Allowing telnet carves a hole in the firewall. Gil is right- tunnel to
tunnel VPN access & then going back to the firewall (from inside it's
protected domain), from an IP you approve for management (usually a server).
We also use encrypted dial-up boxes, along with remote power on supplies.
If the location is down, you can call the power supply (switch on the
modem), them setup a secure dial session to the firewall.
Phil
----- Original Message -----
From: "Gil Shulman" <[EMAIL PROTECTED]>
To: "'Frank Kim'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Sunday, February 11, 2001 6:56 AM
Subject: RE: telnet access to pix
> Hi,
>
>
> The PIX firewall doesn't support telnet through the outside interface,
> the exception to that is if the telnet session is through a secured
> connection via VPN & needless to say that you need to configure the telnet
> server to accept specific IP's.
> # In the future OS versions, as far as I know, it will be possible, it is
on
> Cisco's road map.
>
> Gil
>
> -----Original Message-----
> From: Frank Kim [mailto:[EMAIL PROTECTED]]
> Sent: ??? ???? 09 ?????? 2001 22:42
> To: [EMAIL PROTECTED]
> Subject: telnet access to pix
>
>
> Hey guys,
> I got eth0= security0 and eth1=security100. I'm able to telnet from the
> inside network. Is there any way for me to telnet from the outside? Pix
> has disabled this by default.
>
> -Frank
>
>
> _________________________________
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
