Telnet / PDM via a VPN tunnel does not work with VPN

trvenkatesan · ‎12-05-2003

Has anyone experienced this issue? I can telnet / use PDM to the outside interface using VPN client ver 3.6.4 after the tunnel is established. The same thing does not work with VPN client ver 4.x. Any ideas?

alozzy · ‎12-09-2003

I realize my suggest may not be the solution you want, but if you need remote access to the PIX over a secure session to its outside interface, use ssh. You will need to create a certificate "ca generate rsa key 1024" for a 1024 bit modulus. Then save the key by issuing "ca save all". Finally, configure ssh to allow outside access (ie. ssh 123.456.78.9 255.255.255.255 outside). The only thing you need on the remote end is an ssh client (for Windows, try Putty - it is simple, works well, and is free).

koaps · ‎12-09-2003

If you want a really secure way of access for the PIX, just hook up the console cable to a *nix machine(linux or something) and use minicom. You can then just ssh to the *nix machine for access.

This is how I configure my PIX, and if I need to I can do write erase and reload and not get disconnected from the PIX(the console doesn't need an interface to connect like SSH or telnet)

I wish I had a machine with 4 serial ports so I can have all my cisco devices attached and use minicom saved sessions to access various devices at the same time.

In general you should never use protocols that deal in clear text if you can help it. Never use telnet, there just is no need. SSH is just as easy to setup and use. Same goes for FTP. It should not be used anymore. SCP is just as good and by far more secure.

just my 2 cents worth.