Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Configure SSH to accept ANYTHING from outside interface

I'm trying to configure a PIX 515E to accept SSH connections from any host from the outside interface.

If this is not possible, I would need to be able to configure it to recieve connections from any host on a Class-B address.

when i show ssh i get:

0.0.0.0 0.0.0.0 outside

xxx.xxx.0.0 255.255.0.0 outside

with this configuration i can only connect to the firewall via SSH when the computer i'm connecting with is on the same VLAN.

Any thoughts?

1 REPLY

Re: Configure SSH to accept ANYTHING from outside interface

Hi,

there shouldn't be a problem using ssh to connect to the outside interface (from the outside).

I use this command to allow ssh access from anywhere:

shh 0.0.0.0 0.0.0.0 outside

Do you get a prompt for a username when you connect using a ssh client? The username is always 'pix' and the password is the telnet password you configured using the 'passwd' command.

You must generate an RSA key-pair for the PIX Firewall before clients can connect to the PIX Firewall console. After generating the RSA key-pair, save the key-pair using the 'ca save all' command. To use SSH, your PIX Firewall must have a DES or 3DES activation key.

Use this command to generate the RSA key-pair:

'ca generate rsa key 1024'

Kind Regards,

Tom

81
Views
0
Helpful
1
Replies
CreatePlease to create content