Cisco ASA 5505 Transparent Firewall only allow specific IP access SSH
- Define some groups
- object-group network sysadmin
- network-object host <IP>
- exit
- object-group network webhost
- network-object host <IP>
- Build access-list
- access-list inside-out permit tcp object-group sysadmin object-group webhost eq ssh
- access-list inside-out deny tcp any object-group webhost eq ssh
- access-list inside-out extended permit ip any any
- Apply to interface
- access-group inside-out out int inside
This entry was posted
on Tuesday, October 27th, 2009 at 3:47 pm and is filed under Uncategorized.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.