Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Pix 506e setting up ssh

Status
Not open for further replies.
prichards

prichards

MIS
Jul 8, 2003
2
US
I am trying to setup my Pix 506e to allow ssh connections. However when I initiate a connection to it, it says connection refused. Below are the commands that I have setup.
access-list acl_out permit tcp any host 12.1.1.1 eq ssh
static (inside,outside) tcp 12.1.1.1 ssh 172.16.6.2 ssh netmask 255.255.255.255 0 0
0.0.0.0 0.0.0.0 outside

What am I missing to allow this to go through. Every time I try to connect I get 'connection refused'. I am a little new at this so everything is from what I have read. Any help is great. Thanks.

Paul
 
Sort by date Sort by votes
Paul, Did you load the generate the Key?


Here is a list of the command necessary to get it working.

!!To enable ssh to the pix, make sure you have a hostname
hostname goss-d3-pix515b
!!a domain name
domain-name rtp.cisco.com
!!and then generate this ke
ca gen rsa key 1024
!--- Caution: The RSA key will not be saved without the CA SAVE ALL
command.
!--- The write mem command will not save it! In addition,if the PIX has
undergone a write erase
!--- or has been replaced, then cutting and pasting the old
configuration does not generate the key.
!--- You must re-enter the ca gen rsa key command.
!--- If there is a secondary PIX in a failover pair, doing write standby
will not copy the key
!--- from the primary to the secondary. You must also generate and save
the key on the secondary device.
ssh 172.18.124.114 255.255.255.255 inside
!! to enable ssh on the outside you can use to allow anyone to ssh in.
ssh 0.0.0.0 0.0.0.0 outside

Terry
 
Upvote 0 Downvote
That did it. Thanks! Now, can I set another ip address for a pass though of ssh to a Linus server on the inside of my network? It has an ssh login as well and I would like to have access to that. Can the PIX allow pass through of ssh packets? Thanks in advance.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
119
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
162
brownmab53
brownmab53
quazimotto
  • Locked
  • Question
Correct Upgrade Path for PIX
Replies
7
Views
240
quazimotto
quazimotto
quazimotto
  • Locked
  • Question
Ping thru PIX to subnet inside??!!
Replies
0
Views
103
quazimotto
quazimotto
texwiz
  • Locked
  • Question
need some help to properly set up, segregate and secure a network with an ASA 5505
Replies
2
Views
185
texwiz
texwiz

Part and Inventory Search

Sponsor

Back
Top