Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX 501 ssh & PDM

Having a strange issue. We've opened up ssh & PDM on the outside interface to manage the PIX by specific IP addresses.

The PIX will not allow an SSH session until we initiate a PDM session (either internally or externally). Once an attempt is made with PDM, ssh works great. Reload the PIX and the same problem ensues until PDM is attempted again.

At first I thought this might be related to the IOS version 6.2(2) we were running. Upgraded to 6.3(3) and still have the same issue. We've blown the configuration away as well as tried it on several other 501s....Same issue.

Any thoughts?

1 REPLY
New Member

Re: PIX 501 ssh & PDM

You need to generate a RSA key and then save it. When you access the pix with the PDM it generates a key but if you reload the pix the key is gone.

Here is what you can do

enter show ca mypubkey rsa (this will show the key generated by the pdm) if there is no key you can generate one with the

ca generate rsa key 1024 command

once you have a key enter

ca save all (this will save the key and allow ssh to work after reload)

hope this helps

325
Views
0
Helpful
1
Replies