I have an ASA 5510 and port 22 is open. I thought by default that it should be blocked but when I check to see if the port is open by a website (e.g.,
http://www.yougetsignal.com/tools/open-ports) it shows that it is open. I opened Ports 80, 443, and 25. I added an access list by CLI and ASDM but it still shows that port 22 is open. Here is the script #access-list 100 extended deny tcp any any eq 22 and I done the same using ASDM but substituted ssh for the port number. Does anyone know why this port is open? I saw some activity on my firewall that someone (with an IP address based in China) was trying to access my network via port 22. I think they were running a port scanner. But I have no need to have port 22 open.
The ACLs will generally just block traffic through the ASA, not to the ASA.
In the newer softwares you have the option to build an ACL to block traffic destined to an actual ASA interface IP address
access-group in interface control-plane
This ACL should naturally be something used only for this purpose and not use an existing ACL.
Though regarding your SSH problem you might have enabled SSH management from behind "outside" with "any" source address
ssh 0.0.0.0 0.0.0.0 outside
You can check this with the command
show run ssh
The earlier command I mentioned overrides even the ACL setting that is used to limit connectivity to the ASA itself. So you might want to check how you SSH management setting is configured. This might be causing the results you are seeing.
Multiple Cisco Security Technologies in a single book : ASA Firepower, WSA, Umbrella, ISE and VPN with 100 percent 100 practical scenarios with 70 Labs to cover important topics of the Cisco SCOR Exam. The best part is ISE with interesting scenarios wi...
Cisco Umbrella is a big DNS service that provides not only the DNS resolution but also if the hosted website is trust or malicious, the idea behind the Layer DNS Security is that the modern attacks uses the DNS in the first step either to redirect the use...
I shared with you this detailed document I created with 27 pages about Cisco ISE Integration With F5 BIG-IP Locar Traffic Manager LTM Load Balancer for Guest Acces.
The method used for Guest Access is the Self-Registration.
Healt Monitor using HTTP...
I created an IPSEC Site to site Tunnel between two ASA Firewalls in EVE-NG topology and i want to plot the IPSEC Site to Site VPN graph on PRTG ? The SNMP Walk command is not getting any output . As the firewall is making SNMP inbound connections with the...
The purpose of this document is to demonstrate how ISE can integrate with an eduroam external server which is a WI-Fi roaming service that provides international access to devices in education, research, and higher education. Students, teachers, and resea...