sadbulali Thu, 09/13/2007 - 11:02
User Badges:
  • Bronze, 100 points or more

Complete these steps to configure Secure Shell (SSH) to the PIX Firewall:

Before a connection to the PIX is made through SSH, these prerequisites must be met:

The PIX must run version 5.2 or later.

The PIX must have a VPN Data Encryption Standard (DES) license, as indicated in the output of the show version command.

Note: Refer to Product License Registration in order to request a DES license.

Once all requirements are met, issue these commands on the PIX:

hostname domain-name

!--- Generate a key for the SSH encryption to use.

ca generate rsa key 1024

!--- Allow the desired host to connect to the PIX on the interface specified.

ssh ip_address mask interface

!--- Save your configuration.

ca save all

write memory

This is an example:

hostname mypix


ca generate rsa key 1024

ssh inside

ca save all

write memory

Refer to the SSH - Inside or Outside section of How To Perform Authentication and Enabling on the Cisco Secure PIX Firewall (5.2 Through 6.2) for more information.


This Discussion