Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
338
Views
0
Helpful
3
Replies

Cisco PIX 501

SysAdminj
Level 1
Level 1

‎01-18-2005 08:14 AM - edited ‎02-20-2020 11:52 PM

I have to ship this PIX out to a remote location.

I have it set up properly and ready to go except one thing, This is our first remote PIX, and I will need to be able to manage it from our main office here.

How would I set it up so I can remotely manage the PIX? I have a VPN Client connection installed so I can VPN into the device, but I don't know if this will alow me to manage it from here, and I dont want to learn the hard way if possible :)

0 Helpful
3 Replies 3

sstudsdahl
Level 4
Level 4

‎01-18-2005 08:42 AM

If you can VPN into the PIX, add the command:

management-access inside

This will allow you to connect to the inside interface of the PIX when you establish your VPN connection.

Once you have that command entered, you also need to define the IP addresses of who can connect to HTTP/SSH/TELNET. If you plan to do the administration of the PIX while you are VPN'ed into the PIX, the addresses that you would specify would be those setup in the address pool that you created for the VPN group.

Here is a link that talks about setting up remote management using telnet. Right below in the same document is a section for configuring remote management using SSH.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config/sysmgmt.htm#wp1022109

Steve

0 Helpful

jmia
Level 7
Level 7

‎01-18-2005 09:22 AM

Steve,

I use SSH to connect to my remote pixes, if you want to setup SSH on your pix do the following:

in config mode:

ca generate rsa key 1024

ca save all

Now allow ssh onto your pix on the outside interface:

in config mode:

ssh 255.255.255.255 outside

that ip address for ssh should be a public ip address i.e. the ip address of were you are located / your internet facing ip address.

make sure to save with write mem, you can freely down load a ssh client, goto google.com and type putty.exe (I use this) works very well.

You can check your encrypted key pair that has been generated by issuing: sho ca mypubkey rsa

Hope this helps

Jay

0 Helpful

Patrick Iseli
Level 7
Level 7
In response to jmia

‎01-19-2005 04:39 PM

Usally ssh but there is also a way to use the PDM for that ones that prefer a GUI.

See: Accessing the PDM from an Outside Interface Over a VPN Tunnel

http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/products_configuration_example09186a0080094497.shtml

sincerely

Patrick

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card