12-18-2014 11:58 PM - edited 03-07-2019 09:57 PM
Hello everyone,
Easy question, but not for me :)
I am trying to modify an ACL on outside interface that allows THE ONLY PUBLIC IP to connect to the server 62.xxx.xxx.57 using SSH - see screenshot.
The existing rule permits any host from outside to do so. What I have done is changed ANY to 197.14.12.22 however it did not stopped ANY host from accessing the server via ssh. Please advise what I am doing wrong?
Solved! Go to Solution.
12-19-2014 01:31 AM
12-19-2014 04:12 AM
If I understand what you are wanting to do, only allow the 197.x.x.x address to access the server via SSH, change the service from ip to tcp/ssh.
Clear conn and test again.
12-19-2014 01:31 AM
12-19-2014 04:38 AM
Thanks a lot Karsten,
There really was any-any ip allow rule below. 2& especially 3 from you are very precisious advices for newbie like me.
12-19-2014 04:44 AM
And remember that if you allow "ip" to a host, you are probably doing something in a sub-optimal way (or just wrong). Especially from the outside, only the ports that are really needed should be allowed.
12-19-2014 04:12 AM
If I understand what you are wanting to do, only allow the 197.x.x.x address to access the server via SSH, change the service from ip to tcp/ssh.
Clear conn and test again.
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide