Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Configuring ASA to allow for SFTP (tcp-22) access to external server

I need to configure an ASA5505 (SW 7.2(2)) to allow for SFTP (tcp-22) access to an external server. All internal clients use a dynamic NAT/PAT to a single external address (outside interface). Below is the error I see on the ASA:

2 Sep 27 2007 20:54:32 106001 <SFTP-Server-Address> <ASA-outside-interface(NAT)-Address> Inbound TCP connection denied from <SFTP-Server-Address>/22 to <ASA-outside-interface(NAT)-Address>/1321 flags FIN ACK on interface outside

The ASA currently just has the default Security policy on it. Can anyone assist with this config.

2 REPLIES
Bronze

Re: Configuring ASA to allow for SFTP (tcp-22) access to externa

In order to allow outbound SFTP traffic (TCP port 22) please adds the following line:

access-list outbound permit tcp any any eq 22

New Member

This solution doesn't work

This solution doesn't work for me.

ASA5505

access-list outbound permit tcp any any eq 22

 

1931
Views
1
Helpful
2
Replies
CreatePlease to create content