Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
455
Views
0
Helpful
5
Replies

PIX management

Go to solution
shoebwk
Level 1
Level 1

‎08-11-2003 12:29 AM - edited ‎02-20-2020 10:55 PM

Can we do a Pix management from outside. what is the configurations. whether to use telnet or ssh?

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
mostiguy
Level 6
Level 6

‎08-11-2003 03:56 AM

Telnet from the outside can only be done through an IPSec tunnel (this has been the case historically, but I don't think it has changed). SSH can be used from the outside:

first, define the domain name and hostname if you have not already. Then:

ca generate rsa

ssh x.x.x.x x.x.x.x interfacename

ssh 0.0.0.0 0.0.0.0 outside = allow ssh access from everywhere thru the outside interface

ssh 0.0.0.0 0.0.0.0 inside = allow ssh access from everywhere thru the inside interface

View solution in original post

0 Helpful

Go to solution
jmia
Level 7
Level 7
In response to mostiguy

‎08-11-2003 04:05 AM

Hello Shoeb,

On the pix use command: shh 0.0.0.0 0.0.0.0 outside (allowing ssh from anywhere to the outside interface), You must generate RSA Key-pair for the pix before clients can connect to the pix - use command: ca generate rsa 1024 and save by using command: ca save all

To use ssh pix must have either DES or 3DES running

Jay.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
mostiguy
Level 6
Level 6

‎08-11-2003 03:56 AM

Telnet from the outside can only be done through an IPSec tunnel (this has been the case historically, but I don't think it has changed). SSH can be used from the outside:

first, define the domain name and hostname if you have not already. Then:

ca generate rsa

ssh x.x.x.x x.x.x.x interfacename

ssh 0.0.0.0 0.0.0.0 outside = allow ssh access from everywhere thru the outside interface

ssh 0.0.0.0 0.0.0.0 inside = allow ssh access from everywhere thru the inside interface

0 Helpful

Go to solution
jmia
Level 7
Level 7
In response to mostiguy

‎08-11-2003 04:05 AM

Hello Shoeb,

On the pix use command: shh 0.0.0.0 0.0.0.0 outside (allowing ssh from anywhere to the outside interface), You must generate RSA Key-pair for the pix before clients can connect to the pix - use command: ca generate rsa 1024 and save by using command: ca save all

To use ssh pix must have either DES or 3DES running

Jay.

0 Helpful

Go to solution
shoebwk
Level 1
Level 1
In response to jmia

‎08-11-2003 04:50 AM

thanks,

my pix is having 6.1 ver OS. how to activate 3des in this version

0 Helpful

Go to solution
shoebwk
Level 1
Level 1
In response to dst-amsterdam

‎08-11-2003 05:15 AM

I think since i have a guest access, i cant download the pix ios from the website. the only thing i can do is to upload the ios image from pix to tftp & then download it again to pix from tftp, so next time i reboot it will ask for the activation key.

Now the twist here is how can i upload the image file to tftp server?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card