Ssh problem on a pix 501

Ssh problem on a pix 501

NewsGroups | Search | Tools
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Ssh problem on a pix 501 Mr Ping 12-18-2004
Posted by Mr Ping on December 18, 2004, 8:04 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi!

I have a static (inside,outside) tcp interface ssh on a pix 501.
Cisco PIX Firewall Version 6.3(4)
Now i want to have ssh xxx.xxx.xxx.xxx 255.255.255.0 outside

Is this posible to have a static and ssh open?
If not any sugestion to get i work?


//Jan




Posted by PES on December 18, 2004, 2:31 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Mr Ping wrote:
> Hi!
>
> I have a static (inside,outside) tcp interface ssh on a pix 501.
> Cisco PIX Firewall Version 6.3(4)
> Now i want to have ssh xxx.xxx.xxx.xxx 255.255.255.0 outside
>
> Is this posible to have a static and ssh open?
> If not any sugestion to get i work?
>
>
> //Jan
>
>

I don't think you will be able to accomplish this directly. You could
however, create an IPSec tunnel and uset the management interface option
to allow you to connect via ssh through the tunnel to the inside interface.

--
-------------------------
Paul Stewart
Lexnet Inc.
Email address is in ROT13


Posted by Mr Ping on December 18, 2004, 9:48 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
PES wrote:
> Mr Ping wrote:
>> Hi!
>>
>> I have a static (inside,outside) tcp interface ssh on a pix 501.
>> Cisco PIX Firewall Version 6.3(4)
>> Now i want to have ssh xxx.xxx.xxx.xxx 255.255.255.0 outside
>>
>> Is this posible to have a static and ssh open?
>> If not any sugestion to get i work?
>>
>>
>> //Jan
>>
>>
>
> I don't think you will be able to accomplish this directly. You could
> however, create an IPSec tunnel and uset the management interface
> option to allow you to connect via ssh through the tunnel to the
> inside interface.

Thanks again PES.

Ok.
But it is posible to ssh the pix from the outside, without a IPSec tunnel?

//Jan




Posted by PES on December 18, 2004, 5:03 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Mr Ping wrote:
> PES wrote:
>
>>Mr Ping wrote:
>>
>>>Hi!
>>>
>>>I have a static (inside,outside) tcp interface ssh on a pix 501.
>>>Cisco PIX Firewall Version 6.3(4)
>>>Now i want to have ssh xxx.xxx.xxx.xxx 255.255.255.0 outside
>>>
>>>Is this posible to have a static and ssh open?
>>>If not any sugestion to get i work?
>>>
>>>
>>>//Jan
>>>
>>>
>>
>>I don't think you will be able to accomplish this directly. You could
>>however, create an IPSec tunnel and uset the management interface
>>option to allow you to connect via ssh through the tunnel to the
>>inside interface.
>
>
> Thanks again PES.
>
> Ok.
> But it is posible to ssh the pix from the outside, without a IPSec tunnel?
>
> //Jan
>
>

Others have said yes, but I have never successfully gotten it to work.
I've always used IPSec.

--
-------------------------
Paul Stewart
Lexnet Inc.
Email address is in ROT13


Posted by John Smith on December 19, 2004, 12:38 am
If you were  Registered and logged in, you could reply and use other advanced thread options
you can ssh to the outside interface w/o ipsec. you only need ipsec to
telnet to the outside interface.


On Sat, 18 Dec 2004 17:03:58 -0500, PES wrote:

> Mr Ping wrote:
>> PES wrote:
>>
>>>Mr Ping wrote:
>>>
>>>>Hi!
>>>>
>>>>I have a static (inside,outside) tcp interface ssh on a pix 501.
>>>>Cisco PIX Firewall Version 6.3(4)
>>>>Now i want to have ssh xxx.xxx.xxx.xxx 255.255.255.0 outside
>>>>
>>>>Is this posible to have a static and ssh open?
>>>>If not any sugestion to get i work?
>>>>
>>>>
>>>>//Jan
>>>>
>>>>
>>>
>>>I don't think you will be able to accomplish this directly. You could
>>>however, create an IPSec tunnel and uset the management interface
>>>option to allow you to connect via ssh through the tunnel to the
>>>inside interface.
>>
>>
>> Thanks again PES.
>>
>> Ok.
>> But it is posible to ssh the pix from the outside, without a IPSec tunnel?
>>
>> //Jan
>>
>>
>
> Others have said yes, but I have never successfully gotten it to work.
> I've always used IPSec.



Similar ThreadsPosted
IOS to IOS VPN Problem February 11, 2004, 4:42 pm
Nat/Pat-problem with pix 501 July 22, 2004, 9:50 am
x25 problem August 16, 2004, 12:21 pm
PIX Problem February 10, 2005, 11:45 pm
Problem with STM-1 POS March 1, 2005, 8:46 pm
ATM FR PPP Problem March 9, 2005, 3:49 pm
i need some help with an IRB problem please March 28, 2005, 5:02 pm
ICS problem help please...... March 30, 2005, 7:08 am
Problem with DMZ April 1, 2005, 10:17 am
nat problem please help April 4, 2005, 9:11 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map