The way their network is currently designed:
These guys only have around 20 servers. Some are purely internal (LAN, IS) and some are dmz (master DNS, sendmail gateway, company website, webapps for clients).
In theory, (i've only been here a few weeks at this job) they should block all incoming...
So what I am looking is this. A server in the DMZ is there for the purpose of sending data to the outside world. Instead of blocking all inbound and micromanaging ports per machine, I am looking at allowing all inbound to the dmz and then blocking some key ports (nfs, smb, etc).
In theory, any...
Here is the config. It has 3 admins worth of kruft in it. Beware. I have trying to create groups of hosts and services to clean things up a bit. Those are the only changes I've made.
-------------------------------------------------
PIX Version 6.3(1)
interface ethernet0 100full
interface...
A client of ours want to use a site-to-site vpn from their nortel 4600 to our pix 520 (6.3/3.0). They want to connect to a server in our DMZ but they have no route to the internet. Ergo, they have to establish a tunnel and we have to setup a translation so that the server they need access to...
I recently switched jobs and now need to cleanup the PIX at the new job. Unfortunately after 3 admins who only did enough to get it to work, it has quite a bit of kruft.
A. PDM shows a few null rules in the access list. Just delete them since they don't work anyway?
B. There is a permit rule...
The install went great. Yes, some things did break. But they were broken apparently to begin with. The 6.3 sanity checker did a good job. The firewall kept functioning correctly though since the broken things didnt affect its normal operation.
Then, pdm 3 was loaded. PDM helped fix even more...
Howdy, I was thinking about upgrading a 520 pix with 5.1 to 6.3. I checked the requirements and the unit is up to spec for running 6.3. However, I have never upgraded a unit from 5 to 6 and need to know if there are any gotchas?
Do I go from 5.1 directly to 6.3 or load an intermediate version...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.