I have an ADSL router and behind this a PIX. I want to be able to SSH to the pix from an external source.
I can telnet to the public IP of the router fine.
Looks like this. ADSL Router is simple. ================ interface ATM0/0 no ip address no atm ilmi-keepalive dsl operating-mode auto pvc 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface FastEthernet0/0 ip address 10.16.16.3 255.255.255.0 ip nat inside !This is the inside interface handing off to the PIX duplex auto speed auto
interface Dialer0 ip address negotiated ip nat outside encapsulation ppp dialer pool 1 dialer persistent dialer-group 1 ppp authentication chap callin ppp chap hostname whatever ppp chap password 0 whatever ppp multilink ! ip nat inside source list 1 interface Dialer0 overload ip nat inside source static tcp 10.16.16.10 22 212.2.2.50 22 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0 access-list 1 permit 10.16.16.0 0.0.0.255
Pix is Simple. ========== PIX Version 7.0(1) names ! interface Ethernet0 nameif outside security-level 0 ip address 10.16.16.10 255.255.255.0 ! interface Ethernet1 nameif inside security-level 100 ip address 10.17.16.1 255.255.255.0
access-group Outside-In in interface outside route outside 0.0.0.0 0.0.0.0 10.16.16.1 1
ssh 255.255.255.255 outside
I have also generated the rsa key using crypto key gen rsa modulus 1024
The router looks OK. show ip nat trans : gives ADSLRtr#show ip nat trans Pro Inside global Inside local Outside local Outside global tcp :22 10.16.16.10:22 :1520 :1520 tcp :22 10.16.16.10:22 --- ---
Now the PIX does not even see the connection but my NAT on the router should be sending SSH packets through to it on port 22 and IP 10.16.16.10
Also From the PIX I can ping the ADSL router but no farther? The router can ping everything fine.
Any pointers please.
G