07-21-2015 08:20 AM - edited 03-11-2019 11:18 PM
Let's say for giggles I want to be able to access an internal switch from the outside using the outside interface
using telnet from a specific IP address. I know about the security this is just an exercise that someone asked me about.
ASA is running 9.1(1)
ASA outside interface is 1.1.1.1 and the remote public IP I want to use to access is 3.3.3.3
Would this config be correct?
object network CORE_SWITCH_172.16.1.30-TCP22
host 172.16.1.30
nat (inside,outside) static interface service tcp 22 22
access-list OUTSIDE_ACCESS_IN extended permit tcp host 3.3.3.3 object CORE_SWITCH_172.16.1.30-TCP22 eq 22
I should then be able to use something like Putty from my public IP of 3.3.3.3 and use telnet to go to 1.1.1.1 and it should allow me access to the switch at 172.16.1.30, correct?
Mike
07-21-2015 08:28 AM
Hi,
Yes , this will work. Two points to take care of :-
1) You cannot enable SSH with this command on the ASA device simultaneously.
2) TELNET would be port :- 23
Thanks and Regards,
Vibhor Amrodia
07-21-2015 08:33 AM
I was thinking SSH and forgot to change the port number when I switched to using telnet....oh well....thanks.
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide