Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Cisco PIX 501 won't allow SSH

Posted on 2009-05-09
Medium Priority
Last Modified: 2012-05-06
Our non-profit has a small network of clients that use our access to the Internet and we use the PIX to segregate their network from ours.  All is working except I cannot SSH into the PIX device.  I believe the necessary statements are in place but I can't log into it. (Putty) SSH rejects my login but I'm certain I'm using the correct username and password.  I can't see anything in my log either that would point out the problem; perhaps the logging isn't setup correct either. Any suggestions would be most helpful as I've spent a lot of time looking at the configuration and Internet postings.  I'm trying to SSH in from a PC on the 172.16.2.x network (directly attached to the PIX outside network.) Thank you.
PIX Version 6.3(4)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password aDU/SenosGi/7GR2 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname Ph1ier
domain-name xxx
clock timezone EST -5
clock summer-time EDT recurring
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
name ComputerCenter
name VineStreet
name Vonlouhr
name IntakeOffice
name HaddOffice
name Internet
name Sulley
name AP
name gateway
object-group network AA
  network-object VineStreet
  network-object ComputerCenter
  network-object IntakeOffice
  network-object HaddOffice
  network-object Vonlouhr
object-group network AllowedACHA
  network-object Sulley
access-list inside_access_in permit icmp any host
access-list inside_access_in permit ip any host
access-list inside_access_in permit ip any host Sulley
access-list inside_access_in deny ip any object-group AA
access-list inside_access_in permit ip any any
access-list outside_access permit ip any object-group AA
pager lines 24
logging timestamp
logging console debugging
logging buffered debugging
logging history debugging
mtu outside 1500
mtu inside 1500
ip address outside
ip address inside
ip audit info action alarm
ip audit attack action alarm
pdm location Vonlouhr outside
pdm location ComputerCenter outside
pdm location IntakeOffice outside
pdm location VineStreet outside
pdm location HaddOffice outside
pdm location outside
pdm location Internet outside
pdm location Sulley outside
pdm location inside
pdm location outside
pdm location outside
pdm location outside
pdm location AP inside
pdm location outside
pdm group AA outside
pdm group AllowedACHA outside
pdm logging informational 100
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0 0
access-group outside_access in interface outside
access-group inside_access_in in interface inside
rip inside default version 1
route outside gateway 1
route inside AP 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http server enable
http Vonlouhr outside
http ComputerCenter outside
snmp-server host outside
snmp-server location hereio
snmp-server contact Glenjamin
snmp-server community xxxx
snmp-server enable traps
floodguard enable
telnet Vonlouhr outside
telnet ComputerCenter outside
telnet timeout 5
ssh Vonlouhr outside
ssh ComputerCenter outside
ssh timeout 30
console timeout 0
dhcpd address inside
dhcpd dns
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd enable inside
username administrator password Y.BiSvM.RMx5AQYI encrypted privilege 15
terminal width 80
: end

Open in new window

Question by:ejefferson213
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 79

Accepted Solution

lrmoore earned 2000 total points
ID: 24346509
Try using "pix" for the username and the enable password?

Author Closing Comment

ID: 31579802
That was it. Thank you very much.  Strange that you don't see it in the configuration; guess it's built in.  

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question