Hey,

I'm trying to connect to my RasPi SSH via Internet.

This is the Setup:

SSH Internet -- > Fritzbox 192.168.178.1 --> Switch 192.168.178.2 Gi10 VLAN1 --> XXX --> RasPi 172.16.1.1 VLAN1

I setup my Router (Fritzbox) with Portforwarding. The SG350 is reachable via Internet. So the Forwarding is working.

But how can I Forward the RasPi-Port via the SG350? I tried ACLs but it was not working.

config-file-header
switchc24abb
v2.3.5.63 / RLINUX_923_093
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan 2
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp server
ip dhcp pool host fhem-server
address 172.16.1.1 255.255.255.0 hardware-address b8:27:eb:3a:3d:b9
dns-server 172.16.1.1
exit
ip dhcp pool host vusolo2
address 172.16.1.11 255.255.255.0 client-identifier 01:00:1d:ec:0a:2c:6f
dns-server 172.16.1.1
exit
ip dhcp pool host nils-desktop
address 172.16.2.10 255.255.255.0 hardware-address bc:5f:f4:ba:d7:1f
dns-server 172.16.1.1
exit
ip dhcp pool host PC-192-168-178-100
address 172.16.3.20 255.255.0.0 client-identifier 40:f3:08:c9:b2:ff
domain-name lan
dns-server 172.16.2.1
exit
ip dhcp pool host fritz-repeater
address 192.168.178.5 255.255.255.0 client-identifier 01:62:ff:4d:e0:6f:7c
default-router 192.168.178.1
dns-server 192.168.178.1
exit
ip dhcp pool host fhem-heizung
address 192.168.178.150 255.255.255.0 hardware-address 74:da:38:62:19:da
client-name fhem-heizung
default-router 192.168.178.1
dns-server 192.168.178.1
exit
ip dhcp pool host harmonyhub
address 192.168.178.151 255.255.255.0 client-identifier 01:00:04:20:f7:da:8e
client-name harmonyhub
default-router 192.168.178.1
dns-server 192.168.178.1
exit
ip dhcp pool host TabletFlur
address 192.168.178.152 255.255.255.0 hardware-address c0:98:79:05:b0:32
exit
ip dhcp pool network "vlan2"
address low 172.16.2.100 high 172.16.2.200 255.255.255.0
dns-server 172.16.1.1
exit
ip dhcp pool network guests
address low 192.168.178.100 high 192.168.178.150 255.255.255.0
lease 0 0 5
domain-name lan
default-router 192.168.178.1
dns-server 172.16.1.1
exit
ip dhcp pool network intern
address low 172.16.1.100 high 172.16.1.200 255.255.255.0
dns-server 172.16.2.1
exit
bonjour interface range vlan 1
ip access-list extended test
permit udp 192.168.178.1 0.0.0.0 443 172.16.1.1 0.0.0.0 443 ace-priority 10
permit tcp 192.168.178.2 0.0.0.0 1082 172.16.1.1 0.0.0.0 1082 ace-priority 20
exit
hostname switchc24abb
line ssh
exec-timeout 0
exit
logging origin-id hostname
username cisco password encrypted 93c108d9e4847e8ee1edb79aaf703f76062b1137 privilege 15
ip ssh server
ip http timeout-policy 0 http-only
ip domain name lan
ip name-server 172.16.1.1
ip domain polling-interval 8
!
interface vlan 1
ip address 172.16.1.254 255.255.255.0
no ip address dhcp
!
interface vlan 2
name Büro
ip address 172.16.2.254 255.255.255.0
!
interface GigabitEthernet3
switchport access vlan 2
!
interface GigabitEthernet10
ip address 192.168.178.2 255.255.255.0
no switchport
!
exit
ip helper-address 192.168.178.2 192.168.178.3 53
ip helper-address all 192.168.178.3 53
ip default-gateway 192.168.178.1