[nsp] telnet to PIX firewall ..

Anning, Mike Mike.Anning at chep.com
Tue Mar 23 23:06:53 EST 2004


MGG

Are you sure that the mgmt.IP is actually on the "outside" Firewall
interface?
Have you checked that it is allowed through the other Firewalls in your
layered security architecture?

You may need to allow telnet incoming on the outside interface for the
mgmt.IP. Try to compare it with the SNMP set up as you know that works.

Cheers
Mike

-----Original Message-----
From: MGG [mailto:hiruy at comcast.net] 
Sent: 24 March 2004 10:00
To: cisco-nsp at puck.nether.net
Subject: [nsp] telnet to PIX firewall .. 


Dear All,

We have multi-layered security zones in our network and these zones are
delimited using multiple PIX firewalls.  The mgmt. devices reside
somewhere in the middle and on the most secure side of the network, we
have two PIX firewalls running v5.3 and they can only support telnet and
only accessible using outside interface. I have updated the
configuration with:

telnet  "$mgmt.IP" 255.255.255.255 outside  

and I have not been able to telnet into those boxes. However, SNMP to
the outside interface works fine, only telnet doesn't seem to work.  Is
this not supported configuration or did I miss a step?  There is a plan
to upgrade them in future (with ssh support in mind) in the mean I need
a fix... 

Thanks for your input in advance, 

Regards,
MGG.


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list