09-02-2005 01:10 PM - edited 02-21-2020 01:56 PM
hi,
i have pix 525 running OS ver 6.3(4) the outside interface is connected to cisco router 1721 which is connected to internet i made vpn configuration on pix and the client can access every thing inside my network except i can not telnet into pix or router or cache engine i do not know why do u have any suggetstion
regards,
ahmed
please find attached pix config
09-02-2005 02:07 PM
i dont think you will be able to telnet to the outside router if you vpn into the pix, the reason being pix not going to send the packet to the outside interface if the packet comes from outside interface.
for telnet to the pix, you need telnet x.x.x.x x.x.x.x outside.
but you will only be able to telnet if you have the VPN connection to the pix first.
or use ssh
thanks
Nadeem
09-02-2005 03:15 PM
A workaround if you have an internal router, set up access to the PIX and outside router from the internal router. Then, you can telnet to the internal router from your vpn connection, and from their, telnet to the PIX our outside router. This could also be a security feature, I only allow a couple IP's telnet to a core internal router, and then only allow access to the PIX's from that router.
09-02-2005 07:45 PM
My suggestion is that you enable SSH on the outside interface of the Pix. It is more secure than telnet and does not require a VPN connection since communication is already encrypted.
09-04-2005 08:09 PM
the only way to connect to a pix from the outside interface is ssh. pix doesn't allow telnet to its outside interface at all.
http://www.ciscotaccc.com/security/showcase?case=K75783563
alternatively, you may log on to a server, a pc or an internal router after the remote vpn established, then from the server/pc/router telnet to the pix inside interface.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide