Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
371
Views
0
Helpful
1
Replies

SSH port forward won't work - ASA 5505 on ASA 8.4(1), ASDM 7.1(6)

joshua222
Level 1
Level 1

‎04-17-2015 02:44 PM - edited ‎03-11-2019 10:48 PM

I'm trying to expose my sftp server (which is behind the asa unit) via ssh to an external ip in my ip block. So far it's just not working.

The pertinent bits of my running config are below. Does anyone see anything wrong with this?

object network sftp-internal 
 host 192.168.2.155
object network sftp-external 
 host xxx.xxx.xxx.138
object network sftp-internal
 nat (inside,outside) static sftp-external service tcp ssh ssh
access-list outside_access_in extended permit tcp any eq ssh object sftp-internal eq ssh
Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎04-19-2015 11:04 AM

Your acl is wrong because the source port won't be the same as the destination port ie. the entry should be -

access-list outside_access_in extended permit tcp any object sftp-internal eq ssh

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card