OK, I assume that you have an access-server (i.e. Cisco 2509, 2511, 2600 with Async module) so that provide you with console access to other Cisco equipment. Sure, you can accomplish this with VPN. However, if you don't have VPN client software on your laptop (or you do not have either DES (free) or 3DES (not free) on the firewall itself), it won't work. The easiest thing to do (abeit with the least emphasis in security) is to use port-redirect telnet from the outside interface of the Pix firewall to your access-server like this: access-list 101 permit tcp any host 199.0.216.222 eq telnet static (inside,outside) tcp 199.0.216.222 telnet 10.1.1.1 telnet netmask 255.255.255.255 access-group 101 in interface outside where 199.0.216.222 is the outside interface of the pix and 10.1.1.1 is the IP address of your access-server you pix515 must be running version 6.0.x or higher for this to work..... Jay Dunn wrote:You can accomplish this with a vpn. Go to the cisco web site and do a search on vpn pix. It will return several links with configuration examples.
Jay Dunn IPI*GrammTech, Ltd. www.ipi-gt.com Nunquam Facilis Est -----Original Message----- From: [EMAIL PROTECTED] [mailto:nobody@;groupstudy.com] On Behalf Of Kevin Love Sent: Thursday, October 17, 2002 8:16 PM To: [EMAIL PROTECTED] Subject: Accessing Work Lab From Home Through PIX [7:55844] GroupStudy Team: I am fortunate enough to have access to a lab at work that I would like to access from home. We have a PIX 515 for our firewall at work. A friend has helped me configure the PIX so that I can SSH to it from home. But the PIX won't allow me to telnet to the lab equipment. Does anybody have experience configuring a PIX to allow a secure connection to a device on an internal network through the internet? Thanks! Kevin Do you Yahoo!? Faith Hill - Exclusive Performances, Videos, & more faith.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55875&t=55844 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
