PIX 501 SSH

- B
- Bob Simon
  
  Contact options for registered users
posted
18 years ago

Fri, Dec 2, 2005 1:13 PM

One of my customers sent their PIX 506E to another office and bought a

501, which they asked me to configure. I used the console port to load the old configuration including a command to enable ssh from my notebook: ssh 192.168.0.201 255.255.255.255 inside

When I tried to connect to the PIX from the network, Putty flashed and then immediately terminated. However, I could telnet to it after enabling that. I'm wondering if the 501 uses a different version of SSH than the 506, which would require adjusting one of the SSH parameters for the saved Putty session.

- Y
- yfriend14424
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Fri, Dec 2, 2005 1:22 PM

It sounds like you need to generate an RSA key.

Joe

- R
- robert.szczepanek
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Fri, Dec 2, 2005 3:07 PM

Sometimes it does not work Try to OPEN PDM and then SSH and ssh extrenal.ip 255.255.255.255 outside ssh 0.0.0.0 0.0.0.0 outside ssh internal NETWORK.ADDRESS NETWORK.MASK inside

should be in your case

ssh extrenal.ip 255.255.255.255 outside ssh 0.0.0.0 0.0.0.0 outside ssh internal 192.168.1.0 255.255.255.0 inside

- M
- Martin Turba
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Fri, Dec 2, 2005 3:22 PM

snipped-for-privacy@yahoo.com schrieb:

For me, it also sounds like you did not create an RSA key:

---------- pix# conf t pix(config)# ca generate rsa key 1024 [...] pix(config)# ca save all pix(config)# exit pix#

----------

Regards, Martin

- Y
- yfriend14424
  
  Contact options for registered users
Vote on answer
posted
18 years ago

Fri, Dec 2, 2005 3:37 PM

PDM generates a temporary RSA key when you access PIX. When you log off PDM, the RSA key will go away, and the no connect problem will come back.

Joe