Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1095
Views
10
Helpful
3
Replies

Globally set "ssh-access-list" ?

mhmservice
Level 1
Level 1

‎01-21-2020 02:36 AM - edited ‎02-21-2020 09:50 AM

Hi all

 

Does anyone know how to globally set SSH access list?

 

I have Cisco FMC/FTD 6.2.3.x

 

There's no setting for it from the platform settings section

I tried to use flexconfig bu "configure ssh-access-list" is a blocked command...

 

Any ideas greatly appreciated, its such a waste of time to manually set it on the CLI for each firewall we deploy

 

Thanks in advance

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-21-2020 04:08 AM

I don't have a 6.2 FMC in front of me but on 6.5, if you create platform settings for device type "Threat Defense" (FTD) there is an option to add settings for Secure Shell (i.e., the access-list you're asking about).

nspasov
Cisco Employee
Cisco Employee

‎01-22-2020 12:23 PM

What Marvin said. You need to upgrade to a more recent release where this feature is available in the platform settings under "Secure Shell"

Thank you for rating helpful posts!

0 Helpful

mhmservice
Level 1
Level 1
In response to nspasov

‎01-22-2020 03:21 PM - edited ‎01-22-2020 03:22 PM

I have the "secure shell" option but that only allows you to set an ACL for other interfaces, not the mgmt interface .. unless thats the part that changed in 6.5?

 

Unfortunately I can't upgrade past 6.2 because we deployed our whole company on ASA5506Xs with FTD, only to learn several weeks later that Cisco discontinued support for them , despite the hardware being less than 3 years old ... I wont be using Cisco firewalls in the future because of that, to be frank

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card