NAT issue : Port forwarding with NAT to reach inside server via SSH

Jillu · ‎04-16-2018

Hi Everyone,

I am having Network devices in 10.90.X.X/24 network given by ISP.

I want to access the server (10.60.x.x) behind the ASR 1000 series Router via SSH from the Host.

ip nat inside tcp 10.60.X.X 22(Server IP & Port) 10.90.X.X(Router Int IP) 2222 extended

After the above command, I can able to access the Server via 10.90.X.X (Router Int IP) with the port 2222 it is working and via 22 I am able to take the Router CLI.

Now the Host's are not supporting 2222 port. So it is possible to map the SSH 22 port for ServerCLI? and allocate any other Port for taking SSH for Router CLI?

When I tried the below command,

ip nat inside tcp 10.60.X.X 22(Server IP & Port) 10.90.X.X(Router Int IP) 22 extended

Router is showing Port 22 is used by System.

Initially the Link is connected through firewall so I have mapped SSH 22 port to Server 22 port.

Now as the Link is getting updated, I have to connect the Uplink to Router.

Suggestions for this issue are highly appreciated.

Seb Rupik · ‎04-16-2018

Hi there,

To change the port which the router ssh service listens on, use the following command:

!
ip ssh port xxx
!

cheers,

Seb.

Jillu · ‎04-17-2018

@Seb Rupik

Thanks for the recommendation.

I have tried it but still same situation.

So I have contacted the Cisco TAC for the same and we are currently on solving the issue.