cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
307
Views
5
Helpful
2
Replies

Access to internal switch from out side using telnet

burleyman
Level 8
Level 8

Let's say for giggles I want to be able to access an internal switch from the outside using the outside interface
using telnet from a specific IP address. I know about the security this is just an exercise that someone asked me about.

 

ASA is running 9.1(1)

ASA outside interface is 1.1.1.1 and the remote public IP I want to use to access is 3.3.3.3
Would this config be correct?

object network CORE_SWITCH_172.16.1.30-TCP22
 host 172.16.1.30
 nat (inside,outside) static interface service tcp 22 22


access-list OUTSIDE_ACCESS_IN extended permit tcp host 3.3.3.3 object CORE_SWITCH_172.16.1.30-TCP22 eq 22

 

I should then be able to use something like Putty from my public IP of 3.3.3.3 and use telnet to go to 1.1.1.1 and it should allow me access to the switch at 172.16.1.30, correct?

 

 

Mike

 

 

 

2 Replies 2

Vibhor Amrodia
Cisco Employee
Cisco Employee

Hi,

Yes , this will work. Two points to take care of :-

1) You cannot enable SSH with this command on the ASA device simultaneously.

2) TELNET would be port :- 23

Thanks and Regards,

Vibhor Amrodia

I was thinking SSH and forgot to change the port number when I switched to using telnet....oh well....thanks.

 

Mike

Review Cisco Networking for a $25 gift card