can't ssh from higher level interface to lower level interface
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-31-2015 07:23 PM - edited 03-11-2019 11:22 PM
I have a Cisco ASA 5506-X running 9.4. I'm trying to ssh from a machine on the 192.168.1.0 interface to to 192.168.3.0. I have a wireless router using ssh WAN port 4444 that I'm trying to access.
I realize the ssh line for the wlan is probably not right since it's for port 22, but now sure how to change that.
Config attached.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-01-2015 07:02 AM
hi,
your SSH is probably being blocked by the implicit deny on BP_IN ACL.
try to add below. you could also edit the ACL by using host keyword to use specific source and destination IPs instead of an IP subnet.
access-list BP_IN extended permit tcp 192.168.1.0 255.255.255.0 192.168.3.0 255.255.255.0 eq 4444
also, what do you mean by SSH line? based on your config, those are for SSH access to the ASA.
