Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ssh pix from inside trhought vpn

I i try to ssh or get asdm through my vpn tunnel on the inside pix interface. Unfortunately it doesn t work for any reason. However i can ping the inside ip address on the inside pix interface which is 192.168.21.1.

I ve enable the option management-access inside

ssh 0.0.0.0 0.0.0.0 inside

management-access inside

http 0.0.0.0 0.0.0.0 inside

http enable

here are the access-list if that can help

access-list http-list2 extended permit ip any any

access-list UKDEVPN extended permit ip object-group UKInside object-group DEOffice

access-list UKUKOFFICEVPN extended permit ip object-group UKInside object-group UKOffice

access-list inside_nat0_outbound extended permit ip object-group UKInside object-group DEOffice

access-list inside_nat0_outbound extended permit ip object-group UKInside object-group UKOffice

access-list inside_nat1_outbound extended permit ip object-group UKInside any

access-list inbound extended permit tcp any object-group UKOutEx eq smtp

access-list inbound extended permit tcp any object-group UKOutEx eq pop3

access-list inbound extended permit tcp any object-group UKOutEx eq https

access-list inbound extended permit tcp any object-group UKOutEx eq imap4

access-list inbound extended permit tcp any object-group UKOutEx eq ssh

access-list inbound extended permit tcp any object-group UKOutEx eq 995

access-list inbound extended permit icmp object-group PublicUKOffice object-group UKOutEx

access-list inbound extended permit icmp any any echo-reply

access-list inbound extended permit icmp any any source-quench

access-list inbound extended permit icmp any any unreachable

access-list inbound extended permit icmp any any time-exceeded

access-list inbound extended permit icmp any any

nat (inside) 0 access-list inside_nat0_outbound

nat (inside) 1 access-list inside_nat1_outbound

I m wondering if i ve to add an access-group outbound in inside and allowing anything on it might fix the issue or is it something else?

Thanks in advance for your help

2 REPLIES
Gold

Re: ssh pix from inside trhought vpn

Try following command in configuration mode

management-access inside

M.

Hope that helps rate if it does

New Member

Re: ssh pix from inside trhought vpn

thanks for you answer but i ve already tried this and it still doesn t work. As you can see on my post management-access inside is enable

Alex

91
Views
4
Helpful
2
Replies