Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSH VPN Site to Site ?

Is there any such thing as a SSH VPN Site to Site ?

Also, if using IPSec 3Des, is there a way to tune the packet size for a Site to Site VPN? If there is, what are the recommendations?

4 REPLIES
Cisco Employee

Re: SSH VPN Site to Site ?

There is nothing as SSH VPN Site to Site. SSH is the secure form of telnet, that's it.

What kinda tuning are you looking for and why? Yes you can tune it but unless it is really required, it should not be done. Smaller packets affect performance.

HTH,

Please rate if it helps,

Regards,

Kamal

New Member

Re: SSH VPN Site to Site ?

Is there a way to setup SSH tunneling between 2 PIX firewalls for lan to lan connectivity ?

Cisco Employee

Re: SSH VPN Site to Site ?

Calling it an SSH tunnel would be incorrect. However, if the requirement is that you should be able to ssh into the PIX firewalls from behind each other then all you need is allow the ssh from the outside interface of the other PIX. E.g. :

PIX 1 outside IP : 1.1.1.1

PIX 2 outside IP : 2.2.2.2

On PIX1 : ssh 2.2.2.2 255.255.255.255 outside

On PIX2 : ssh 1.1.1.1 255.255.255.255 outside

I've given the commands assuming the name of the interface that connects to the internet is 'outside'. If I've not understood the requirement correctly, please explain it in detail.

HTH,

Please rate if it helps,

Regards,

Kamal

New Member

Re: SSH VPN Site to Site ?

Yes I'm well aware of ssh usage but I need to make sure that there is no way of setting up a point to point SSH with compression tunnel for lan to lan connectivity?

This would produce the same results that VPN IPSec Site to Site would do, meaning having connectivity to the private LANs just like VPN.

379
Views
0
Helpful
4
Replies
CreatePlease to create content