Question about remotley accessing PIX PDM

[snemes]

Good day to all....

I just had a few questions about remotely accessing the pix PDM. Is there any way that an administrator could access the PIX PDM from a remote location not using VPN connection (Is there a possible work-around)? If possible, how is this done? How secure is this?

Thanks for all your help...

Scott

 

[themut]

You don´t need a VPN to access PDM from the outside. You would need to issue the following commands:

http server enable
http <remote-ip> 255.255.255.255 outside

It is not as secure as using a VPN but it is quite secure since it uses RSA keys. Make sure you have 3DES enabled and If you want to increase the security use 2048 bits for the RSA key:

ca generate rsa key 2048

 

[snemes]

mut....

I see how that would work, unfortuatly the user does not have a static ip at home. Is there any other way to work around VPN.

Thanks in advance..
Scott

 

[themut]

Well you could use:

http 0.0.0.0 0.0.0.0 outside

But it is not very secure since you are permitting connections to PDM from anyone on the Internet.

A better option would be to ask you ISP what range he is assigning so you can use that range which will still be open but not as wide.

 

[snemes]

mut-

Thanks; I see what your are saying.

Scott