Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

problem with outside interface


i've got three questions.

1. I am unable to telnet to my pix from outside, i can from inside though.i need this, bcos when i use vpn to get to my office network i cant telnet to my pix to make changes.

2. i have a program that can run on a web browser, when i connect from the inside to that server, i go I want to be able to access this program externally.

3. i could use pc-anywhere externally, but some colleague of mine tampered with the config and now i cant access our server externally thru PCAW.any config issues?thanks


Re: problem with outside interface


Bydefault from outside world you will be able to have SSH access to ur pix and wont be allowed to have normal Telnet connections from outside world.

for more info in configuring ssh on outside interface do find this link ..


New Member

Re: problem with outside interface

thanks alot guys (Jay and Spremkumar). it all worked fine. I tried to configure our router with info on the link you(Sprem) you gave me though but wasnt successful. The "crypto" command was unavailable, neither was the "ssh" command after "transport input telnet" command.

router-cisco 2621XM (MPC860P)

ROM: System Bootstrap, Version 12.2(7r)

image: "flash:C2600-i-mz.122-8.T5.bin"

Any ideas? any suggestions on my other questions, guys.?



Re: problem with outside interface


The CLI shuld be transport input ssh instead of transport input telnet ,this will allow the SSH connections to ur router.

Yes you need to have the required ios feature set to support the SSH support in ur router.

i would suggest to go thru this link for more info on how to configure ur router for ssh access.

regarding the S/W code i would suggst to check out the software advisor tool which is mentioned out there in the above link itself.

Also would suggest to check out the DRAM and flash requirement before downloading any S/W.



Re: problem with outside interface

If you want to access your PIX from the outside use SSH, to configure SSH access on the PIX do (in config mode):

ca generate rsa key 1024

ca save all

To view your SSH key issue: show ca mypubkey rsa

In your PIX config you’ll need to allow the appropriate IP addresses that are allowed to connect to the PIX via SSH, you can do two things here, either allow any source IP address or you can tie it down to a specific IP address i.e.

(in config mode)

ssh 0 0 outside

The above will allow anyone to SSH onto your PIX (as long they know your PIX public IP address); make sure that your passwords are STRONG.

You can also tie it down so that only specific public IP addresses are allowed to SSH onto your PIX i.e.

ssh outside

You can download free SSH client – i.e. putty.exe – just do a search on Google for it!

Now, you have vpn client access enabled on your PIX so you could also vpn onto your network and run PIX PDM through it to manage your PIX, you’ll need to configure the following (in config mode):

management-access inside

Make sure that you have: http server enabled for your vpn client IP’s – in your case:

http inside

Hope all the above helps and let me know how you get on.


CreatePlease login to create content