*URGENT* SSH default port change, and access from WAN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2016 01:44 AM - edited 03-05-2019 04:41 AM
Hello All,
I suspect my ISP has blocked port 22, so what I did. I have configured below. However when tried to access from WAN , it is not working.. "ssh -p 2222 username@WAN IP"
Please help guys..
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh port 2222 rotary 1
line vty 0 4
rotary 1
- Labels:
-
Other Routing
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2016 01:54 AM
Have you allowed TCP/2222 on the outside ACL?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2016 01:57 AM
Yes,
380 permit tcp any any eq 2222 log
390 permit udp any any eq 2222 log
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2016 02:03 AM
You don't need UDP for that. Are you sure that there is no deny above these lines? For a test move them to the beginning. Has SSH ever worked from outside?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2016 02:41 AM
moved that to seq 5, yes ssh works from outside.
I have a business partner sitting in US, he says that he is not able to ssh on port 22 (suspect an ISP issue) though it can be ssh'ed from other region. so i thought to change it to 2222 and test it. But now I am not able to ssh it from anywhere on port 2222
P.S- Do I need to put "login local" on line vty or TACACS authentication will work?
