ssh to the asa its just local.

hi,

hi,

do you have management servers or a remote sitet using public ip space?

just replace the allowed host IP/subnet according to your environment:

ssh 123.4.5.0 255.255.255.0 outside    <<< ALLOW 123.4.5.0/24 TO SSH TO ASA 'outside' PUBLIC IP ADDRESS

ssh 67.8.9.1 255.255.255.255 outside    <<< ALLOW ONLY HOST 67.8.9.1 TO SSH TO ASA

New Member

Hi Johnlloyd,

Hi Johnlloyd,

if i am outside the network say at home and i want to ssh the asa on customer site.

will this command ssh "0.0.0.0 0.0.0.0 outside" work? because i plan to access the FW from anywhere.

hi,

hi,

yes, it's basically allowing SSH from 'any' source IP coming from the ASA 'outside' interface.

although i wouldn't do such SSH command unless it's necessary (and approved by IT management) and you have other layers of security in place on the ASA such as TACACS/AAA, 'strong' local admin passwords, etc.

58
Views
0
Helpful
8
Replies