I am looking for a way to allow SSH access from the outside to my ASA(running 8.21), but deny it from specific hosts(ones that I see attempting brute force attacks). I know you can only allow SSH from specified hosts, but I cannot figure out how to block traffic from specific hosts. I have tried using control-place ACLs, but the way it handles processing if I use the ssh 0.0.0.0 0.0.0.0 outside, it ignores the control plane line, and if I remove that line, I See hits on the contrl place acl, but it will not let me in. Any ideas? I know you can do this on a router.
Login or Sign Up
- Log in with