cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1275
Views
0
Helpful
3
Replies

Telnet to Firewall outside interface over Internet

Ramu Ch
Beginner
Beginner

Hi Team,

Hope all are doing well.

Here my issue is i would not be able access ASA 5510 outside interface over Internet eventhough i made a configuration entry of Telnet ans SSh from outside as below

#telnet 0.0.0.0 0.0.0.0 outside

#ssh 0.0.0.0 0.0.0.0 outside

And also i given for Exclusive public IP address for Telnet /SSH,those were not accepted. Is there any way to access Firewall boxes outside Interface over Internet so that i can conect from my Home at least SSH access in the view of security.

Regards

Ramu

1 Accepted Solution

Accepted Solutions

Kureli Sankar
Cisco Employee
Cisco Employee

Ramu,

Telnet to the lowest security interface is not allowed by default - This is by design and cannot be changed.

As far as ssh is concerned you should be able to.

Make sure you have the following configured.

1. rsa key pair

2. username

3. aaa authen

conf t

cry key generate rsa modulus 1024

username cisco pass cisco priv 15

aaa authen ssh console LOCAL

aaa authen en console LOCAL

refer this link: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/access_management.html#wp1042250

-KS

View solution in original post

3 Replies 3

Kureli Sankar
Cisco Employee
Cisco Employee

Ramu,

Telnet to the lowest security interface is not allowed by default - This is by design and cannot be changed.

As far as ssh is concerned you should be able to.

Make sure you have the following configured.

1. rsa key pair

2. username

3. aaa authen

conf t

cry key generate rsa modulus 1024

username cisco pass cisco priv 15

aaa authen ssh console LOCAL

aaa authen en console LOCAL

refer this link: http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/access_management.html#wp1042250

-KS

Tks

Madam.

Can u Expalin for my undestanding Each command How it works when packet arrives to Firewalll over Internet after configuration.

Waht is RSA Key and waht is the purpose,Meanwhile i will google it those topics.

How can i rate this Post,I want to give Max rate.

Thanks

Ramu

Ramu,

I see that you found how to rate the post and mark it solved. Thanks for doing that.

You should be able to see the steps here:

https://supportforums.cisco.com/docs/DOC-6022#I_posted_a_question_how_do
_I_mark_a_reply_as_Correct_Answer

You can read command reference here: http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/c5.html#wp2237673

I put a link about that would take you directly to "cry key gen" command but, if you scroll up you can switch to read about other commands. They are all alphabatically sorted.

-KS

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: