https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452126#M535587 <HTML><HEAD></HEAD><BODY><P>You can't telnet to the outside interface, but you can SSH to it:</P><P><A class="jive-link-custom" href="http://www.ciscotaccc.com/security/showcase?case=K75783563" target="_blank">http://www.ciscotaccc.com/security/showcase?case=K75783563</A></P><P></P><P>Traffic will be able to pass on same security level if you run a current version (&gt;=7.0) of the PIX and configure the "same-security-traffic permit inter-interface" feature:</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080450b7c.html#wp1039276" target="_blank">http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080450b7c.html#wp1039276</A></P><P></P></BODY></HTML> Sun, 10 Jul 2005 20:35:33 GMT johansens 2005-07-10T20:35:33Z https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452125#M535586 <P>Hi All</P><P></P><P>Is it possible to allow a telnet or ssh connection to a PIX via the outside interface? The documentation I have (seems to) state that telnet access via the outside interface 'requires' IPSEC - it is not made clear whether this is a recommendation or requirement. </P><P></P><P>Also, the documentation states that no traffic will pass through a PIX if the inside and outside interface are configured with the same security level - does this mean that no traffic will pass 'full-stop'; or traffic will pass if the appropriate ACLs/conduits are configured?</P><P></P><P>Thanks-in-Advance</P><P></P><P></P><P></P> Fri, 21 Feb 2020 08:15:39 GMT https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452125#M535586 mister-daniel 2020-02-21T08:15:39Z https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452126#M535587 <HTML><HEAD></HEAD><BODY><P>You can't telnet to the outside interface, but you can SSH to it:</P><P><A class="jive-link-custom" href="http://www.ciscotaccc.com/security/showcase?case=K75783563" target="_blank">http://www.ciscotaccc.com/security/showcase?case=K75783563</A></P><P></P><P>Traffic will be able to pass on same security level if you run a current version (&gt;=7.0) of the PIX and configure the "same-security-traffic permit inter-interface" feature:</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080450b7c.html#wp1039276" target="_blank">http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080450b7c.html#wp1039276</A></P><P></P></BODY></HTML> Sun, 10 Jul 2005 20:35:33 GMT https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452126#M535587 johansens 2005-07-10T20:35:33Z https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452127#M535588 <HTML><HEAD></HEAD><BODY><P>You can work around this issue by performing an IPSEC tunnel and placing the telnet in another Interface something like this :</P><P></P><P>interface ethernet1 vlan1000 logical</P><P>nameif vlan1000 managment security 50</P><P></P><P>after create a VPN Client connection</P><P>And telnet to the Vlan 1000 interface ip address.</P><P></P><P></P><P>As for the same security level in two interfaces its apliable to any interface ( except inside and outside they have lvl 100 and 0 hardcoded) this is solved in PIX 7.0 with the "same-security-traffic permit inter-interface" but from what i gathered in my tests you still can't place the same security level in the Inside and Outside interfaces.</P><P>I hope this helped.</P></BODY></HTML> Mon, 11 Jul 2005 08:44:16 GMT https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452127#M535588 fausto-oliveira 2005-07-11T08:44:16Z https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452128#M535589 <HTML><HEAD></HEAD><BODY><P>Thanks for the replies - much appreciated.</P></BODY></HTML> Tue, 12 Jul 2005 06:23:30 GMT https://community.cisco.com/t5/network-security/telnet-ssh-to-pix-outside-interface/m-p/452128#M535589 mister-daniel 2005-07-12T06:23:30Z