How To Configure Your PIX Firewall To Accept Telnet

How To Configure Your PIX Firewall To Accept Telnet

How To Configure Your PIX Firewall To Accept Telnet

The telnet command can be used to configure your PIX to accept telnet sessions. By default, it allows connections on the inside interface from the 192.168.1.0 network, as seen below:                                      

telnet 192.168.2.0 255.255.255.0 inside

Of course, if you change the IP address of the inside interface, you may have to change the statement above.

You can also allow access to the outside interface with a similar command. In the case below we’re allowing access from the network 64.251.19.0. I generally wouldn’t recommended this, but in some cases the need to do it is unavoidable. 

telnet 64.251.19.0 255.255.255.0 outside

As an added precaution, you can set the PIX to automatically log out telnet sessions that have been inactive for a period of time. Here is an example of a 15 minute timeout period. 

telnet timeout 15
How To Make Your PIX A DHCP Server

Enabling your PIX to be a DHCP server for your home network requires very few statements. First you have to enable the feature on the desired interface, which is usually the “inside” interface. The next step is to set the range of IP addresses the PIX’s “inside” interface will manage, and finally, you need to state the IP address of the DNS server the DHCP clients will use.

The default DNS address the PIX provides its DHCP clients is the IP address of the “inside” protected interface. If the PIX is configured to get it’s Internet IP address from your ISP, then the PIX will automatically become a caching DNS server for your home network. This means that in this case you don’t have to use the DNS statement. 

dhcpd enable inside
dhcpd address 192.168.1.20-192.168.1.30 inside
dhcpd dns 192.168.1.100