Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 545
  • Last Modified:

Virtual telnet on a pix 515e

Hi,
I have a pix 515e with a vpn setup.
the vpn works just fine.
the problem is that when I connect to the vpn, I am not able to use CRT (telnet program).
I believe that this is do to not being able to auth through the pix.
I read about virtual telnet but not sure if this will work or how to set it up.
is this the right way to do this or is there a better way?
the box that I am connecting to is red hat.
Al
0
lacroix_al
Asked:
lacroix_al
  • 8
  • 5
  • 3
2 Solutions
 
lrmooreCommented:
If the VPN works, then you should be able to telnet to the redhat box with no problem.
Check the default gateway on the Redhat system.
Virtual telnet won't do you any good from the VPN
If you want to post the PIX config, I might be able to see something that can be changed to help your situation.
0
 
giltjrCommented:
Can you telnet to the RedHat box when local to the location of this server?  The most recent distributions of RedHat do not install telnet by default, they use SSH instead.

On the RedHat box do you have iptables setup as a firewall?  Does it allow the IP addresses in the VPN range to inbound?
0
 
lacroix_alAuthor Commented:
Irmoore
I will look at the defaulf gateway.
Why did you write that virtual telnet won't do me any good?
isn't virtual telnet used to auth the service?

giltjr
I can telnet to the red hat box from inside the network.
I didn't setup the red hat box.
where would I look for the iptable?
That would make sence being that the VPN addresses are dif.

Thanks
Al
0
Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

 
lrmooreCommented:
When you VPN in, you bypass all the access-lists, statics, etc that are required for virtual telnet sessions.
0
 
giltjrCommented:
Are you the now current admin for the RedHat box?
0
 
lacroix_alAuthor Commented:
irmoore
so what you are saying is that once connected to the vpn, everything should work as if sitting at a PC on the lan but slower. yes?

giltjr
yes, I am the current red hat admin.
I have just taken over the network but I know little about red hat.

Al
0
 
lrmooreCommented:
Yes, exactly. You are just another node on the network, albeit with a different subnet IP address.
0
 
giltjrCommented:
Here is a How to for iptables:

http://www.linuxguruz.com/iptables/howto/iptables-HOWTO.html

But to start with logon as root (or su or do sudo) and enter:

     /sbin/iptables -L

The output should show you what filters you have setup, if any.
0
 
lacroix_alAuthor Commented:
irmoore
thanks

giltjr
I'll go try this

thanks
Al
0
 
lacroix_alAuthor Commented:
Ok
so I just got the username and password to get into the box.
it turns out that it is a SCO unix box.
does this change anything or everything?
AL
0
 
lacroix_alAuthor Commented:
Ok
I used ifconfig -a
output
net1 192.168.254.100 netmask ffffff00 broadcast 192.168.254.255

I don't see that the default gateway is set.
is there another command that will work?
Al
0
 
giltjrCommented:
Yes, SCO Unix makes a difference.  I am not really familure with SCO Unix, so I am not sure what type of IP filtering it uses.  It may have iptables, it may not.

To see the routing table you should enter the command: netstat -rn

0
 
lacroix_alAuthor Commented:
yes I figured it out
it was the default gateway
I used the command add route default <ip address>
It fixed the problem
Thanks for all your help
Al
0
 
lacroix_alAuthor Commented:
I awarded the points because you both answered my questions.
It wasn't your fualt that I gave incorrect info.
Thanks
Al
0
 
giltjrCommented:
Glad we could provide some information and glad to see you got it working.  One thing,  I am not sure in SCO Unix how you define routes so that they stay across re-boots.  I don't think that add route will not stay across boot.

http://www.tek-tips.com/faqs.cfm?fid=1436

This may give you some ideas of where to look.
0
 
lacroix_alAuthor Commented:
ok
Thanks
Al
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

  • 8
  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now