IP configuration
interface Vlan1
nameif inside
security-level 100
ip address 192.168.150.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 74.125.77.191 255.255.255.252
Make sure we are using correct globals and nats.
global (outside) 1 interface
nat (inside) 0 access-list ACL-INSIDE
nat (inside) 1 192.168.150.0 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0
Set a static route between outside interface and inside ip on specified port.
Do NOT use outside ip, that will fail, we need "tcp interface".
static (inside,outside) tcp interface 22 192.168.150.99 22 netmask 255.255.255.255
Then its just the matter of a simple access-list to allow hosts and log errors.
access-list ACL-INBOUND extended permit tcp host 12.120.77.169 host 74.125.77.191 eq 22 log errors
access-group ACL-INBOUND in interface outside
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment