You cannot telnet to the outside interface of a PIX device. You have to use SSH (Secure Shell), or connect via VPN then telnet into the PIX. The easier way is SSH and it is secure because the traffic is encrypted unlike Telnet which sends that traffic clear text.
Here is how it is done:
Configuring Local SSH (No AAA Authentication)
It is also possible to set up an SSH connection to the PIX with local authentication and no AAA server; however, there is no discrete per-user username. The username is always "pix."
Use the following commands to configure local SSH on the PIX:
hostname goss-d3-pix515b
domain-name rtp.cisco.com
ca gen rsa key 1024
!--- Caution: The RSA key will not be saved without the CA SAVE ALL command.
!--- The write mem command will not save it! In addition,if the PIX has undergone a write erase
!--- or has been replaced, then cutting and pasting the old configuration does not generate the key.
!--- You must re-enter the ca gen rsa key command.
!--- If there is a secondary PIX in a failover pair, doing write standby will not copy the key
!--- from the primary to the secondary. You must also generate and save the key on the secondary device. ssh 172.18.124.114 255.255.255.255 inside
ssh timeout 60
passwd cisco123
Since the default username in this arrangement is always "pix," then the command to connect to the PIX (this was 3DES from a Solaris box) is:
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.