Re: SSH/IPSec to PIX

From: P729 (p729@cox.net)
Date: Sun Jun 13 2004 - 05:22:49 GMT-3

• Next message: Koen Peetermans: "RE: SSH/IPSec to PIX"
• Previous message: NARAYAN: "Ccie sp"
• Maybe in reply to: Kareem Boules: "SSH/IPSec to PIX"
• Next in thread: Koen Peetermans: "RE: SSH/IPSec to PIX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Sorry if I mislead anyone (I really need to read more carefully). I was
talking about VPNing to the PIX with the 4.x client and then _Telneting_ to
that PIX's outside interface through the tunnel, not SSH (why use SSH if you
already have a secure channel?). The problem remains the secure host route
to the PIX outside interface is not installed into the 4.x client as it is
with the 3.x client.

Regards,

Mas Kato
https://ecardfile.com/id/mkato

----- Original Message -----
From: "910T" <910t@cox.net>
To: "Kareem Boules" <kareem@synergyct.com>; <ccielab@groupstudy.com>
Cc: <security@groupstudy.com>
Sent: Saturday, June 12, 2004 9:13 AM
Subject: Re: SSH/IPSec to PIX

> I'm also dealing with this very issue at the moment. For some reason, the
> secured host route to the outside interface of the PIX stopped being
> installed with the 4.x version of the client as it was with the 3.x client
> (look at your statistics under Route Details). I installed the 3.6 client
> into a Virtual PC and it works fine with the same PIX configurations. I'm
> doing split-tunneling--perhaps there's a workaround by fiddling with the
> split-tunnel ACL. We'll see...
>
> Regards,
>
> Mas Kato
> https://ecardfile.com/id/mkato
>
> ----- Original Message -----
> From: "Kareem Boules" <kareem@synergyct.com>
> To: <ccielab@groupstudy.com>
> Cc: <security@groupstudy.com>
> Sent: Saturday, June 12, 2004 11:13 AM
> Subject: SSH/IPSec to PIX
>
>
> > Hey fellows,
> >
> > I wonder if someone can help with this scenario:
> > When I establish an IPSec tunnel between my SW Client (ver. 4) and PIX
> > (6.3), then I try to SSH to the PIX, it doesnt work. I tried out lots of
> > things, but the only workaround I could do is to, first, telnet to an
> inside
> > host, then SSH to the PIX from that host.
> > Any advice?
> >
> > Kareem
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Koen Peetermans: "RE: SSH/IPSec to PIX"
• Previous message: NARAYAN: "Ccie sp"
• Maybe in reply to: Kareem Boules: "SSH/IPSec to PIX"
• Next in thread: Koen Peetermans: "RE: SSH/IPSec to PIX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:39 GMT-3