02-12-2009 10:00 AM - edited 03-11-2019 07:49 AM
I have a cisco asa 5505 that is setup as the ssh server. I am able to access it without any problem.
Once connected to the ASA 5505, I would like to telnet to my old terminal server 2509 that doesn't support ssh.
How to telnet a device FROM cisco asa 5505?
02-12-2009 10:03 AM
You cannot initiate telnet session from any ASA/PIX firewall, you will have to allow straigh telnet access from outside to inside towards the 2509 server.
02-12-2009 10:12 AM
Thanks -
That is what I am doing right now. But I don't feel secure accessing my home lab using telnet.
Is there a workaround for me to access the 2509 securely with asa?
02-12-2009 10:25 AM
I am assuming that you have a switch. How about ssh to the switch and from the switch telnet to the 2509?
02-12-2009 10:33 AM
Thanks - I am going to try it.
But, Is that possible to forward port 22 to a switch with cisco asa?
02-12-2009 10:38 AM
I'd have to try it myself. But how about setting up a VPN session? It will be more secure.
02-12-2009 12:03 PM
Vpn traffics are block at my workplace.
I am able to vpn to my home lab from starbuxx but not at my workplace. Ssh and telnet are the only open ports i find so far.
I want to connect to my home lab from work because I have some free time that I would like to invest to get my CCNP certification.
02-12-2009 12:05 PM
If IPSec vpn is blocked. SSL vpn should work fine. refer to my post below.
02-12-2009 11:21 AM
You can use SSL VPN or regular IPSec VPN.
SSL VPN:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00806ea271.shtml
IPSec VPN:
02-12-2009 12:36 PM
I agree with Keven's idea, I would be surprised SSL be block at your work place, if from your work you are allow internet banking most likely they allow ssl , so configure webvpn in your asa5505 and you can prety much access all your inside resources through webvpn.
Regards
02-13-2009 03:58 PM
Thanks -
I am now able to webvpn to the asa but I can't figure out how to telnet from the webvpn to my terminal server.
I need some help -
02-14-2009 12:02 PM
You need config "port forwarding".
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/webvpn.html#wp1000093
02-14-2009 12:17 PM
Thanks,
I am using the Cisco ASA 5500 Series adaptive security appliance, Version 8.0 and the webvpn homepage doesn't have the link for "application access". as described in the cisco doc.
You can contact me by email (tititech@gmail.com">tititech@gmail.com) and I will give you access to my lab.
02-14-2009 12:23 PM
Sorry, busy right now. You can try ver 8 document. You should see "application access" after you enable "port forwarding"..
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/webvpn.html#wp1291474
02-14-2009 12:27 PM
Thanks for the new link - I am going to try it - I will let know about the result.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide