[nsp] telnet to PIX firewall ..

MGG hiruy at comcast.net
Tue Mar 23 23:35:29 EST 2004


Thanks all; now I can put this to rest and it appears the desired option
might be to upgrade and use SSH.  

-MGG


-----Original Message-----
From: Sam Munzani [mailto:sam at munzani.com] 
Sent: Tuesday, March 23, 2004 10:42 PM
To: MGG; cisco-nsp at puck.nether.net
Subject: Re: [nsp] telnet to PIX firewall .. 


That's normal pix behavior. Unless you VPN in from outside interface, telnet
is not allowed from outside. Your best bet is upgrade code and activate DES
or 3DES to enable ssh.

Sam Munzani


> Dear All,
>
> We have multi-layered security zones in our network and these zones are
> delimited using multiple PIX firewalls.  The mgmt. devices reside
somewhere
> in the middle and on the most secure side of the network, we have two PIX
> firewalls running v5.3 and they can only support telnet and only
accessible
> using outside interface. I have updated the configuration with:
>
> telnet  "$mgmt.IP" 255.255.255.255 outside
>
> and I have not been able to telnet into those boxes. However, SNMP to the
> outside interface works fine, only telnet doesn't seem to work.  Is this
not
> supported configuration or did I miss a step?  There is a plan to upgrade
> them in future (with ssh support in mind) in the mean I need a fix...
>
> Thanks for your input in advance,
>
> Regards,
> MGG.
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list