Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

How to TFTP off config of Remote PIX over Pix-to-Pix VPN Tunnel?

Background:

We have a PIX515E at our head office connecting to six remote PIX506E using site to site VPN tunnels. I am able to connect thru the tunnels fine and access my remote networks. This is not an issue.

My question is about managing the configuration on the remote PIX firewalls: Is there a way from one of the remote PIX506 firewalls to copy off the config using TFTP (write net) to a PC behind the PIX515 at our head office?

I can SSH into the PIX (or use PDM) and cut and paste the config, but I am wondering if there is a way to use the "write net" command to be able to copy off the config. I am also able to access the PIX remotely using PDM but cannot save the config to a TFTP server.

Looking to use the "write net" command as it shows the isakmp pre-shared keys in clear text unlike when you copy the config using cut and paste as the pre-shared key is encrypted.

1 REPLY

Re: How to TFTP off config of Remote PIX over Pix-to-Pix VPN Tun

If you have a TFTP Server installed in your Head Quarter then you should be able to copy the config from the Branch Offices to that server.

What PIX OS are you using ? In PIX OS 7.x you will be able to create a SPOKE VPN that allows all VPNs to talk to each others.

To be able to manage all PIX, but it seemes you have allready access, use < management-access mgmt_if >.

Enables ssh, telnet, snmp ... via VPN.

Reference:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727ab.html#wp1137951

sincerely

Patrick

102
Views
0
Helpful
1
Replies
CreatePlease to create content