08-11-2003 12:29 AM - edited 02-20-2020 10:55 PM
Can we do a Pix management from outside. what is the configurations. whether to use telnet or ssh?
Solved! Go to Solution.
08-11-2003 03:56 AM
Telnet from the outside can only be done through an IPSec tunnel (this has been the case historically, but I don't think it has changed). SSH can be used from the outside:
first, define the domain name and hostname if you have not already. Then:
ca generate rsa
ssh x.x.x.x x.x.x.x interfacename
ssh 0.0.0.0 0.0.0.0 outside = allow ssh access from everywhere thru the outside interface
ssh 0.0.0.0 0.0.0.0 inside = allow ssh access from everywhere thru the inside interface
08-11-2003 04:05 AM
Hello Shoeb,
On the pix use command: shh 0.0.0.0 0.0.0.0 outside (allowing ssh from anywhere to the outside interface), You must generate RSA Key-pair for the pix before clients can connect to the pix - use command: ca generate rsa 1024 and save by using command: ca save all
To use ssh pix must have either DES or 3DES running
Jay.
08-11-2003 03:56 AM
Telnet from the outside can only be done through an IPSec tunnel (this has been the case historically, but I don't think it has changed). SSH can be used from the outside:
first, define the domain name and hostname if you have not already. Then:
ca generate rsa
ssh x.x.x.x x.x.x.x interfacename
ssh 0.0.0.0 0.0.0.0 outside = allow ssh access from everywhere thru the outside interface
ssh 0.0.0.0 0.0.0.0 inside = allow ssh access from everywhere thru the inside interface
08-11-2003 04:05 AM
Hello Shoeb,
On the pix use command: shh 0.0.0.0 0.0.0.0 outside (allowing ssh from anywhere to the outside interface), You must generate RSA Key-pair for the pix before clients can connect to the pix - use command: ca generate rsa 1024 and save by using command: ca save all
To use ssh pix must have either DES or 3DES running
Jay.
08-11-2003 04:50 AM
thanks,
my pix is having 6.1 ver OS. how to activate 3des in this version
08-11-2003 05:02 AM
08-11-2003 05:15 AM
I think since i have a guest access, i cant download the pix ios from the website. the only thing i can do is to upload the ios image from pix to tftp & then download it again to pix from tftp, so next time i reboot it will ask for the activation key.
Now the twist here is how can i upload the image file to tftp server?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide