Avatar of Manuel
Manuel
Flag for United States of America asked on

ALLOWING SSH ACCESS INTO INTERNAL DEVICE

Hi,

The current Network looks like this>>>>

       PIX --------- Server 1
        |    --------- Server 2
        |
        |
    Switch 1 ------------ Multiple Hosts
                 ------------ Host AS500

Currently the PIX has static statements and access-list which allow SSH from the outside into Server 1 and Server 2. When one tries to ssh into 216.X.X.A which is the public IP on the PIX. The PIX sends you too Server 1. When you SSH into 216.X.X.B. The PIX sends you too Server 2. What I need is the PIX to allow SSH into another host which is located behind the PIX using SSH. How can I set this up?

Thank You,
vreyesii
   
Software Firewalls

Avatar of undefined
Last Comment
Manuel

8/22/2022 - Mon
rsivanandan

Victor,

  Not clear! You want to add another static entry so that from OUTSIDE you can send ssh to another host?

Can you put up the respective zones as well ?

Cheers,
Rajesh
SOLUTION
giltjr

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Manuel

ASKER
The host named AS500 is the host which I want to direct SSH request.

vreyesii
Keith Alabaster

Server 2 is also behind the PIX is it not?

Do you have any spare external IP addresses left?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
rsivanandan

Seriously I still didn't get the question, he has it in his mind but we don't :-(

Cheers,
Rajesh
Manuel

ASKER
Yes Server 2 is behind the PIX. I do not have anymore external IP address left, and I wouldn't like to get more right now. I am trying to avoid that. I am trying to allow access to the AS500 host using SSH which is located behind the PIX. The AS500 host is a router.

vreyesii
Keith Alabaster

Temporarily, as suggested above, ssh on to server 2. then ssh from there using the internal IP of the AS500
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Manuel

ASKER
So there is no way I can change the port number for SSH between the PIX and the AS500 router to keep using the existing external IP?

vreyesii
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Keith Alabaster

hehehe. I'll leave it to you Rajesh, I can feel a nap coming on :)
rsivanandan

Hey C'mon Keith, it is 12:00 in the night here and I still type so you shouldn't sleep now :-)

Cheers,
Rajesh
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Keith Alabaster

No, I meant from THIS question lol :)
rsivanandan

:-)

Cheers,
Rajesh
Manuel

ASKER
Thanks for the help I got it working.

vreyesii
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.