Config Pix 506 remotely

aupton · ‎02-07-2002

I need to set up a 506 located in a branch office out of state. My question is this.

Can I hook a modem to the console port and dial into the router and access the console remotely?

If so how do I do it? I have setup an external modem set for auto answer. I dian in with hyperterminal and all I see is garbled text.

Any Ideas?

ellis_b · ‎02-08-2002

yes you can do it, but I believe that would be a major security hole and not an "approved" solution. what I would recommend, if you are really going to go that route, use an access-server, 2511, 2509, whatever, with a radius/tacacs server for authentication to the access-server. This will keep your "eyes and ears" open to see if someone is attempting to hack into your network.

However, if you're really stubborn and wont use an access-server, then you need to hard-code your terminal speed to 9600bps on the computer that you are using to dial into the PIX. That should do the trick.

Brad

www.SecurityIE.com

aupton · ‎02-08-2002

Thanks for the advice. I do not intend to leave the modem connected, just get the initial config in. From there I would have the modem turned off.

I have tried setting terminal speed to 9600, are there any other settings on PC I need to tweak?

ajd · ‎02-09-2002

All you have to do is setup ssh access to the PIX. You can register for a free 56bit key from cisco and get a certificate for free.

So basically,

Register for the free key.

Re-Flash the PIX with 6.1 (upon reboot put in the key)

Flash the PIX with the PDM (Pix Device Manager-GUI)

Then you can setup connection via ssh (basically encrypted telnet) or the pdm from any location you specify.

Good luck

ne1secure?