Out Of band access to PIX

Discussion in 'Cisco' started by fnu-10a4, Nov 23, 2004.

  1. fnu-10a4

    fnu-10a4 Guest

    Hello,

    I need your points on this.

    I am deploying PIX 501 firewall for VPN. That's fine but sometimes I
    need to modify on-the-fly the IP addressed to the firewall due to a
    ISP mess-up.

    I wonder if I can use a modem attached to a PSTN line to do it. I know
    Sentry_Commander can do it or BayTECH OOB but this is really to
    expensice and a Sentry is too big (1 U high and a PIX 501 is so small
    ;-))

    Do you have URL relating experience? I am sure I can use a 33.6 PSTN
    modem for it but what kind of adapters would I need?

    Thanks you,

    Alain
    fnu-10a4, Nov 23, 2004
    #1
    1. Advertising

  2. In article <>,
    fnu-10a4 <> wrote:
    :I am deploying PIX 501 firewall for VPN. That's fine but sometimes I
    :need to modify on-the-fly the IP addressed to the firewall due to a
    :ISP mess-up.

    That hints to me that you might not be configuring the PIX as best
    possible for the circumstances. You should perhaps be setting it
    for "ip address outside dhcp", and you should be setting the end the
    PIX is connecting to with a "crypto dynamic-map" instead of a plain
    crypto map.


    :I wonder if I can use a modem attached to a PSTN line to do it.

    Yes.

    :Do you have URL relating experience? I am sure I can use a 33.6 PSTN
    :modem for it but what kind of adapters would I need?

    Start with the console cable that was provided with the PIX. That cable
    is wired for DCE (Data Communications Equipment) on the PIX end,
    and expects to plug into DTE (Data Transmission Equipment) such as
    a computer. Standard modems are also DCE, so you will need
    a cross-over cable to connect the console cable to the modem. If you
    look in any store that still sells serial cables at all, you will
    probably find a DB9 <-> DB25 crossover connector that also happens to
    do the gender changing you need.

    My co-worker has the pinouts written down in order to make
    exactly the configuration you are describing, as we've done the same
    thing for different reasons (not for ISP mess-up but because of
    our mess-ups: changing the access lists on a remote PIX can end up
    losing your remote access as you go through the transition state of
    removing the old ACL to put in the new one.)
    --
    Take care in opening this message: My grasp on reality may have shaken
    loose during transmission!
    Walter Roberson, Nov 23, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Robert B. Phillips, II

    Out-of-Band Router Access

    Robert B. Phillips, II, Nov 10, 2004, in forum: Cisco
    Replies:
    6
    Views:
    8,816
    Jeff Pratt
    Nov 16, 2004
  2. Charlie Russel - MVP

    Heads up! Out of Band Security Patch Now Available

    Charlie Russel - MVP, Apr 3, 2007, in forum: Windows 64bit
    Replies:
    1
    Views:
    341
    =?Utf-8?B?Q2FybG9z?=
    Apr 3, 2007
  3. flboy0638

    configure "out of band" modem portion

    flboy0638, Mar 15, 2008, in forum: General Computer Support
    Replies:
    2
    Views:
    2,278
    flboy0638
    Mar 15, 2008
  4. Pedro89
    Replies:
    0
    Views:
    408
    Pedro89
    Aug 3, 2009
  5. RichA
    Replies:
    3
    Views:
    99
    Robert Coe
    Feb 16, 2014
Loading...

Share This Page