Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Remote admin PIX

Reply
Thread Tools

Remote admin PIX

 
 
timo
Guest
Posts: n/a
 
      02-10-2004
Hey

I have a number of PIX's that are in the field connected to cable
modems or DSL that are assigned DHCP addresses by the ISP. I
administer most of these from the main site over ssh. They all have
VPN to the main site. Most of em keep the DHCP address for long
periods of time, this is good. For a handful their address changes
every once in a while and this breaks my ssh until someone at the
remote site logs into PIX and issues a ca zero key and then a ca
gen rsa key ...

What other ways can I remotely config a PIX ?

How are you all managing your remote PIX's ??

Thanks Much

Timo
 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      02-10-2004
In article <(E-Mail Removed) >,
timo <(E-Mail Removed)> wrote:
:I have a number of PIX's that are in the field connected to cable
:modems or DSL that are assigned DHCP addresses by the ISP. I
:administer most of these from the main site over ssh. They all have
:VPN to the main site. Most of em keep the DHCP address for long
eriods of time, this is good. For a handful their address changes
:every once in a while

OK.

:and this breaks my ssh until someone at the
:remote site logs into PIX and issues a ca zero key and then a ca
:gen rsa key ...

That's not needed. Configure ca identity hostname
before you generate the key, and then as long as you don't change
the 'hostname' setting the key will be good.
--
I was very young in those days, but I was also rather dim.
-- Christopher Priest
 
Reply With Quote
 
 
 
 
timo
Guest
Posts: n/a
 
      02-14-2004
Hey

I cant seem to get the ca identity hostname to work...

When I enter it in like that I get incorrect number of parameters.
I tried a number of other varieties ...
ca ident MYPIXHOST hostname (no explicit error , but spits cmd usage
so I think its wrong).
ca ident pix.domainname.com host (no explicit error , but spits cmd
usage so I think its wrong).

and a bunch of other combos .... I tried this with and without an rsa
key. The PIX docu says ca identity ca_nickname [ca_ipaddress|
hostname [:ca_script_location] [ldap_ip address| hostname]]

Any idea whats going on here ? Thanks Much!

Timo



http://www.velocityreviews.com/forums/(E-Mail Removed)-cnrc.gc.ca (Walter Roberson) wrote in message news:<c09cbf$1j9$(E-Mail Removed)>...
> In article <(E-Mail Removed) >,
> timo <(E-Mail Removed)> wrote:
> :I have a number of PIX's that are in the field connected to cable
> :modems or DSL that are assigned DHCP addresses by the ISP. I
> :administer most of these from the main site over ssh. They all have
> :VPN to the main site. Most of em keep the DHCP address for long
> eriods of time, this is good. For a handful their address changes
> :every once in a while
>
> OK.
>
> :and this breaks my ssh until someone at the
> :remote site logs into PIX and issues a ca zero key and then a ca
> :gen rsa key ...
>
> That's not needed. Configure ca identity hostname
> before you generate the key, and then as long as you don't change
> the 'hostname' setting the key will be good.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Urgent : Direct Client is looking for Informatica Admin &Developer(Admin must) sarah Fernandes Java 0 11-01-2010 05:03 PM
Rails: generate scaffold Product Admin overwrites admin pages Phlip Ruby 1 09-15-2006 09:40 PM
Remote Assistance fails to connect, remote remote host name could not be resolved Peter Sale Wireless Networking 1 12-11-2004 09:09 PM
Difference between Remote Desktop and Remote Desktop for Admin Dave Marden MCSE 16 01-24-2004 12:47 PM
vpnclient access to remote pix via pix-pix tunnel Bill F Cisco 1 11-25-2003 06:03 AM



Advertisments