sadbulali Thu, 09/13/2007 - 11:02
User Badges:
  • Bronze, 100 points or more

Complete these steps to configure Secure Shell (SSH) to the PIX Firewall:

Before a connection to the PIX is made through SSH, these prerequisites must be met:



The PIX must run version 5.2 or later.



The PIX must have a VPN Data Encryption Standard (DES) license, as indicated in the output of the show version command.


Note: Refer to Product License Registration in order to request a DES license.



Once all requirements are met, issue these commands on the PIX:

hostname domain-name

!--- Generate a key for the SSH encryption to use.

ca generate rsa key 1024

!--- Allow the desired host to connect to the PIX on the interface specified.

ssh ip_address mask interface

!--- Save your configuration.

ca save all

write memory

This is an example:


hostname mypix

domain-name cisco.com

ca generate rsa key 1024

ssh 10.0.0.0 255.255.255.0 inside

ca save all

write memory

Refer to the SSH - Inside or Outside section of How To Perform Authentication and Enabling on the Cisco Secure PIX Firewall (5.2 Through 6.2) for more information.

Actions

This Discussion