PIX will not accept ACL

Unanswered Question
Oct 12th, 2007
User Badges:


From a console connection with the interface configuration:

name pix_manage

name fo_pix_manage

interface Ethernet2

speed 10

duplex full

nameif manage

security-level 80

ip address pix_manage standby fo_pix_manage

I am attempting to add the following ACL in order connect to the switch and manage it remotely. At least from a device in the same subnet as the interface indicated

access-list uni_manage extended permit tcp eq 22

I am receiving the following error message:

ERROR: IP address,mask <pix_manage,> doesn't pair

Where in these steps have I erred?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
acomiskey Fri, 10/12/2007 - 09:27
User Badges:
  • Green, 3000 points or more

Does it take something like this...

telnet manage

acameron12 Fri, 10/12/2007 - 10:09
User Badges:

That did, thanks for your prompt and helpful response.

Does the PIX support https or ssh access?

acomiskey Fri, 10/12/2007 - 10:15
User Badges:
  • Green, 3000 points or more

Yes it does. Sorry I should have put...

ssh manage

http server enable

http manage

Please rate helpful posts.

acameron12 Fri, 10/12/2007 - 10:54
User Badges:

So much better, however, I am now getting authorization problems. Although I am able to access the PIX on my console and telnet access. The ssh and https access will not accept the credentials I setup for telnet.

Do I need to specify a different username and password conbination for ssh & https as opposed to the console & telnet access?

Thanks again.

acomiskey Fri, 10/12/2007 - 11:04
User Badges:
  • Green, 3000 points or more

Want to post a clean config from the pix?

acomiskey Fri, 10/12/2007 - 11:19
User Badges:
  • Green, 3000 points or more

I think this will do it...

aaa authentication ssh console LOCAL

aaa authentication http console LOCAL

username cisco password cisco123

acameron12 Fri, 10/12/2007 - 11:28
User Badges:

Getting closer.

My ssh2 access works now.

When I try https access I get a pop-up

prompting for username and password which

I enter. I then get

HTTP 404 - File not found

acameron12 Fri, 10/12/2007 - 11:40
User Badges:

I tried these commands:

http server enable

http manage

But, I am still getting the error 404 page not found message.

acomiskey Fri, 10/12/2007 - 11:42
User Badges:
  • Green, 3000 points or more

Well...1 out of 2 isn't bad. Are you sure the PDM is installed on the pix?

acameron12 Fri, 10/12/2007 - 11:47
User Badges:

1 out 2 is not bad at all.

I do not know that PDM is installed.

How do I determine that?

acameron12 Fri, 10/12/2007 - 11:58
User Badges:


I obtained a version of the PDM object, but, the instructions I have located do show where to tftp the object to on the VPN server. Is this a simple tftp to the flash: location?

acameron12 Fri, 10/12/2007 - 12:19
User Badges:

Thanks for all your help.

My privilages do not permit downloading the ASDM object.

But, I progressed further than I was earlier today and I learned a couple of new things.


This Discussion