Cisco PIX 501 firewall question on the initial config
Posted on 2003-11-14
I previously worked with Cisco Systems TAC and configured it together with them.
I believe that they configured it correctly as did I.
Since that time we have sort of re-organized the existing network.
Now the network runs great, everyone can get out to the Internet fine.
They have Bell Atlantic T1 (384 kb Fractional T1 link)...provided by CTC in Mass.
That line goes to the Cisco IAD device which does the CSU/DSU functionality...as well as the digital phone system.
Then the Serial cable has a direct connection to the Cisco Router 1700 which acts as the default gateway. Then the Cisco router fast ethernet port/jack connects to the Ethernet Switch thru the
Ethernet cable.... Then the switch connects to 2 other Compex hubs.... and the users connect to either the Compex hubs or the switch..
I have the external public ip address setup for the Cisco Router as well as the Cisco PIX 501.
But the Cisco pix 501 was incorrectly physically living in another part of the building....
now it has been correctly physically moved to the network closet room.
My question is this since the ip address was setup correctly thru Cisco TAC support people...
and they have assigned it the public ip address, and the internal ip address.
The Cisco router does the NAT function and it works well.
Am I suppose to be able to ping the Cisco PIX 501 external ip address from the outside ?
I want to be able to remotely telnet or ssh into the cisco devices both the router and the pix firewall.
Right now, I do have access to telnet into the Cisco 1700 router remotely and gain access to it.
I want to do the same with the pix 501... I don't know the process to do this.
Cisco told me that I should not be able to ping the INternal ip address of the PIX firewall, which I completely understand.
But what is the process to be able to ssh into the PIX firewall ?
I would appreciate the help... Thank you,