1.1.1.1 = Outside IP Address 192.168.1.1 = Inside "Host" IP Address
Asa(config)# static (inside,outside) tcp 1.1.1.1 22 192.168.1.1 22 netmask 255.255.255.255 0 0 Asa(config)# access-list OUTSIDE_ACCESS_IN permit tcp any host 1.1.1.1 eq 22 Asa(config)# access-group OUTSIDE_ACCESS_IN in interface outside Hope this helps, Aaron T. Rohyans Senior Network Engineer CCIE #21945, CCSP, CCNA, CQS-Firewall, CQS-IDS, CQS-VPN, ISSP, CISP, JNCIA-ER DPSciences Corporation 7400 N. Shadeland Ave., Suite 245 Indianapolis, IN 46250 Office: (317) 348-0099 Fax: (317) 849-7134 arohy...@dpsciences.com <mailto:dwiss...@dpsciences.com> http://www.dpsciences.com/ From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Friday, February 27, 2009 10:10 AM To: NT System Admin Issues Subject: Re: Cisco ASA Question You can I think do the port forwarding but I don't know how. I have a stack of books on the ASA that I am only just getting to read. I have to find out about the port 80 filtering first (the reason I spent for the books). Jon On Fri, Feb 27, 2009 at 9:53 AM, Kelsey, John <jckel...@drmc.org> wrote: No VPN. I thought I could just do port forwarding, but apparently I can't. ******************************* John C. Kelsey DuBois Regional Medical Center (: 814.375.3073 *: jckel...@drmc.org <mailto:jckel...@drmc.org> ******************************* -----Original Message----- From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Friday, February 27, 2009 09:48 To: NT System Admin Issues Subject: RE: Cisco ASA Question I'm not familiar with the ASA devices, but are you creating a VPN tunnel through the device first? I would think you would need to do that to access resources on the internal network. Chris Bodnar, MCSE Sr. Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 ________________________________ From: Kelsey, John [mailto:jckel...@drmc.org] Sent: Friday, February 27, 2009 9:42 AM To: NT System Admin Issues Subject: Cisco ASA Question Hi all, Working on a Cisco ASA 5505, trying to get to a machine on the inside interface via SSH from a machine on the outside interface. I can SSH to the ASA itself, but can't figure out how to get to a host behind it. I tried all kinds of ACL's, no joy. Any suggestions for a ASA noob? Thanks all! ******************************* John C. Kelsey DuBois Regional Medical Center (: 814.375.3073 2 : 814.375.4005 *: jckel...@drmc.org <mailto:jckel...@drmc.org> ******************************* This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. ________________________________ This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~