Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote admin of a PIX running as VPN client

Hi there,

I have a setup where a PIX501 works as a VPN-client up against my central VPN3000 concentrator (LAN-2-LAN mode with NAT-T).

The pix's outside interface is behind an ISP-managed firewall at the remote end, and it obtains it IP-address via DHCP.

So far so good. This setup works briliantly.

The problem is, that I can't ssh/telnet to the PIX's outside interface because of this setup.

Would it be possible to ssh/telnet to the remote pix's _inside_ interface?

I imagine some bidir NAT stuff, but I can't get it to work.

Any ideas?

:O) Mikkle

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Remote admin of a PIX running as VPN client

this is possible by the commands:

management-access inside

this works fine as i have used it as long as inside interface is included in all crypto config

sam

3 REPLIES
Silver

Re: Remote admin of a PIX running as VPN client

what do you have for ssh statements on the remote pix? generally the outside ip of the firewall is not included in the crypto map statements, so its traffic is not tunnelled.

New Member

Re: Remote admin of a PIX running as VPN client

this is possible by the commands:

management-access inside

this works fine as i have used it as long as inside interface is included in all crypto config

sam

New Member

Re: Remote admin of a PIX running as VPN client

You're right, it works!

That was the missing command.

Cheers!

:O) Mikkle

163
Views
0
Helpful
3
Replies
CreatePlease login to create content