Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Telnet to PIX from outside

I have attempted the task through several suggestions.

None of which have worked. My latest try was using this link.

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_user_guide_chapter09186a0080089bd6.html

The VPN client to PIX works fine however I am still unable to telnet to the PIX.

In addition the document talks about configuration on the client.

Step 3 Within the VPN client, create a security policy that specifies the Remote Party Identity IP address and gateway IP address as the same IP address—the IP address of the PIX Firewall's outside interface. In this example, the IP address of the PIX Firewall's outside is 168.20.1.5.

As far as I see there is only one place to put an IP address on the client. There is no place on the client to put a gateway address. I even tried to change my machine gateway and it still does not work.

Does anyone have a working config on how to telnet to a PIX from the outside?

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Telnet to PIX from outside

The step you're referencing is for users who are using the old CiscoSecure VPN client. Are you really using that? I'm guessing you are actually using the VPN 3000 client, in which case you just need to have:

1) an encryption acl that permits traffic from your assigned address to the outside of the pix

2) a telnet statement that permits telnet from your assigned address from the outside

i.e.

access-list no_nat permit ip host 200.1.1.1 host 10.1.1.100

telnet 10.1.1.100 255.255.255.255 outside

HTH

Jeff

1 REPLY
New Member

Re: Telnet to PIX from outside

The step you're referencing is for users who are using the old CiscoSecure VPN client. Are you really using that? I'm guessing you are actually using the VPN 3000 client, in which case you just need to have:

1) an encryption acl that permits traffic from your assigned address to the outside of the pix

2) a telnet statement that permits telnet from your assigned address from the outside

i.e.

access-list no_nat permit ip host 200.1.1.1 host 10.1.1.100

telnet 10.1.1.100 255.255.255.255 outside

HTH

Jeff

88
Views
0
Helpful
1
Replies
CreatePlease to create content