Remote admin PIX

Discussion in 'Cisco' started by timo, Feb 10, 2004.

  1. timo

    timo Guest

    Hey

    I have a number of PIX's that are in the field connected to cable
    modems or DSL that are assigned DHCP addresses by the ISP. I
    administer most of these from the main site over ssh. They all have
    VPN to the main site. Most of em keep the DHCP address for long
    periods of time, this is good. For a handful their address changes
    every once in a while and this breaks my ssh until someone at the
    remote site logs into PIX and issues a ca zero key and then a ca
    gen rsa key ...

    What other ways can I remotely config a PIX ?

    How are you all managing your remote PIX's ??

    Thanks Much

    Timo
     
    timo, Feb 10, 2004
    #1
    1. Advertising

  2. In article <>,
    timo <> wrote:
    :I have a number of PIX's that are in the field connected to cable
    :modems or DSL that are assigned DHCP addresses by the ISP. I
    :administer most of these from the main site over ssh. They all have
    :VPN to the main site. Most of em keep the DHCP address for long
    :periods of time, this is good. For a handful their address changes
    :every once in a while

    OK.

    :and this breaks my ssh until someone at the
    :remote site logs into PIX and issues a ca zero key and then a ca
    :gen rsa key ...

    That's not needed. Configure ca identity hostname
    before you generate the key, and then as long as you don't change
    the 'hostname' setting the key will be good.
    --
    I was very young in those days, but I was also rather dim.
    -- Christopher Priest
     
    Walter Roberson, Feb 10, 2004
    #2
    1. Advertising

  3. timo

    timo Guest

    Hey

    I cant seem to get the ca identity hostname to work...

    When I enter it in like that I get incorrect number of parameters.
    I tried a number of other varieties ...
    ca ident MYPIXHOST hostname (no explicit error , but spits cmd usage
    so I think its wrong).
    ca ident pix.domainname.com host (no explicit error , but spits cmd
    usage so I think its wrong).

    and a bunch of other combos .... I tried this with and without an rsa
    key. The PIX docu says ca identity ca_nickname [ca_ipaddress|
    hostname [:ca_script_location] [ldap_ip address| hostname]]

    Any idea whats going on here ? Thanks Much!

    Timo



    -cnrc.gc.ca (Walter Roberson) wrote in message news:<c09cbf$1j9$>...
    > In article <>,
    > timo <> wrote:
    > :I have a number of PIX's that are in the field connected to cable
    > :modems or DSL that are assigned DHCP addresses by the ISP. I
    > :administer most of these from the main site over ssh. They all have
    > :VPN to the main site. Most of em keep the DHCP address for long
    > :periods of time, this is good. For a handful their address changes
    > :every once in a while
    >
    > OK.
    >
    > :and this breaks my ssh until someone at the
    > :remote site logs into PIX and issues a ca zero key and then a ca
    > :gen rsa key ...
    >
    > That's not needed. Configure ca identity hostname
    > before you generate the key, and then as long as you don't change
    > the 'hostname' setting the key will be good.
     
    timo, Feb 14, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Peter Sale
    Replies:
    1
    Views:
    12,003
    Robin Walker
    Dec 11, 2004
  2. Bill F
    Replies:
    1
    Views:
    441
    Walter Roberson
    Nov 25, 2003
  3. R Siffredi
    Replies:
    1
    Views:
    1,536
    Aaron Leonard
    Aug 1, 2005
  4. Dave Marden
    Replies:
    16
    Views:
    10,728
    Dave Marden
    Jan 24, 2004
  5. Remote Service Admin

    , Apr 16, 2005, in forum: Computer Support
    Replies:
    3
    Views:
    327
    John Holmes
    Apr 16, 2005
Loading...

Share This Page