05-20-2016 10:03 AM - edited 03-08-2019 05:51 AM
We have firewall setup to allow ssh from a single public address to one of our switches inside the firewall.
I had Cisco TAC examine acl rules and all is well.
However the ssh connection always times out.
SSH works fine inside.
Anybody know what could be the problem?
05-20-2016 11:26 AM
Hi,
Can you post the configuration? I'd want to verify the ACL and NAT.
If those check out then I'd ask if Unicase RPF is enabled, if the routing inside is symmetrical, if there are any ACLs configured on the switch that prevent SSH from a certain source IP (the NAT'd IP)
Regards,
Tim
05-20-2016 11:49 AM
We would also want to check to determine whether access-class was configured, and if so what it permits and what it denies, which might be what Tim meant about ACLs or might be different. So posting the config would be helpful.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide