console access on PIX

Unanswered Question
May 11th, 2007

Hi to everyone!

My problem is as follow. I have a pare of PIX 515 firewalls (active/standby) I have also one more unit with failover-only license. I tried to exemine this unit to work it as an standby unit instead of the previous one. After configuration from the working unit had been copied to the new unit, I can't gain any remote access to this secondary firewall, local console only. Before units were changed everything was OK. Configurations at pimary unit, ex-secondary unit and active unit are the same.

What should be the problem?

Regards

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.
Richard Burts Fri, 05/11/2007 - 08:20

Bob

Perhaps there is something in your situation that I am not yet understanding well. When you say the config was copied to the new unit, do you mean that literally the config was copied from one PIX to another PIX? That would produce duplicate IP addresses and would prevent remote access. It would also prevent remote access if the PIX to which the config was copied was connected in a subnet that did not match its IP address and mask.

If that is not the issue then perhaps you can provide a bit more detail about the situation.

HTH

Rick

volk99999 Mon, 05/14/2007 - 00:41

No, it's not a network problem, I'm sure. New secondary unit has it's failover IP and is pinging well. Also, I noticed a message 'aaa server host machine not responding' on this new unit until I'v being connecting remotely. The aaa base is not empty, and the 'aaa authentication ssh console LOCAL' is issued, as vell as the 'ssh 255.255.255.0 inside' statement.

volk99999 Mon, 05/14/2007 - 05:06

Well, it seems, I fix a problem. Commonly VPN-accelerator card is dead, or is not present. At least in hardware config there no information about VAC.

Thanks to all

Actions

This Discussion