Solved: ASA 5505 Port Forwarding

Matthew Ralston · ‎05-13-2011

Please can somebody advise me on how to set up port forwarding for inbound SSH?

The outside interface on the ASA is on DHCP. I have a single dynamic public IP from my ISP. The inside interface provides Internet access for the network using NAT.

I have a server on the internal network with an IP of 192.168.0.6 and I would like to access this via SSH (TCP port 22) from outside.

I've been able to do this in the past on a PIX with a static public IP block, but I'm new to ASA and I don't know how to do it with PAT.

Current running config attached for what it's worth, but it's pretty basic at the moment.

Any help would be appreciated!

Thanks,

Matt

Maykol Rojas · ‎05-13-2011

Matt,

static (inside,outside) tcp interface 22 192.168.0.6 22

access-list outside_in permit tcp any interface outside eq 22

access-group outside_in in interface outside

Let me know if it works.

Mike

View solution in original post

Maykol Rojas · ‎05-13-2011

Matt,

static (inside,outside) tcp interface 22 192.168.0.6 22

access-list outside_in permit tcp any interface outside eq 22

access-group outside_in in interface outside

Let me know if it works.

Mike

Matthew Ralston · ‎05-13-2011

That works; fantastic! Easy when you know how, I guess. :-)

I had to make a slight tweak to the static line:

static (inside,outside) tcp interface ssh 192.168.0.6 ssh netmask 255.255.255.255

Thank you very much.

Maykol Rojas · ‎05-13-2011

Hi,

No problem, thanks for using the community, feel free to come back with any questions you may have regarding our products, we will be more than glad to help.

Cheers.

Mike.

Mike