Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me

TOPIC: 506e Allow telnet into PIX from outside/internet

506e Allow telnet into PIX from outside/internet 12 years 9 months ago #10925

  • Bublitz
  • Bublitz's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 301
  • Karma: 2
  • Thank you received: 3
I want to be able to administer a PIX remetly with telnet.
SO i did the following.

access-list outside_int permit tcp any host 66.36.45.128 eq telnet

and

access-group outside_int in interface outside

This doesnt work.

Fixup Protcol doesnt list telnet, BUT when I specify port 23 it puts telnet in there. I try to add Fixup protocol telnet 23 it says "bad protocol.

Any Ideas?

Re: 506e Allow telnet into PIX from outside/internet 12 years 9 months ago #10934

remove the access-list

telnet <outside interface ip address> outside

#use show telnet to verify the entry, is better to use ssh instead of telnet

let us know whether it work.

Re: 506e Allow telnet into PIX from outside/internet 12 years 9 months ago #10950

hi
also follow this if it would be of any use to you,

i have the same problem, but im trying to use ssh instead of telnet

www.firewall.cx/ftopict-2231.html

Re: 506e Allow telnet into PIX from outside/internet 12 years 9 months ago #10969

Hi ,


From the internal network u can do telnet..( Telnet session is a clear text transmission)...from the outside network if at all u cant use telnet to manage the device the only possible way is use SSH otherwise u can't manage the pix from the external network...

do the following set of commands

ssh <foreign_ip> <mask> outside!
ca generate rsa key 512

i hope this will solve your problem...

:D

Re: 506e Allow telnet into PIX from outside/internet 12 years 9 months ago #10976

Yup,
What Gopi says is absolutely right. ;-)
you should try ssh instead of telnet. Otherwise whats the point of having such a secure device when u can easily compromise it from the outside by using clear text telnet?

Re: 506e Allow telnet into PIX from outside/internet 12 years 9 months ago #10981

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 1302
  • Karma: 1
  • Thank you received: 0
Definitely, your PIX is capable of being administered by ssh. You need to use it!! It requires a couple more steps, but it's far more secure.
Time to create page: 0.159 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup