01-11-2007 08:26 AM
Hi, I have an outside client who needs ssh access to an internal sevrer on my LAN. ON my PIX, I've: added a conduit permit statement allowing his outside address inside to the server. Also a static (insie outside) statement giving my interanl server a public address.
What else do I need to do? He still cannot ssh inside. thx.
01-11-2007 10:09 AM
Hi,
Please be aware of the pre-nat/post-nat ip you permitted in the conduit. This always confused me.
Just in case add an outbound statement for the return traffic.
And of course, upgrade to 6.3 and use ACL instead :)
Please rate if this helped.
Regards,
Daniel
01-12-2007 12:48 PM
Did you do a full NAT or a port translation? Please post your statics and outside ACL statement for the SSH access.
01-19-2007 08:42 AM
I am having the same problem. I had a Cisco tech configure the PIX to allow SSH traffic, but the response from the SSH server was not passing out of the firewall. Internally, the SSH server responds fine from an SSH client. Any suggestions?
01-19-2007 09:28 AM
Hi
Have you done any debugging to see where the packet is getting to. What is the default gateway of your ssh server and if it isn't the pix does the ssh server know the route back to the outside client address.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide