Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

DMZ Firewall

I've my management network of 172.16.0.0/24.

i am unable to telnet one of my DMZ-Firewall set. Attached file has the conf info.

Please let me know why i am unable to reach this firewall via telnet from my manangemnt network where as i am able to reach rest all devices.

6 REPLIES
New Member

Re: DMZ Firewall

Hi Adil,

Which intrerface you are trying to telnet?If you are trying to telnet the internet interface it wont as it is the lowest security interface.

You cannot use Telnet to the lowest security interface unless you use Telnet inside an IPSec tunnel.

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/config/mgaccess.htm#wp1054101

If this is the case then you have two possibilities

1.make an IPSec tunnel

2.Configure an iterface with security level lower than the internet interface(i.e. with security 0)

Please rate the post if it helps.

regards

Ashish

Gold

Re: DMZ Firewall

pix by default doesn't permit telnet from the outside/internet interface.

one workaround is to configure ssh.

e.g.

hostname yourpix

domain-name yourpix.com

ca generate rsa key 1024

ca save all

ssh 172.16.0.0 255.255.255.0 outside

New Member

Re: DMZ Firewall

hi,

i issue the following command on pix

ssh 172.16.0.0 255.255.255.0 outside

but still it i am unable to reach it. Is it a must that i need to generate certificate keys?

thanks,

Gold

Re: DMZ Firewall

just wondering if you are referring to my previous post the command "ca generate". if so, yes, ssh requires the rsa key.

New Member

Re: DMZ Firewall

hi jacko,

thanks , it works..i am able to reach it...but still unable to login..keeps saying incorrect username or password...

i 'have also created a username named...pixuser and set its password using password command....when i connect to it prompt me for username and password.i provide the credentials but it doesn't logs in...

thanks,

Gold

Re: DMZ Firewall

the default username is "pix", and the password is the one created by the command "password xxxxxxxx".

95
Views
0
Helpful
6
Replies
CreatePlease to create content