Solved

SSH PIX

Posted on 2009-07-07
4
396 Views
Last Modified: 2013-11-16
I am trying to configure one pix version 6.3 and 7.2 to use putty and SSH login to the pix from inside the LAN from only 3 LAN ip addresses all other IP's would not be allowed login. if needed i will can provide more info. looking for the correct commands.
0
Comment
Question by:jeffsteffy
  • 3
4 Comments
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24799393
Hi,
make a  acl 101 deny tcp 0.0.0.0 255.255.255.255 your.sshd.ser.ver 0.0.0.0  eq 22

and a

acl 101 permit tcp 10.10.1.1-3 255.255.255.0 your.sshd.ser.ver 0.0.0.0 eq 22

where the 10.10.1.1-3 is the range of ips you want to allow, if not a range, enumerate them one by one

Jfer
0
 
LVL 2

Author Comment

by:jeffsteffy
ID: 24799440
What does this part do? your.sshd.ser.ver 0.0.0.0
0
 
LVL 9

Accepted Solution

by:
jfer0x01 earned 500 total points
ID: 24799580
the ip of the ssh device you are going into, and the subnet
0
 
LVL 9

Expert Comment

by:jfer0x01
ID: 24799893
actually,

just try access-list 101 permit tcp 10.10.1.1-3 255.255.255.0 your.sshd.ser.ver 0.0.0.255 eq 22

the last set of numbers before the 22 is the wildcard bit for the subnet

Jfer
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Gateway Resilience 4 49
Cisco IP NAT Translation not working 9 26
Cisco Switch Port Security 2 34
Website Issue 10 59
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now