Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

SSH access to internal server

Hi, I have an outside client who needs ssh access to an internal sevrer on my LAN. ON my PIX, I've: added a conduit permit statement allowing his outside address inside to the server. Also a static (insie outside) statement giving my interanl server a public address.

What else do I need to do? He still cannot ssh inside. thx.

4 REPLIES

Re: SSH access to internal server

Hi,

Please be aware of the pre-nat/post-nat ip you permitted in the conduit. This always confused me.

Just in case add an outbound statement for the return traffic.

And of course, upgrade to 6.3 and use ACL instead :)

Please rate if this helped.

Regards,

Daniel

Re: SSH access to internal server

Did you do a full NAT or a port translation? Please post your statics and outside ACL statement for the SSH access.

New Member

Re: SSH access to internal server

I am having the same problem. I had a Cisco tech configure the PIX to allow SSH traffic, but the response from the SSH server was not passing out of the firewall. Internally, the SSH server responds fine from an SSH client. Any suggestions?

Hall of Fame Super Blue

Re: SSH access to internal server

Hi

Have you done any debugging to see where the packet is getting to. What is the default gateway of your ssh server and if it isn't the pix does the ssh server know the route back to the outside client address.

HTH

213
Views
0
Helpful
4
Replies
CreatePlease to create content