Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
412
Views
4
Helpful
3
Replies

remote admin thru pix

Go to solution
rpalacio
Level 1
Level 1

‎07-10-2005 02:32 AM - edited ‎02-21-2020 12:15 AM

i have a remote network which has got pix and hundreds of users.

now i wanted to remote admin all of the users in this remote from our head office. My understanding is aside from allowing my machine to get in thru the remote firewall, i have to invoke a static command as well.

with this regard,since i hav hundreds of machines to be remote admin, is there any way i can do in a singele static command to cover the range. as of now i am doing a static command 1 line per remote machine.

Thanks.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
harishtandon23
Level 1
Level 1

‎07-10-2005 03:04 AM

Hello !

After going through the issue. I understand that you have head office and one branch office. you want to be able to access the head office resources from the branch office. The best soulution for this kind of situation would be to setup LAN to LAN vpn, That way you will be able to access remote netowrk from head office and vise-a-versa securly. Setting up static for all the machine would not be the feasible solution and it would require lots of public ip address to be consumed.

If you like this solution you can do by following this document:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml#conf

If you have any questions, please feel free to contact me.

Thanks & Regards,

Harish Tandon

harishtandon23@gmail.com

View solution in original post

0 Helpful
3 Replies 3

Go to solution
tvanginneken
Level 4
Level 4

‎07-10-2005 02:47 AM

Hi,

you can use a single static statement to 'static nat' an entire network (or subnet). It is the same static command that you use for one host, but instead of specifying a 'host' ip address, you specify the 'network' ip address. Like this:

static (inside,outside) 1.2.3.0 10.1.2.0 netmask 255.255.255.0

This is called 'net static'.

But wouldn't it be easier to setup remote access vpn for you, so that you can reach all the internal machines via the vpn tunnel? It gives you extra security and you don't need all the translations.

Kind Regards,

Tom

Go to solution
rpalacio
Level 1
Level 1
In response to tvanginneken

‎07-12-2005 01:22 AM

thanks a lot.

0 Helpful

Go to solution
harishtandon23
Level 1
Level 1

‎07-10-2005 03:04 AM

Hello !

After going through the issue. I understand that you have head office and one branch office. you want to be able to access the head office resources from the branch office. The best soulution for this kind of situation would be to setup LAN to LAN vpn, That way you will be able to access remote netowrk from head office and vise-a-versa securly. Setting up static for all the machine would not be the feasible solution and it would require lots of public ip address to be consumed.

If you like this solution you can do by following this document:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094761.shtml#conf

If you have any questions, please feel free to contact me.

Thanks & Regards,

Harish Tandon

harishtandon23@gmail.com

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card