04-09-2008 08:58 AM - edited 03-11-2019 05:29 AM
I have several remote PIX 501s that have VPNs back to my location. I have remote telnet access via the VPN connection. I would like to change the configurations so the VPNs terminate to my ASA rather than my older 3030. Is there anyway to modify the startup-config on a PIX 501 running 6.3? There is no copy tftp start-up command, only a configure net command which merges the config to running. This wont work for me since I need to also change inside IP addresses which is how I am connected. I really need to change startup config and reload.
Thanks. Doug
Solved! Go to Solution.
04-09-2008 09:03 AM
the best solution (and easiest) i've found for that situation is to configure ssh to the outside interface from just the IP you're coming from...
then ssh into it and change peers, your ssh session won't be disconnected then, and you can still troubleshoot remotely.
04-10-2008 07:19 AM
04-09-2008 09:03 AM
the best solution (and easiest) i've found for that situation is to configure ssh to the outside interface from just the IP you're coming from...
then ssh into it and change peers, your ssh session won't be disconnected then, and you can still troubleshoot remotely.
04-10-2008 07:15 AM
Thanks for your reply however I can not get that to work. I even tried telnet (i know thats not secure) and still can not connect to it. Even tried changing "management-access inside" to outside and locked myself out of one until I had them reboot. Any ideas? Thanks!
04-10-2008 07:19 AM
Try...
ca gen rsa key 1024
ssh 0 0 outside
04-10-2008 07:35 AM
Thanks so much! Once I figured out to use "pix" as the username and {telnet password} as the password, I'm in!
04-10-2008 09:37 AM
yeah, the username pix throws off a lot of people....
thanks for the rating btw.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide