I recently setup FreeSSHD on a server that resides behind a Cisco PIX 515 firewall running PIX IOS 6.3 I am trying to configure the firewall so that I can forward SSH traffic on port 443 so I can SSH to my server remotely. I am a noob to Cisco hardware so any help would be greatly appreciated. Here is my config:
Code:
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto shutdown
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 intf2 security4
enable password xxxx encrypted
passwd xxxx encrypted
hostname BurklandPIX
domain-name BurklandLAN
clock timezone CST -6
clock summer-time CDT recurring
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name 192.168.1.151 Danny-PC
name 192.168.1.5 WRT54GL
access-list outside-to-inside permit tcp any interface outside eq https
pager lines 24
logging on
logging history informational
icmp deny any outside
mtu outside 1500
mtu inside 1500
mtu intf2 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
no ip address intf2
ip verify reverse-path interface outside
ip audit info action alarm
ip audit attack action alarm
no failover
failover timeout 0:00:00
failover poll 15
no failover ip address outside
no failover ip address inside
no failover ip address intf2
pdm location 10.192.168.152 255.255.255.255 inside
pdm location 10.192.168.176 255.255.255.240 outside
pdm location 75.73.115.143 255.255.255.255 outside
pdm location 192.168.1.11 255.255.255.255 inside
pdm location 192.168.1.152 255.255.255.255 inside
pdm location WRT54GL 255.255.255.255 inside
pdm location Danny-PC 255.255.255.255 inside
pdm logging emergencies 100
pdm history enable
arp timeout 14400
global (outside) 10 interface
nat (inside) 10 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp interface https 192.168.1.152 https netmask 255.255.255.255 0 0
access-group outside-to-inside in interface outside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http 192.168.1.11 255.255.255.255 inside
snmp-server host inside 192.168.1.152
snmp-server location BurklandLAN
snmp-server contact Dan
snmp-server community BurklandLANRO
snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
isakmp enable outside
telnet timeout 5
ssh timeout 30
console timeout 0
dhcpd address 192.168.1.20-192.168.1.50 inside
dhcpd dns 192.168.1.152 208.67.220.220
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside