03-24-2012 05:44 PM - edited 03-04-2019 03:47 PM
I need some help opening up some ports for a sftp client at work.
software version 8.0 (3)
device manager version 6.1 (1)
Thanks for any help.
Solved! Go to Solution.
03-25-2012 06:05 AM
There are 3 things that you'll need to allow sftp inbound: access-list, static mapping, and apply the access list.
Let's assume your outside interface is named Outside and you want to allow people to sftp into 5.5.5.5 that's forwarded to 192.168.1.50. You'd need the following:
static (inside,outside) 5.5.5.5 192.168.1.50 netmask 255.255.255.255
access-list FromOutside permit tcp any host 5.5.5.5 eq 22
access-group FromOutside in interface Outside
John
Please rate useful posts...
03-25-2012 05:22 AM
I thought it might be ip nat inside outside statement
then it looks like a access-list Im new to the cisco router and could really use some help.
Doesn't seem like it would be that hard if I had some direction
Thanks
03-25-2012 06:05 AM
There are 3 things that you'll need to allow sftp inbound: access-list, static mapping, and apply the access list.
Let's assume your outside interface is named Outside and you want to allow people to sftp into 5.5.5.5 that's forwarded to 192.168.1.50. You'd need the following:
static (inside,outside) 5.5.5.5 192.168.1.50 netmask 255.255.255.255
access-list FromOutside permit tcp any host 5.5.5.5 eq 22
access-group FromOutside in interface Outside
John
Please rate useful posts...
03-25-2012 09:10 AM
Thanks that help a lot. I just have one question if I want to open the ports on the 5520 just replace the 5.5.5.5 with one of my public ip's right?
Thanks
03-25-2012 12:44 PM
Yes, just replace that with your assigned public address in the static line and the acl.
John
Please rate all useful posts...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide