Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

help required in configuring telnet


We have two PIX 515E firewalls working in HA mode.

I wanted to configure telnet access to firewalls from outside interface.

PIX version is 6.3(5)

I kept PC outside to outside interfaces.

PIX outside IP is, inside IP is corresponding virtual IPs are and

I have tried following configurations:

pix(config)#telnet 0 0 inside

pix(config)#telnet 0 0 outside

pix(config)#telnet outside

pix(config)#telnet inside

pix(config)#telnet outside

I am able to telnet from internal interface side using inside ip address.

But from outside test pc with IP I am not able to telnet to PIX.

I enabled logging console 5.

when I tried to telnet to outside virtual IP it is not showing any traffic to firewall.

If I try to outside interface I am able to see the traffic like

packets received from source to

any help in this configuration. I wanted to telnet firewall from test pc.



Community Member

Re: help required in configuring telnet


you are trying to defeat the very puppose of the firewall by trying to telnet from the outside

!!from the pix outside interface you cannot telnet in !!,

you can telnet through by creating access lists and statics

TRY ssh instead from the outside interface

Community Member

Re: help required in configuring telnet

Hi Raj,

I wanted to access PIX from outside world through outside interface. Can you send me the configuration required for this using access-lists and statics.



Community Member

Re: help required in configuring telnet


What my sugestion is you can telnet through the pix ,not to the pix

try ssh it is much eaiser .

one more thing where are you located

i searched for the wipro data base with your name could not locate u.

I am a security engineer in wipro and would definately like to know where u have a box available as a test box

Cisco Employee

Re: help required in configuring telnet


You cannot telnet to the outside interface of the pix.

Couple of options:

1. Telnet to an internal host from outside and then telnet to the inside interface of the pix from that host.

2. You can do SSH to the outside interface of the pix

3. Telnet to the outside interface but the traffic has to be part of an IPSEC Traffic.

In your case, I think SSH would be good fit since it is simple to configure and provides encryption.

In order to have ssh access you need to have atleast VPN-DES enabled on your pix, please

go ahead and do a ?sh version? and make sure you at least VPN-DES enabled

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Interfaces: 6

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

If by chance you don?t have at least VPN-DES enabled, please send the complete capture of

your sh version and send it to, and request to have it enabled.


Set a domain name, for exmaple


Configure a telnet password, which I assume you already do

Pix(config)#passwd xxxx

You need to generate a ssh key, to generate the key you need to type the following


pix(config)#ca generate rsa key 1024

pix(config)#ssh outside

pix(config)#ca save all

I use Putty Client for SSH and works fine. You can go to google and do a search for the software.

Let me know if it helps.



CreatePlease to create content