Cisco PIX 515 telnet problem

Hi all,

I am setting a PIX 515 running on 6.3(5) for one of my customers. I have no problem telnetting from DMZ network to the DMZ interface ip address. But when I tried to telnet from Outside (internet) to the outside interface ip address, I just can't. I have no problem accessing the PDM from Outside and DMZ via https.

I have already key in the command "telnet outside" but it doesn't seem to work at all. Guys, have any idea on what else could be the reason? Thanks.

Reply to
Guan Foo Wah
Loading thread data ...


You can only telnet to the outside interface using SSH for security reasons. Set up SSH and RSA Keys then use a simple SSH client such as puTTY.



Reply to
Martin Kayes

should work but what i wouls suggest:

en configure terminal ssh outside write memory exit

and use Putty or SSH (freeware) client from

formatting link
Why Security reason


Reply to

PIX will by design not allow telnet to outside interface. Yes, you can configure it, but it will not work, and you will get this error in the log: "...packet is not an IPSEC packet." i.e. the PIX expects a SSH connection.

Setup SSH instead - and make a custom to do that for every firewall you setup, and telnet is considered a insecure protocol, and fx can easly bee sniffed and you firewall could be compromised as a consequence.

HTH Martin Bilgrav

"Guan Foo Wah" skrev i en meddelelse news:43ce626e

Reply to
Martin Bilgrav

Not -exactly-. PIX does not permit *cleartext* telnet to the outside interface. If you have a VPN established which includes the outside interface [i.e., the public IP] then you can telnet to the PIX over the VPN.

Reply to
Walter Roberson Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.