The network contains 2 WAN links with loadbalancing configuration.
2 static public IPs. SSH is enable on router to access from outside.
Now they want to access the server (192.168.30.2) working on CENTOS remotely using SSH.
Configured NAT in router 4321- mapping 2 WAN IPs to 1 private IP (CentOS server).
access-list 101 permit tcp any host x.x.x.x eq 22
access-list 102 permit tcp any host y.y.y.y eq 22
ip nat inside source static tcp 192.168.30.2 x.x.x.x 22 extendable
ip nat inside source static tcp 192.168.30.2 y.y.y.y 22 extendable
If i try to access the server from outside using SSH, it reaches the router CLI. How to access the server on port 22?
I tried the below configuration. But SSH can be reached on the port 8088 as well as port 22.
ip ssh port 8088 rotary 1
line vty 0 15
Please help me to resolve this issue.
Thanks in advance.
Note that whatever interface the SSH traffics comes in on (for NAT) it must leave via that same interface. So life will be easier if inbound SSH is enabled on only one WAN interface, and then you can change your route-map so that it matches traffic from that one box and sends it out that one single link.
Normally when you do a port 22 forward you loose access to SSH on that interface on the router. The NAT takes priority over the local listening service, so that bit is interested.
What software version are you using on your 4321?
Cisco IOS XE Software, Version 03.15.01c.S - Standard Support Release
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(2)S1c, RELEASE SOFTWARE (fc1)
How can I achieve the solution.
Yeah.. I'm having the same issue.
I want the Outside Network host to access the Inside Network Linux Server through SSH.
But I am able to take the router CLI only by using both the ports. So I have altered the Configuration as follows,
ip nat inside source static tcp 10.X.X.X(Server IP) 22 10.9.X.X(Router Interface) 22
ip nat inside source static tcp 10.X.X.X (Server IP) 22 interface gig0/1(Outside Interface) 22100
But still same status on both ports 22 & 22100(Only router CLI) . I tried clear ip nat trans also.
Kindly suggest a solution for this.