Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Remote Access to Inside of PIX via VPN

Case Description: There is a PIX 501 firewall whose outside IP is assigned by DHCP server, while the inside is static 192.168.1.1. There are two computers behind this firewall (inside), with a private static IPs of 192.168.1.4 (Computer A) and 192.168.1.6 (Computer B), respectively. Now from Computer B, I go to its browser and enter http://192.168.1.1/startup.html, the PDM is started up. This is right, because the PIX 501 (inside) and the Computer B are on the LAN.

Now, let's do the same on a remote Computer C via VPN. First I connect the Computer C to the PIX 501 via already defined VPN. After the connection, from the Computer C (remote), I go to its browser and enter http://192.168.1.1/startup.html. Guess what--the PDM was never got launched. --Why? Or, Any configuration I did wrong?

Thanks to help.

Scott

(Here is what I udersatnd the VPN. After the connection via VPN, my remote computer will become part of the LAN. Therefore theorectically, if I can use Computer B to launch the PDM, I could also launch the same from Computer C, too, i.e., I should be able to access the inside interface of the PIX. But it failed to do so.)

3 REPLIES
New Member

Re: Remote Access to Inside of PIX via VPN

of course it will fail. You have to add the management command to be able to access the PIX interfaces through VPN tunnel.

Cheers,

Benjamin

Cisco Employee

Re: Remote Access to Inside of PIX via VPN

You need to enter this command on the Pix

management-access inside

Enables access to an internal management interface on the firewall.

[no] management-access mgmt_if

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/mr.htm#wp1137951

New Member

Re: Remote Access to Inside of PIX via VPN

Here are two other tips.

You need to tell PDM that it cam be accessed from the outside interface.

(using your listed addresses in my example)

PDM LOCATION 192.168.1.0 255.255.255.0 outside

To access via browser while VPN tunnel is active:

https://

Good luck.

220
Views
4
Helpful
3
Replies
CreatePlease to create content