Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: 506e Allow telnet into PIX from outside/internet

506e Allow telnet into PIX from outside/internet 12 years 8 months ago #10925

  • Bublitz
  • Bublitz's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 301
  • Karma: 2
  • Thank you received: 3
I want to be able to administer a PIX remetly with telnet.
SO i did the following.

access-list outside_int permit tcp any host 66.36.45.128 eq telnet

and

access-group outside_int in interface outside

This doesnt work.

Fixup Protcol doesnt list telnet, BUT when I specify port 23 it puts telnet in there. I try to add Fixup protocol telnet 23 it says "bad protocol.

Any Ideas?

Please Log in to join the conversation.

The Bublitz
Systems Admin
Hospice of the Red River Valley

Re: 506e Allow telnet into PIX from outside/internet 12 years 8 months ago #10934

remove the access-list

telnet <outside interface ip address> outside

#use show telnet to verify the entry, is better to use ssh instead of telnet

let us know whether it work.

Please Log in to join the conversation.

Re: 506e Allow telnet into PIX from outside/internet 12 years 8 months ago #10950

hi
also follow this if it would be of any use to you,

i have the same problem, but im trying to use ssh instead of telnet

www.firewall.cx/ftopict-2231.html

Please Log in to join the conversation.

Begin at the beginning and end at the end.

Re: 506e Allow telnet into PIX from outside/internet 12 years 7 months ago #10969

Hi ,


From the internal network u can do telnet..( Telnet session is a clear text transmission)...from the outside network if at all u cant use telnet to manage the device the only possible way is use SSH otherwise u can't manage the pix from the external network...

do the following set of commands

ssh <foreign_ip> <mask> outside!
ca generate rsa key 512

i hope this will solve your problem...

:D

Please Log in to join the conversation.

Re: 506e Allow telnet into PIX from outside/internet 12 years 7 months ago #10976

Yup,
What Gopi says is absolutely right. ;-)
you should try ssh instead of telnet. Otherwise whats the point of having such a secure device when u can easily compromise it from the outside by using clear text telnet?

Please Log in to join the conversation.

Begin at the beginning and end at the end.

Re: 506e Allow telnet into PIX from outside/internet 12 years 7 months ago #10981

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 1302
  • Karma: 1
  • Thank you received: 0
Definitely, your PIX is capable of being administered by ssh. You need to use it!! It requires a couple more steps, but it's far more secure.

Please Log in to join the conversation.

Time to create page: 0.168 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup