Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
539
Views
0
Helpful
5
Replies

SSH

mcvosi
Level 1
Level 1

‎10-06-2003 09:38 AM - edited ‎03-09-2019 05:03 AM

I'm wanting to allow the internal network to connect to the router, but I believe my PIX is prohibiting this. I'm running PIX version 6.3(2) and here's the layout, which is typical:

Inside -> PIX (515E) -> Router (2600) -> Internet

TIA.

Labels:
0 Helpful
5 Replies 5

wasonce_2000
Level 1
Level 1

‎10-06-2003 11:27 AM

mcvosi,

Do you have any access-list configured in your pix blocking outbound traffic from your LAN? If so add a line before the deny statement of the access-list "access-list xxx permit tcp host (workstation IP)host (2600 IP) eq 22.

0 Helpful

mcvosi
Level 1
Level 1
In response to wasonce_2000

‎10-06-2003 11:33 AM

No, currently all outbound connections from the LAN are unrestricted. That's why this puzzles me.

0 Helpful

dsamaan
Level 1
Level 1

‎10-06-2003 12:24 PM

dumb question, but is the router configured right...is there a DES/3DES license installed on it...do a show version and verify DES or 3DES is enabled

0 Helpful

mcvosi
Level 1
Level 1
In response to dsamaan

‎10-06-2003 12:34 PM

Well, thanks for the replies but it seems the nut behind the wheel wasn't secured properly. I forgot to assign the transport to a vty. Doh! It's definitely a Monday! :-)

0 Helpful

anilv
Level 1
Level 1
In response to mcvosi

‎10-10-2003 04:59 AM

you can NAT the inside ip with a Public ip and it will allow you telnet. Apply the following command.

static (inside,outside) natip nattedip netmak 255.255.255.255

access-list acl_outside permit tcp host natted ip host natip eq telnet

here where natip is the inside lan ip

natted ip public ip

0 Helpful
Customers Also Viewed These Support Documents