From: NoOne Important (lm_nguyen@xxxxxxxxxxx)
Date: Tue Feb 13 2001 - 14:54:27 GMT-3
xxxxxxxxxx i assume is your ethernet address? if so, i
dun really see what's wrong maybe check typos check to see if there's any
access-group define under vty...check routing...etc see if there is any
other access-list block the traffic before it even get there
turn on loggin console and see what happen when telnet or ssh to the
router....
>From: "Sam Munzani" <sam@munzani.com>
>Reply-To: "Sam Munzani" <sam@munzani.com>
>To: <ccielab@groupstudy.com>
>Subject: CISCO FW IOS with allowing SSH to it from outside
>Date: Tue, 13 Feb 2001 11:19:58 -0600
>
>Hi Group,
>
>I installed CISCO FW ios with CBAC commands standard configuration. =
>Works great and for management, I cam telnet and SSH to the box from =
>internal network. Following access is applied to the outside interface.
>
>access-list 100 permit tcp any host xxx.xxx.xxx.xxx eq 22
>access-list 100 permit tcp any host xxx.xxx.xxx.xxx eq 23
>access-list 100 deny ip any any log
>
>ip inspect name test_fw tcp
>ip inspect name test_fw udp
>ip inspect name test_fw cuseeme
>ip inspect name test_fw ftp
>ip inspect name test_fw h323
>ip inspect name test_fw rcmd
>ip inspect name test_fw realaudio
>ip inspect name test_fw smtp
>ip inspect name test_fw streamworks
>ip inspect name test_fw vdolive
>ip inspect name test_fw sqlnet
>ip inspect name test_fw tftp
>
>
>int e0/0
>Descr Outside interface
>ip address xxx.xxx.xxx.xxx 255.255.255.0
>ip inspect test_fw out
>ip access-group 100 in
>
>Telnet & SSH works fine from inside but not form outside. Any =
>suggestions?
>
>Regards,
>
>Sam Munzani
>CCIE # 6479, CCNP, CCDP, MCSE, CNE 5, SCO Master ACE, HP Openview =
>Consultant
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:47 GMT-3