Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: 506e Allow telnet into PIX from outside/internet

506e Allow telnet into PIX from outside/internet 10 years 11 months ago #10925

  • Bublitz
  • Bublitz's Avatar
  • Offline
  • Senior Member
  • Posts: 301
  • Thank you received: 3
  • Karma: 2
I want to be able to administer a PIX remetly with telnet.
SO i did the following.

access-list outside_int permit tcp any host 66.36.45.128 eq telnet

and

access-group outside_int in interface outside

This doesnt work.

Fixup Protcol doesnt list telnet, BUT when I specify port 23 it puts telnet in there. I try to add Fixup protocol telnet 23 it says "bad protocol.

Any Ideas?
The Bublitz
Systems Admin
Hospice of the Red River Valley
The administrator has disabled public write access.

Re: 506e Allow telnet into PIX from outside/internet 10 years 11 months ago #10934

  • pp1dt
  • pp1dt's Avatar
  • Offline
  • Frequent Member
  • Posts: 22
  • Karma: 0
remove the access-list

telnet <outside interface ip address> outside

#use show telnet to verify the entry, is better to use ssh instead of telnet

let us know whether it work.
The administrator has disabled public write access.

Re: 506e Allow telnet into PIX from outside/internet 10 years 11 months ago #10950

hi
also follow this if it would be of any use to you,

i have the same problem, but im trying to use ssh instead of telnet

www.firewall.cx/ftopict-2231.html
Begin at the beginning and end at the end.
The administrator has disabled public write access.

Re: 506e Allow telnet into PIX from outside/internet 10 years 11 months ago #10969

  • kvgopi
  • kvgopi's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Hi ,


From the internal network u can do telnet..( Telnet session is a clear text transmission)...from the outside network if at all u cant use telnet to manage the device the only possible way is use SSH otherwise u can't manage the pix from the external network...

do the following set of commands

ssh <foreign_ip> <mask> outside!
ca generate rsa key 512

i hope this will solve your problem...

:D
The administrator has disabled public write access.

Re: 506e Allow telnet into PIX from outside/internet 10 years 11 months ago #10976

Yup,
What Gopi says is absolutely right. ;-)
you should try ssh instead of telnet. Otherwise whats the point of having such a secure device when u can easily compromise it from the outside by using clear text telnet?
Begin at the beginning and end at the end.
The administrator has disabled public write access.

Re: 506e Allow telnet into PIX from outside/internet 10 years 11 months ago #10981

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
Definitely, your PIX is capable of being administered by ssh. You need to use it!! It requires a couple more steps, but it's far more secure.
The administrator has disabled public write access.
Time to create page: 0.085 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup