Solved: For that you only need access

mbhatti1986 · ‎09-03-2015

Hi All,

Is there a way to create Reverse ssh tunnel through ASA.

I have 5520 and there is a server behind the ASA. I would like to create Reverse SSH tunnel from server in our Datacentre to the server behind the ASA. Both servers have public ip addresses. Would it be just a case of allowing the connection from the Server in DC to the server behind ASA on port 22 or is there anything else needed.

I also read somewhere that we can use port to port mapping for this purpose.

Appreciate your help on this.

Thanks

Karsten Iwen · ‎09-03-2015

For that you only need access-control. On the interface where the connection enters the ASA, add a an ACL line like the folllowing:

access-list NAME-OF-ACL permit tcp host SSH-CLIENT-IP host SSH-SERVER-IP eq 22

--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

Karsten Iwen · ‎09-03-2015

For that you only need access-control. On the interface where the connection enters the ASA, add a an ACL line like the folllowing:

access-list NAME-OF-ACL permit tcp host SSH-CLIENT-IP host SSH-SERVER-IP eq 22

--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Reverse SSH through ASA