This document assumes you've performed initial setup via telnet from the internal network and have changed the hostname from the default. Also, you have enabled NAT/PAT and password protected ssh access. The hostname should also be published via dns.
To login via secure shell, type:
ssh pix@yourpixhostname.tld -enter-
Enter password when prompted (there will be no echo text) -enter-
The prompt looks like this:
'yourpixhostname>'
Switch to privileged mode by typing 'enable' -enter-
Enter password (you will see stars echoed at the prompt) -enter-
Prompt now looks like this:
'yourpixhostname#'
To allow outside access to an internal server is a two step process.
- allow traffic onto the outside interface
- tell that traffic where to go from the inside interface to the asset inside the network.
You must now enter terminal configuration mode.
Type: 'config t' -enter-
Password etc.
Prompt now looks like this:
'yourpixhostname(config)#'
To see the running config type: 'sho running' -enter-
To see the saved config type: 'sho config' -enter-
To setup an access rule for the port you want to forward inside the network.
type:
'access-list remote permit -proto- any interface outside eq -port-
-proto- = network protocol to allow, eg 'tcp'
-port- = port you want to allow, eg '25'.
Then setup the forward, type:
static (inside,outside) -proto- interface -port- -internalIP- -port- netmask -netmask- 0 0
-internalIP- = internal IP address of the internal server
-netmask- = netmask of the internal server
Type 'wr mem' -enter- to save to config file
Type 'exit' -enter- to exit the config terminal mode
Type 'exit' -enter- to exit privileged mode.
Type 'exit' -enter- to disconnect the ssh session.
Enjoy!
