Re: how to enable telnet on the outside interface for PIX

From: john matijevic (john.matijevic@gmail.com)
Date: Sun Aug 21 2005 - 20:42:49 GMT-3

• Next message: Brant I. Stevens: "Re: Routing updates through a firewall"
• Previous message: john matijevic: "Re: Routing updates through a firewall"
• Maybe in reply to: muath_thebest@hotmail.com: "how to enable telnet on the outside interface for PIX"
• Next in thread: Christopher M. Heffner: "RE: how to enable telnet on the outside interface for PIX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,
Why would you want to enable telnet on the outside interface of the pix?
Telnet traffic is passed clear text and not very secure. I would recommend
setting up secure shell for the outside interface.
Sincerely,
John

 On 8/21/05, Christopher M. Heffner <cheffner@certified-labs.com> wrote:
>
> In order to allow telnet to the outside interface you must first
> explicitly enable telnet on the outside interface.
>
> telnet x.x.x.x outside
>
> Second you must be running the outside interface in a secure mode with
> IPSec to permit telnet traffic to the outside interface.
>
> Here is the syntax description from the 6.3 command reference guide.
>
> ========================================================================
> ====
>
> If IPSec is operating, PIX Firewall lets you specify an unsecure
> interface name, typically, the outside interface. At a minimum, the
> crypto map command must be configured to specify an interface name with
> the telnet command.
>
> ========================================================================
> ====
>
> HTH.
>
>
> Christopher M. Heffner, CCIE 8211, CCSI 98760
> Strategic Network Solutions, Inc.
> VP of Internetworking Technologies
>
> www.certified-labs.com <http://www.certified-labs.com>
>
> "Complete CCIE R&S and Security Online Rack Rentals"
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> muath_thebest@hotmail.com
> Sent: Sunday, August 21, 2005 9:43 AM
> To: ccielab@groupstudy.com
> Subject: how to enable telnet on the outside interface for PIX
>
> HI,
> Can any body send me the part of configuration needed to make someone on
> the outside be able to do telnet on outside interface of pixfirewall.
> I already enabled the telent on the inside and DMZ interfaces. but I do
> not know how I can enable it for outside.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

--
John Matijevic, CCIE #13254
U.S. Installation Group
Senior Network Engineer
954-969-7160 ext. 1147 (office)
305-321-6232 (cell)

• Next message: Brant I. Stevens: "Re: Routing updates through a firewall"
• Previous message: john matijevic: "Re: Routing updates through a firewall"
• Maybe in reply to: muath_thebest@hotmail.com: "how to enable telnet on the outside interface for PIX"
• Next in thread: Christopher M. Heffner: "RE: how to enable telnet on the outside interface for PIX"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3