AAA SSH at pix 7.0

PIX Version 7.0(1)

names

!

interface Ethernet0

nameif outside

security-level 0

ip address 172.29.6.1 255.255.255.0

!

interface Ethernet1

nameif inside

security-level 100

ip address 10.10.10.10 255.255.255.0

!

interface Ethernet2

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet3

shutdown

no nameif

no security-level

no ip address

!

enable passWord 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

hostname srkhan

domain-name tcy.com

FTP mode passive

pager lines 24

mtu inside 1500

mtu outside 1500

no failover

monitor-interface inside

monitor-interface outside

asdm image flash:/asdm-501.bin

no asdm history enable

arp timeout 14400

route outside 172.29.0.0 255.255.0.0 172.29.6.254 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server aaasrv protocol tacacs+

aaa-server aaasrv (outside) host 172.29.1.143

key cisco

aaa authentication ssh console aaasrv

aaa authentication enable console aaasrv

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp

telnet 172.29.0.0 255.255.0.0 outside

telnet 172.29.0.0 255.255.255.0 outside

telnet timeout 5

ssh 172.29.1.0 255.255.255.0 outside

ssh 172.29.0.0 255.255.0.0 outside