Cisco PIX Firewall

[Smeglor]

Where do you get the downloads of the ACLs that are stated in the manual? Could find em on the Cisco site. Also, does anyone know how to creat an acl from the telnet command line when accessing the firewall? Trying to open ports for smtp, ssl, www, and ftp.

I don't know sir...I guess its broke.

 

[lullysing]

Usually it's done at the console level config. port forwarding is pretty easy to do on a pic, as long as you got detailed information about what goes where.



_____________________________
when someone asks for your username and password, and much *clickely clickely* is happening in the background, know enough that you should be worried.

 

[fberryman]

There realy are configuration docs on the cisco web site, but assuming your pix is setup to pass traffic already, ie; you have the statics, routes, and nat statements in place, adding acls is pretty easy.
access-list outside permit tcp host 1.1.1.1 host 2.2.2.2 eq any
This will let 1.1.1.1 do any tcp connection to 2.2.2.2
of cours, you have to apply the access list to a group, but we dont have room for all that here, like i said, if it is setup to pass traffic already and you just want to add a new rule, that is the format. If you use host, you dont need a mask, if you want to allow a subnet, it is 1.1.1.0 255.255.255.0 sort of a format. Version 6.3 allows you to build groups of services and networks and use them in rules, which saves a lot of typing.
Good luck

 

[Robnhood]

I have downloaded sample configurations, and manuals for PIX firewalls from the Cisco website.

Craig

http://www.SecurelySpeaking.com