<div>
not sure if this is relevant....<br />
<br />
interface Ethernet0/2<br />
&nbsp;speed 100<br />
&nbsp;duplex half<br />
&nbsp;nameif dmz<br />
&nbsp;security-level 100<br />
&nbsp;ip address 10.3.5.1 255.255.255.0
</div>


not sure if this is relevant....

interface Ethernet0/2
 speed 100
 duplex half
 nameif dmz
 security-level 100
 ip address 10.3.5.1 255.255.255.0

<div>
Found it.....<br />
<br />
I needed the command<br />
<br />
access-group inbound in interface outside
</div>


Found it.....

I needed the command

access-group inbound in interface outside

<div>
Oh, I didn't mean that to be an answer since you already found it :-) thnx anyways....<br />
<br />
Cheers,<br />
Rajesh
</div>


Oh, I didn't mean that to be an answer since you already found it :-) thnx anyways....

Cheers,
Rajesh

<div>
<div class="content wysiwyg-content">
I am trying to SSH to an internal Linux machine from another Linux machine outside my network.<br />
<br />
The Linux machine is 10.3.5.10 but is being nat'd at the firewall on IP 206.226.224.177.<br />
<br />
From the external Linux machine:<br />
&gt;&nbsp;ssh -l root 206.226.224.177<br />
<br />
The message I get on the ASA is:<br />
%ASA-2-106001: Inbound TCP connection denied from 210.253.126.208/3096 to 206.226.224.177/22 flags SYN &nbsp;on interface outside<br />
<br />
Here's my ASA 5510 config:<br />
...<br />
access-list inbound extended permit tcp any host 206.226.224.177 eq ssh<br />
static (dmz,outside) 206.226.224.177 10.3.5.10 netmask 255.255.255.255<br />
...<br />
<br />

</div>
</div>


I am trying to SSH to an internal Linux machine from another Linux machine outside my network.

The Linux machine is 10.3.5.10 but is being nat'd at the firewall on IP 206.226.224.177.

From the external Linux machine:
> ssh -l root 206.226.224.177

The message I get on the ASA is:
%ASA-2-106001: Inbound TCP connection denied from 210.253.126.208/3096 to 206.226.224.177/22 flags SYN  on interface outside

Here's my ASA 5510 config:
...
access-list inbound extended permit tcp any host 206.226.224.177 eq ssh
static (dmz,outside) 206.226.224.177 10.3.5.10 netmask 255.255.255.255
...



ACL configuration on Cisco ASA 5510: Getting &quot;Inbound TCP connection denied&quot;

Networking software modules are interfaced with a framework implemented on the machine's operating system that implements the networking functionality of the operating system. The best known frameworks are the TCP/IP model and the OSI model. Systems typically do not use a single protocol to handle a transmission. Instead they use a set of cooperating protocols, sometimes called a protocol family or protocol suite.[9] Some of the best known protocol suites include: IPX/SPX, X.25, AX.25, AppleTalk and TCP/IP. Other protocols indirectly related to networking include the hypertext transfer protocol (HTTP) and its related technologies, Dynamic Host Configuration Protocol (DHCP), Domain Name Server (DNS) and other Internet protocols.

Networking Protocols

The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks and an extension of the Bootstrap Protocol. DHCP allows for computers to be configured automatically to communicate with each other over an IP network without the need for manual setup by a network administrator. The implementation of DHCP relies on a DHCP server to hand out network configuration information to DHCP-capable clients that request an IP address (and other information required or useful in communicating with other devices on an IP network). In addition to an IP address, common configuration information served over DHCP includes a default gateway, subnet mask and DNS sever(s).

DHCP

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

ACL configuration on Cisco ASA 5510: Getting &quot;Inbound TCP connection denied&quot;

ACL configuration on Cisco ASA 5510: Getting "Inbound TCP connection denied"