I have a site to site connection setup between an ASA 5510 and a PIX 501. I have the ASA's inside 10.1.1.x network being able to access the PIX's 10.2.2.x network. That is working fine. However, I need to be able to access both the ASA and PIX's outside interfaces with telnet. I know the ASA requires a vpn, not sure about the PIX. how do I set up the vpn config to telnet to the outside address? Obviously the outside address is not part of the existing vpn config allowing the inside networks to talk, so I'm unsure of how to do that. Say my outside address on the ASA was 18.104.22.168 and the PIX was 22.214.171.124. How would I set that piece up?
The telnet command lets you specify which hosts can access the security appliance console with Telnet. You can enable Telnet to the security appliance on all interfaces. But, the security appliance enforces that all Telnet traffic to the outside interface be protected by IPsec. In order to enable a Telnet session to the outside interface, configure IPsec on the outside interface to include IP traffic that is generated by the security appliance and enable Telnet on the outside interface.
However you are correct that to telnet through the vpn you need to do what you are describing. I was under the impression that the telnet was outside of the vpn.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...