cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
146
Views
0
Helpful
4
Replies
Highlighted
Beginner

Port 22 NATed how to log into Firewall

Good day Experts

 

Is there a way i can remote log into my firewall either from outside or inside issue is the SSH port from outside is NATed to an inside host when accessed from the outside.

 

I have a host in the DMZ and allowed ssh to its IP address still no luck i cant SSH into the firewall. How else can i remote manage it.

 

I dont have a switch to implement out of Band access on the mgt port.

 

thanks

Everyone's tags (1)
4 REPLIES 4
Highlighted
VIP Mentor

Re: Port 22 NATed how to log into Firewall

Not sure how your network designed. Most of the time if you not able to allow connection directly to FW from outside(not a good security practice), you can have Jump box which can allow from inside to access FW for best practice.

 

if this is Only 1  FW serving internet for the business - if that is fails, you may need some one Physically connect to console and give you access other mean of connection to diagnosis.

BB
*** Rate All Helpful Responses ***
Highlighted
Beginner

Re: Port 22 NATed how to log into Firewall

Hello.

When you say you can't log in, you mean you are not even getting the login prompt on the DMZ server? Have you tried checking live logs via ASDM to make sure the SSH traffic is arriving on the FW?

Regards
Suresh
Highlighted
Beginner

Re: Port 22 NATed how to log into Firewall

I can only log in via console. Remember the ports are mapped to servers.

thanks

Highlighted
Hall of Fame Guru

Re: Port 22 NATed how to log into Firewall

As long as you first permit ssh from the server in the DMZ, you can use it to log into the firewall. You'd have to enter this into the firewall cli from config mode:

ssh dmz <DMZ host address> 255.255.255.255