outbound protocols on PIX-515

[jcanfer]

I'm very new to Cisco kit and I need some clarification on how to allow outbound traffic on set protocols to pass through the firewall.

As I understand it, you set up an access list with a set range of ip addresses, you then use the outbound command to specify the protocol, then you use the apply command.

Could anyone give me an example for SMTP on port 25 just so I can verify my method?

Thanks

Jim

 

[Bluecrack]

This document explains the basic setup of the PIX running version 6.0.

For a simple 2 interface PIX, the following is a basic example of the config:

nameif ethernet0 outside security0
nameif ethernet1 inside security100
ip address inside 192.168.1.1 255.255.255.0
ip address outside x.y.z.1 255.255.255.0
nat (inside) 1 192.168.1.0 255.255.255.0
global (outside) 1 x.y.z.2
route outside 0 0 x.y.z.254 1
access-list outboundtraffic permit tcp any any eq 25
access-list outboundtraffic deny ip any any
access-group outboundtraffic in interface inside

I'm really tired at this point. I think this is correct. This setup should allow outbound access to on port 25 (smtp) and deny all other traffic.

Jason

 

[Bluecrack]

Sorry, here's the link:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_60/config/config.htm