01-28-2005 02:14 AM - edited 02-21-2020 01:34 PM
Hello,
I would like to know if the following scenario is possible:
- The laptop establishes a VPN tunnel using the Cisco VPN client to a Cisco VPN gateway at site A.
- The laptop is running a SSH Server (for instance)
- Is it possible to connect to the laptop using SSH from a computer at site A (through the IPSec tunnel)?
I know that it is feasible with a gateway to gateway VPN connection but is it feasible with a client to gateway connection?
Thanks in advance.
Regards,
Bertrand.
02-03-2005 06:54 AM
The scenario you explained is possible.The only thing is that SSH Version 1 is implemented in the Cisco IOS software.
02-03-2005 08:20 AM
Yes, it is possible to run outbound connections to vpn clients. Not only does the vpn gateway have to allow those outbound connections on the local-lan link that unencrypted packets pass, but the cisco vpn client cannot be running the stateful firewall in active mode. A check mark will appear by the stateful firewall option in the vpn options if it is active.
Note that unless that client will always get assigned the same ip address, you would have to configure the gateway to allow outbound connections to the pool, since it won't know beforehand which client is running the ssh service. So there is security risk, but it can be accomplished.
You do not need to run ssh on the vpn gateway since the ssh is an end-to-end session between the vpn client and an internal network host.
Let me know if you need more help.
02-03-2005 10:29 AM
Thanks a lot.
You replied to my question.
Regards,
Bertrand
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide