zillah
asked on
PIX firewall and tab key, web based, ssh access
I have got couple questions regarding cisco pix firewall 525
1- pix at work was already configured to use telnet from 192.168.x.x to inside interface. I want to enable ssh instead of telnet , I want to enable ssh for all internal ip addresses (not only a specific one) to inside interface. Am I doing the right thing by using the command below :
ssh 0.0.0.0 0.0.0.0 inside
2- Shouldn't tab key work to complete a command when I do configuration ?I do not why I can not use it
3- Isn't there integrated Web-based management tool ( PIX Device Manager (PDM) ), how can I enable that to be used ?
Regards
1- pix at work was already configured to use telnet from 192.168.x.x to inside interface. I want to enable ssh instead of telnet , I want to enable ssh for all internal ip addresses (not only a specific one) to inside interface. Am I doing the right thing by using the command below :
ssh 0.0.0.0 0.0.0.0 inside
2- Shouldn't tab key work to complete a command when I do configuration ?I do not why I can not use it
3- Isn't there integrated Web-based management tool ( PIX Device Manager (PDM) ), how can I enable that to be used ?
Regards
ASKER
[quote]
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
[/quote]
mine is same :
Cisco PIX Firewall Version 6.3 (5)
Cisco PIX Device Manager Version 3.0 (4)
[quote]
Then enable access by adding similar to telnet and ssh:
http 0.0.0.0 0.0.0.0 inside
[/quote]
Do I need to enable http or https on the PIX ? , because as you have advised to use : "<== notice https not http" ?
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
[/quote]
mine is same :
Cisco PIX Firewall Version 6.3 (5)
Cisco PIX Device Manager Version 3.0 (4)
[quote]
Then enable access by adding similar to telnet and ssh:
http 0.0.0.0 0.0.0.0 inside
[/quote]
Do I need to enable http or https on the PIX ? , because as you have advised to use : "<== notice https not http" ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, this is correct.
You can also disable telnet to it by removing the telnet 192.168.x.x 255.255.255.255 inside
Tab key works in Cisco IOS on routers. PIX OS is not IOS and not all features are the same
Yes, there is a PDM GUI. What version PIX OS? "show ver" will tell you. PDM only works with 6.x
Show ver from mine:
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
PDM is already installed. If your output does not show the PDM version, then it may not be installed.
You install it almost the same way as updating the OS:
Assuming you have the pdm-xxx.bin image on your tftp server (you'll have to download from CCO if you don't)
copy tftp://1.2.3.4/pdm-304.bin flash:pdm
Then enable access by adding similar to telnet and ssh:
http 0.0.0.0 0.0.0.0 inside
To access the GUI:
https://<ip of pix> <== notice https not http