Hi, I am working on a Pix 501 via a remote ssh connection, all was fine until I issued a reload command. Now I cannot get access to the PIX via SSH and a nmap scan shows port 22 is open but the service shows tcpwrapped. I have never seen this before, anyone know how to clear it? Thanks in advance.
To use SSH, your PIX Firewall must have a DES or 3DES activation key and you must generate an RSA key-pair for the PIX Firewall before clients can connect to the PIX Firewall console. Use the ca generate rsa key 512 command to generate a key; change the modulus size from 512, as needed. After generating the RSA key, save the key using the ca save all command.
Hi Patrick, thanks for your post. My pix does have a 3DES activation key. I have been using SSH on this pix for several days with PuTTY and I did not generate an RSA key-pair, perhaps someone else did before me. It was working fine until I issued the reload command via SSH. When the RSA keys are missing do you get this issue with "tcpwrapped"?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...