If you really want to create a loophole so you can telnet into the firewall from the outside, and you do not want to create a secure connection to it, you can place a dummy router (or other telnet ready device) on the inside, allow telnet to it from the outside, allow the device to telnet to the PIX, telnet to it and reverse telnet back to the PIX.
Hth, Ole ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.RouterChief.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NEED A JOB ??? http://www.oledrews.com/job ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -----Original Message----- From: MJ [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 1:35 PM To: [EMAIL PROTECTED] Subject: Re: PIX questions [7:37129] Hunt/Swapnil - You can not telnet to the outside interface. You will need to configure SSH. ""Swapnil Jain"" wrote in message news:[EMAIL PROTECTED].; > u dont need to add a conduit for telnet unless u have blocked port 23. > > just add > telnet ip_address [netmask] [if_name] > > to allow telnet from ip_address > > bye swapnil > > ""Hunt Lee"" wrote in message > news:[EMAIL PROTECTED].; > > Hi all, > > > > I have two questions about PIX 501, it would be great if someone can shed > > some light on this: > > > > 1) Currently, I'm using a software called RANCID to monitor and save > > configs for my works' routers.I know that RANCID uses a Clogin to get into > > the router, it then do a show running-config command to veiw the configs, > > and then backs it up. > > My question is, would PIX 501 supports Clogin? > > > > 2) Also, I know one can use "conduit permit icmp any any" to allow the > > PING packets to get thru the PIX. Would I be able to use a similar > command > > which will allow me to telnet from "outside network" into the PIX? > > > > Please help... > > > > Best Regards, > > Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37184&t=37129 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]