可以从外网也可以从内网telnet到PIX上,从内网简单,不过从外网得作vpn,麻烦一些,也能用SSH 远程管理。
从内网telnet:
telnet 192.168.1.2 255.255.255.255 inside
从外网telnet:
Step 1 Set up IPSec by entering the following commands:
isakmp policy 10 authentication pre-share isakmp policy 10 group 2 isakmp enable outside crypto ipsec transform-set esp-des-md5 esp-des esp-md5-hmac crypto dynamic-map dynmap 10 set transform-set esp-des-md5 crypto map mymap 10 ipsec-isakmp dynamic dynmap crypto map mymap interface outside
Step 2 Set up an IP pool for the Telnet session by entering the following commands:
ip local pool tnpool 1.1.1.1-1.1.1.1
Step 3 Set up Telnet access by entering the following command:
telnet 1.1.1.1 255.255.255.255 outside
Step 4 Set up the VPN group for the remote Telnet user by entering the following commands:
vpngroup telnet address-pool tnpool vpngroup telnet password 12345678 sysopt connetion permit ipsec
Step 5 Setup the VPN client authentication by entering the following commands:
group telnet password 12345678
现在就可以从cisco client上telnet。 |
