Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ssh/telnet from pix outside interface

without the use of VPN, a way to form telnet/ssh connection into Pix from outside network with a ssh client.

2 REPLIES
Gold

Re: ssh/telnet from pix outside interface

If you want to access your PIX from the outside use SSH, to configure SSH access on the PIX do (in config mode):

ca generate rsa key 1024

ca save all

To view your SSH key issue: show ca mypubkey rsa

In your PIX config you’ll need to allow the appropriate IP addresses that are allowed to connect to the PIX via SSH, you can do two things here, either allow any source IP address or you can tie it down to a specific IP address i.e.

(in config mode)

ssh 0 0 outside

The above will allow anyone to SSH onto your PIX (as long they know your PIX public IP address); make sure that your passwords are STRONG.

You can also tie it down so that only specific public IP addresses are allowed to SSH onto your PIX i.e.

ssh 255.255.255.255 outside

You can download free SSH client – i.e. putty.exe – just do a search on Google for it!

Remember the SSH login is - pix - and then use your PIX password's to log onto your device.

Hope this helps.

Jay

Gold

Re: ssh/telnet from pix outside interface

just a quick comment.

before the rsa key can be generated, a hostname and a domain need to be configured.

e.g.

hostname pix

domain-name yourcompany.com

ca generate rsa key 1024

ca save all

371
Views
0
Helpful
2
Replies