To manage it remotely, you need to configure PIX 6.X to permit incoming SSH and/or Telnet connections to it. Note that since Telnet sends all information including passwords in clear text, SSH is preferred the method.
Network Diagram:
Configuration Tasks:
1. Specify credentials:
passwd mypassword
-- or --
username myusername password mypassword
2. [SSH only] Generate RSA key pair:
ca zeroize rsa
ca gen rsa key 1024
ca save all
Note: The "zeroize" command is there just in case a previous RSA key has already been generated. You can set the modulus to any other value aside from 1024. The larger the modulus, the more secure the RSA key.
3. Specify the hosts allowed to connect to the PIX:
ssh 0 0 inside
ssh 10.199.248.0 255.255.255.0 outside
-- or --
telnet 0 0 inside
telnet 10.199.248.0 255.255.255.0 outside
Note: Syntax parameters for either case is: source_ip_address subnet_mask source_interface. The 0 0 above indicates "any".
4. [Optional] Specify the telnet/ssh session timeout:
ssh timeout 10
-- or --
telnet timeout 10
No comments:
Post a Comment