Search results for query: *

yup, that did it! after the clear xlate i got SSH to the outside interface working. Thanks alot Yizhar! Should've realised this myself I guess, but was just too stubborn to see it ;) Emanuel -- the router thought it was a printer

yes, I created the certificate. yes, the date and time is correct, maybe a few seconds off, set the clock according to nntpdate when I set it up. I guess I wouldn't even be able to SSH in from the DMZ if the date/time was wrong and the cert wasn't saved? -- the router thought it was a printer

just did that, when i do a show access-list, the generic SSH rule matches, not the one for xxx.xxx.222.186. so i first removed the generic ssh access-list, so the one for the outside interfaces comes first, then readded it. the hitcount goes up for that access-list, still i get a connection...

here the config: PIX Version 6.1(4) nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 DMZ security10 enable password <protected> passwd <protected> encrypted hostname pix domain-name us.ch fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323...

I've tried SSH from different RedHat Boxes, aswell as from windows through SecureCRT and PuTTy, always to the same avail: Connection Timed Out. The Log always says the same when the connection gets established, something along: Built inbound TCP connection 7389458 for faddr source_ip/34487...

all I need is SSH to the PIX itself, nothing less nothing more. sorry if I was unlcear about it in the previous post. it's just that it's driving me nuts. I've been doing everything that has been proposed here, i've been doing it according to the manual, and all i get is a connection timed...

okay, i removed that line, write mem. since i need ssh access from outside to dmz, i have an access-list that reads: access-list outside_access_in permit tcp any any eq 22 so i've added another ACL for the outside interface access-list outside_outside permit tcp any host xxx.xxx.222.186 eq...

okay, i removed that line, write mem. since i need ssh access from outside to dmz, i have an access-list that reads: access-list outside_access_in permit tcp any any eq 22 so i've added another ACL for the outside interface access-list outside_outside permit tcp any host xxx.xxx.222.186 eq...

hello yizhar the only message in syslog i get is: Jun 23 13:10:29 xxx.xxx.xxx.xxx %PIX-6-302001: Built inbound TCP connection 6919583 for faddr xxx.xxx.xxx.29/58313 gaddr xxx.xxx.222.186/22 laddr 192.168.0.2/22 and the only record i have with 192.168.0.2 is: static (inside,outside) interface...

Hello yizhar i followed what rhanda posted above 1:1 sh ver states: Licensed Features: Failover: Disabled VPN-DES: Enabled VPN-3DES: Disabled Maximum Interfaces: 3 Cut-through Proxy: Enabled Guards: Enabled Websense: Enabled Inside Hosts: Unlimited...

yup checked that, it does support SSH version 1. tried it also with Putty, Terraterm, SecureCRT, couple different SSH Clients. It's just weird that I get almost instantly a connection refused, not like the the connection gets established then the PIX closes the connection. I also did it...

I did as you mentioned above, for the remote access through SSH. still, when I try to SSH to the outside interface IP, i get a &quot;connection refused&quot;. i did the following: - generated the CA, pasted it to ~/.ssh/known_hosts on a box on the DMZ interface - ssh the DMZ interface, works i...

thanks alot, i'll get it done asap :) emanuel -- the router thought it was a printer

Dear Experts, after studying sever news groups and searching the forum here, i still haven't found an answer to what i'm looking for. Having made bad experience with other firewalls in the past, we switched to a PIX 515E. Due to the bad experience, it happened sometimes that the non-pix...

Just to let you know, thanks to your help and tips, the firewall is working flawlessly int he Laboratory set up. Next thing to do is to get it into the production environement. Emanel -- the router thought it was a printer

Yup, that's what I thought (about communication between two DMZ hosts). But the AC in the office died today so i couldn't think straight anymore for the moment :) Thanks for the remark about INSIDE<->DMZ, was scratching my head about it :) tomorrow i'll get the lab-setup ready to test those...

Those kind of mistakes happen to the best of the best :) I'm wondering about one thing, the configuration as it is right now, will it allow communication between each hosts on the DMZ or will this be blocked by the firewall? It's most probably a silly question which only the current 30°C in...

thanks alot tbisset for your valued answer. please allow me to add some comments to your proposed changes: 1 - I think the correct command (or at least the command that the pix accepted) is: nat (inside) 1 0 0 - it didn't accept nat 1 (inside) 0 0 2 - I've done that, but it gave me a warning...

Hello Experts the following is my PIX 515E configuration, as I had problems before getting the pix to work when I wanted to put it in place and lost many work hours through that, i'm kindly asking you to take a look at the config, and tell me if this will work the way expected, or if i'm far of...