Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Configure SSH to accept ANYTHING from outside interface

I'm trying to configure a PIX 515E to accept SSH connections from any host from the outside interface.

If this is not possible, I would need to be able to configure it to recieve connections from any host on a Class-B address.

when i show ssh i get: outside outside

with this configuration i can only connect to the firewall via SSH when the computer i'm connecting with is on the same VLAN.

Any thoughts?


Re: Configure SSH to accept ANYTHING from outside interface


there shouldn't be a problem using ssh to connect to the outside interface (from the outside).

I use this command to allow ssh access from anywhere:

shh outside

Do you get a prompt for a username when you connect using a ssh client? The username is always 'pix' and the password is the telnet password you configured using the 'passwd' command.

You must generate an RSA key-pair for the PIX Firewall before clients can connect to the PIX Firewall console. After generating the RSA key-pair, save the key-pair using the 'ca save all' command. To use SSH, your PIX Firewall must have a DES or 3DES activation key.

Use this command to generate the RSA key-pair:

'ca generate rsa key 1024'

Kind Regards,


CreatePlease to create content