PIX 501 SSH

Discussion in 'Cisco' started by Bob Simon, Dec 2, 2005.

  1. Bob Simon

    Bob Simon Guest

    One of my customers sent their PIX 506E to another office and bought a
    501, which they asked me to configure. I used the console port to
    load the old configuration including a command to enable ssh from my
    notebook:
    ssh 192.168.0.201 255.255.255.255 inside

    When I tried to connect to the PIX from the network, Putty flashed and
    then immediately terminated. However, I could telnet to it after
    enabling that. I'm wondering if the 501 uses a different version of
    SSH than the 506, which would require adjusting one of the SSH
    parameters for the saved Putty session.
     
    Bob Simon, Dec 2, 2005
    #1
    1. Advertisements

  2. Bob Simon

    yfriend14424 Guest

    It sounds like you need to generate an RSA key.

    Joe
     
    yfriend14424, Dec 2, 2005
    #2
    1. Advertisements

  3. Sometimes it does not work
    Try to OPEN PDM and then SSH and
    ssh extrenal.ip 255.255.255.255 outside
    ssh 0.0.0.0 0.0.0.0 outside
    ssh internal NETWORK.ADDRESS NETWORK.MASK inside

    should be in your case

    ssh extrenal.ip 255.255.255.255 outside
    ssh 0.0.0.0 0.0.0.0 outside
    ssh internal 192.168.1.0 255.255.255.0 inside
     
    robert.szczepanek, Dec 2, 2005
    #3
  4. Bob Simon

    Martin Turba Guest

    For me, it also sounds like you did not create an RSA key:

    ----------
    pix# conf t
    pix(config)# ca generate rsa key 1024
    [...]
    pix(config)# ca save all
    pix(config)# exit
    pix#
    ----------

    Regards,
    Martin

    --
    +-----------------------------------------------------
    | Martin Turba
    | Fraunhofer Institute for Computer Graphics
    | INI-GraphicsNet ServiceCenter
    | Fraunhoferstr. 5, 64283 Darmstadt, Germany
    +-----------------------------------------------------
    | Phone: +49 6151 155-322
    | Email:
    +-----------------------------------------------------
     
    Martin Turba, Dec 2, 2005
    #4
  5. Bob Simon

    yfriend14424 Guest

    PDM generates a temporary RSA key when you access PIX. When you log
    off PDM, the RSA key will go away, and the no connect problem will come
    back.

    Joe
     
    yfriend14424, Dec 2, 2005
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.