Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1817
Views
5
Helpful
4
Replies

How to change VPN settings through telnet

dreier789
Level 1
Level 1

‎11-19-2010 05:12 AM - edited ‎03-04-2019 10:31 AM

Hi

I'm quite new to telnet and I can't acces the Cisco firewall Pix501 through the web interface. I have a print from the PIX 501's settings and I can see that I have to change a users IP adress, since he has got a new IP adress.

I hope that he can get acces from wan side to the server if I change the old IP adress to the new one.

My question is can I change the IP adress through telnet and what should the commandos look like.

These are the 2 lines from the configuration where the old IP adress appears:

crypto map vpn 2 set peer n.n.n.n

isakmp key xxx address n.n.n.n netmask 255.255.255.255

Kind Regards

René Dreier

Labels:
0 Helpful
4 Replies 4

lgijssel
Level 9
Level 9

‎11-19-2010 05:38 AM

Normally, telnet is disabled on a pix. You should rather use ssh. (try putty)

The config will provide info on the enabled protocols. Please check your config for lines like below:

aaa authentication telnet console LOCAL >authentication for telnet
aaa authentication ssh console LOCAL > same for ssh

ssh 0.0.0.0 0.0.0.0 outside > defines allowed source address range for ssh
ssh 0.0.0.0 0.0.0.0 inside

Also, I want to discourage you to post details like the isakmp key on a forum, especially since a public address was also included.

Don't do this. You never know who is reading your stuff on the Internet.

regards,

Leo

0 Helpful

dreier789
Level 1
Level 1
In response to lgijssel

‎11-19-2010 05:51 AM

Hi Leo

Thanks for the quick reply, I have removed the key and IP from my post good point!

I think telnet is enabled since I have been logged in through telnet, I just don't know what to do then.

I have a line in the configuration that says:

telnet (lan IP n.n.n.0) 255.255.255.0 inside

Regards,

René

0 Helpful

lgijssel
Level 9
Level 9
In response to dreier789

‎11-19-2010 06:02 AM

OK,I thought your problem was how to connect using telnet.

The next steps are easy when you are used to the cisco CLI.

Pix commands differ a bit from IOS but it can be managed.

Basically, you need to rewrite the two lines in config mode:

conf t

commands

(just re-enter the same 2 lines with different parameters.)

(if the old ones are not overwritten, re-enter them with a 'no ' before them.)

end

write mem

However, it can be challenging when this is unfamilair ground for you.

You may check the pix command reference first (on cisco.com) or consider hiring an expert to do the job.

Remeber: as long as you do not type 'write mem', you can always restart the pix and start again!

Leo

dreier789
Level 1
Level 1
In response to lgijssel

‎12-02-2010 05:46 AM

Thanks it works - wonderfull

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card