Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
592
Views
0
Helpful
3
Replies

Firewall and SSH

Duong Nguyen
Level 1
Level 1

‎12-04-2012 01:02 PM - edited ‎03-11-2019 05:32 PM

We have a Cisco Firewall 5510.

When I VPN into the network, I have to rdp to a windows desktop in order to SSH into my linux boxes.

Please show me how to ssh ditrectly from home PC.

Labels:
0 Helpful
3 Replies 3

Jouni Forss
VIP Alumni
VIP Alumni

‎12-04-2012 02:22 PM

Hi,

If you can already access some server/computer remotely through VPN connection, you should be able to configure the ASA to include those other devices too.

If you can provide your ASA configuration (removing any sensitive information from it) we can go through the needed configurations steps for you to be able to directly use the VPN Client computer to access the remote devices with SSH.

If you post the configuration here, please also provide the IP addresses (or a network/subnet) of the devices you need to access

- Jouni

0 Helpful

Duong Nguyen
Level 1
Level 1
In response to Jouni Forss

‎12-11-2012 04:50 PM

Sorry I made a mistake.

It only when I ssh or rdp from home  my vpn connection at work, and try to connect with servers at another location using a point to ppoint vpn that ssh and rdp doesnt work.

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to Duong Nguyen

‎12-11-2012 11:24 PM

Hi,

Did I undestand you correctly, is the situation the following

  • You connect to the company network from home with VPN Client
  • The Linux boxes are located behind a L2L VPN connection thats between the same VPN device that you connect to with the VPN Client

What you would need to confirm is

  • That the remote network(s) that holds these Linux box is included in the VPN Client Split tunnel configurations
    • If the VPN Client is configured to tunnel all traffic you dont have to do anything
  • You have to make sure that the traffic from the VPN Client pool is also allowed to the L2L VPN or if possible NAT the VPN Client users to some address that is already configured on the tunnel

There is also other factors to the this setup but I can only give some general advice without actually seeing your ASA firewall configuration. If you want you can post that for us to go through (remove any sensitive information like public IP:s, username/passwords, etc)

- Jouni

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card