I have a cisco 5510 with the old 8.2(5) system running on it. Id like to be able to pass ssh traffic from a server in the DMZ to a server on my lan.
DMZ Server : 192.168.250.230.
LAN Server: 192.168.3.201
What commands do I need to accomplish this?
Here are my interfaces.
ip address x.x.x.194 255.255.255.224
ip address 192.168.0.1 255.255.252.0
ip address 192.168.250.1 255.255.255.0
My ACLs are called
access-group acl_out in interface outside
access-group inside_access_in in interface inside
access-group acl_dmz in interface dmz
Relatedly, I made an external A record for servername.mydomain.com and pointed it to the external IP, then a couple of commands in my ASA
access-list acl_out extended permit tcp any host x.x.x.198 eq xxx
static (dmz,outside) x.x.x.198 192.168.250.230 netmask 255.255.255.255
where xxx is the port we used, and that seems to work. Once connected to that machine though I cant then ssh into a machine on my LAN.