Skip to main content

506e Allow telnet into PIX from outside/internet

More
19 years 4 weeks ago #10925 by Bublitz
I want to be able to administer a PIX remetly with telnet.
SO i did the following.

access-list outside_int permit tcp any host 66.36.45.128 eq telnet

and

access-group outside_int in interface outside

This doesnt work.

Fixup Protcol doesnt list telnet, BUT when I specify port 23 it puts telnet in there. I try to add Fixup protocol telnet 23 it says "bad protocol.

Any Ideas?

The Bublitz
Systems Admin
Hospice of the Red River Valley
More
19 years 4 weeks ago #10934 by pp1dt
remove the access-list

telnet <outside interface ip address> outside

#use show telnet to verify the entry, is better to use ssh instead of telnet

let us know whether it work.
More
19 years 4 weeks ago #10950 by georgejason
hi
also follow this if it would be of any use to you,

i have the same problem, but im trying to use ssh instead of telnet

www.firewall.cx/ftopict-2231.html

Begin at the beginning and end at the end.
More
19 years 4 weeks ago #10969 by kvgopi
Hi ,


From the internal network u can do telnet..( Telnet session is a clear text transmission)...from the outside network if at all u cant use telnet to manage the device the only possible way is use SSH otherwise u can't manage the pix from the external network...

do the following set of commands

ssh <foreign_ip> <mask> outside!
ca generate rsa key 512

i hope this will solve your problem...

:D
More
19 years 4 weeks ago #10976 by georgejason
Yup,
What Gopi says is absolutely right. ;-)
you should try ssh instead of telnet. Otherwise whats the point of having such a secure device when u can easily compromise it from the outside by using clear text telnet?

Begin at the beginning and end at the end.
More
19 years 4 weeks ago #10981 by DaLight
Definitely, your PIX is capable of being administered by ssh. You need to use it!! It requires a couple more steps, but it's far more secure.
Time to create page: 0.132 seconds