Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How we access pix other than through console?
- Thread starter johnmis
- Start date
You can either telnet or SSH to the PIX just like you can to a Cisco router. Pick the interface you want to come in on and type (in config mode) ssh ip_address [netmask] [interface name]. For example, if you wanted to ssh in on your inside interface that has an IP address of 192.168.1.1 the command would look like this:
ssh 192.168.1.1 255.255.255.255 inside <enter>
passwd <whatever password you want to use> <enter>
ssh timeout <number between 1 and 60 minutes> <enter>
Remember you must also config your RSA encryption key to use SSH.
You can also set up telnet to a specific interface with almost the same format as ssh:
telnet 192.168.1.1 255.255.255.255 inside <enter>
passwd <telnetpassword> <enter>
telnet timeout <no. of minutes before session timeout> <enter>
ssh 192.168.1.1 255.255.255.255 inside <enter>
passwd <whatever password you want to use> <enter>
ssh timeout <number between 1 and 60 minutes> <enter>
Remember you must also config your RSA encryption key to use SSH.
You can also set up telnet to a specific interface with almost the same format as ssh:
telnet 192.168.1.1 255.255.255.255 inside <enter>
passwd <telnetpassword> <enter>
telnet timeout <no. of minutes before session timeout> <enter>
- Thread starter
- #4
Hi Ckuner, so if 192.168.1.1 is the ip you are coming from
--------
telnet 192.168.1.1 255.255.255.255 inside <enter>
passwd <telnetpassword> <enter>
telnet timeout <no. of minutes before session timeout>
-----------
where do I specify the ip of the interface of the pix then?
so do we only have two options if we dont use the console
ssh and telnet... is this right?
Thanks in advance
--------
telnet 192.168.1.1 255.255.255.255 inside <enter>
passwd <telnetpassword> <enter>
telnet timeout <no. of minutes before session timeout>
-----------
where do I specify the ip of the interface of the pix then?
so do we only have two options if we dont use the console
ssh and telnet... is this right?
Thanks in advance
On a PIX you refer to the interface by its name, not the IP address. In most cases, the inside interface (to the internal network) is named "inside," the outside (to the Internet) "outside," and so on. So, in my example you would be telnetting/ssh-ing to the inside interface from a host on the internal network.
- Thread starter
- #6
I used putty.exe and used ssh, it worked!!, I am in now.
is there anyway we can dump the configuration to a file? if yes how we do that?
basically we are trying to create two configurations, one for T1 connection and the other one for DSL in case the T1 down.
is there an easy way to do this like using ftp where you can just over write the file?
Thanks
is there anyway we can dump the configuration to a file? if yes how we do that?
basically we are trying to create two configurations, one for T1 connection and the other one for DSL in case the T1 down.
is there an easy way to do this like using ftp where you can just over write the file?
Thanks
Yes you can do it both ways. You can do a write terminal (or sh run, depending on your version), and select, copy, and paste your running config into a text file that you can copy and paste back in if you want to later. I believe you can also copy your running or startup config to a tftp server by typing in the command copy run tftp (copy start tftp for the startup config). It will ask you the address of a tftp server and what name you want the file to be when it is copied to the tftp server. Needless to say you need to have a tftp server up and running on your network (lots of free ones available on the web).
- Thread starter
- #8
thats terrific, thats what I need,
I typed in "write terminal" then I copied and pasted into a text file, but when I wanna copy it back to the pix with the copy tftp flash command, it would require .bin file.
how do we convert from a text file to a bin file? or vice versa? ...I heard about rawrite.exe, is that the one?
Thanks again
I typed in "write terminal" then I copied and pasted into a text file, but when I wanna copy it back to the pix with the copy tftp flash command, it would require .bin file.
how do we convert from a text file to a bin file? or vice versa? ...I heard about rawrite.exe, is that the one?
Thanks again
- Thread starter
- #9
HI.
> but how can we access pix configuration other than through the console ...
If you have pix version 6.xx and PDM installed, then you can also manage the pix using the PDM GUI web interface.
This is in addition to CLI access (console/telnet/ssh).
Yizhar Hurwitz
> but how can we access pix configuration other than through the console ...
If you have pix version 6.xx and PDM installed, then you can also manage the pix using the PDM GUI web interface.
This is in addition to CLI access (console/telnet/ssh).
Yizhar Hurwitz
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question