Telnet PIX from outside interface?

Unanswered Question
Jun 8th, 2007

telnet ip-address mask outside

Although it's not recommended but,

Will it work fine? ACL is allowed.

I want to access PIX remotely, is there any other config to do?

Can anyone help?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Fri, 06/08/2007 - 14:50

Hi

No, you cannot telnet to the outside interface of the pix. You have 2 options

1) Set up an IPSEC tunnel to the pix for management

2) use ssh to access the firewall.

Note that you don't need an acl for this you need the following line in the config

ssh "ip address allowed" "netmask" outside

To set up ssh you need to make sure the pix has

1) hostname

2) domain name

then you need to generate rsa keys on the pix and then save them with the "ca save all" command. Just doing a wr mem will not save you rsa keys.

HTH

Jon

marko.rahne Mon, 06/11/2007 - 00:09

You can configure

management-access inside

and then telnet via VPN to inside interface

Actions

This Discussion