Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ssh configure from client and pix firewall

Status
Not open for further replies.
mitmcse2k

mitmcse2k

Instructor
Aug 9, 2003
14
US
i am new for fix firewall

i want to configure ssl configure on pix 501 firewall but i dont konw what software i would need fro client using ssl ports.

if anyone have idea what am i talking about please give me advise on this.

thank you
 
Sort by date Sort by votes
There are a lot of clients that support SSL. I use Secure CRT from VanDyke software. There a few free ones available as well.
 
Upvote 0 Downvote
i have licence for 10 user but not really know how to configure.

 
Upvote 0 Downvote
I am a little confused do you want SSH configured or SSL?

If you use SSL configure PDM.


If you want SSH do the following:

hostname PIX

domain-name pix.com

ca generate rsa key 512

ca save all

ssh 192.168.1.0 255.255.255.0 (or whatever your inside network is)
 
Upvote 0 Downvote
hay

thank you for ur help...... another thing how can i set up VPN on this pix firewall. i tink i know concept from windows site but i dont know how to set up pix firewall as vpn server..... so if you can help me with that would be osome..

Thank you
 
Upvote 0 Downvote
i want to configure with SSH and SSL vpn..... do you know which vpn client program i would need for configure SSH.
 
Upvote 0 Downvote
after you configure the pubkey,you need to enble ssh on the pix and get an ssh client for your workstation---putty works well and it is free.


festus mcshamus, mcse
 
Upvote 0 Downvote
once again

Thank you for all the help. but i have another problem i cant ping my outside port or get in through SSH.

it would be big help if someone help me with this
 
Upvote 0 Downvote
Are you sure you just haven't ICMP enabled on the outside Interface?

icmp permit any outside

Fine for testing but you might want to disable this or allow a specific IP once you are ready to install at a site. Allowing anyone to ping PIX from outside not good :(


 
Upvote 0 Downvote
even though i have icmp enable outside ports. i cant ping. well i dont really know what is the problems.

i just want to test this pix 501 but i dont know if i shuld behind the 4 port router or straight connect to DSL. if anyone have any idea give me suggestion.


Thank you

MCSE, CCNA
 
Upvote 0 Downvote
I've had this problem with several PIXs running any of the 6.3 codes. If you have any type of an access list on the external interface you have to add a ACL to allow the ICMP traffic. Like this.

access-list outside_access_in permit icmp any any

Scott [pipe]
CCNA, CCSE, CCSP, ISS-CE
 
Upvote 0 Downvote
Do i have to give my outside interface DNS Address and default dateway before my outside interface was dhcp client.

now i am giving static i ap address on outside interface. does anyone know how can i give dns address on my outside interface allso default gateway.

thank you
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
285
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
304
Johnkite
Johnkite
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
247
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
209
Nitta84
Nitta84
ciscokid1984
  • Locked
  • Question
Watchguard RDP from external network
Replies
1
Views
156
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top