Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 506 Newb question

Status
Not open for further replies.
AGonzaga330

AGonzaga330

MIS
Apr 29, 2005
19
0
0
US
Ok here is my setup.
Please take it easy on me guys since I'm a newb with minimal experience in this field.
So...

PIX 506 connected to cable modem.
dhcp address on the outside interface
68.14.1.1 (make believe address)
Internal Server NAT 10.31.0.160
All other nodes are on the 10.31.0.0 subnet

I want to leave VNC port 5900 open on my PIX506 so I can access my network while I work but for only my company's external address so i'm not attacked by others..heehee

So lets pretend the company I work at's outside IP address is 69.32.1.1

Is there a way for me to access my network from 69.32.1.1 ?
I believe so.

SO i have created an access list with these rules.

access-list RulesForOutside permit tcp host 69.32.1.1 any eq 5900

access-group RulesForOutside in interface outside

Now...is it possible to port forward from my PIX's outside DHCP external address 68.14.1.1 to my NAT address 10.31.0.160 which is running VNC?

Any help would much appreciated. Sorry I suck at this but I'll never know if I dont ask.

Thanks fellas.
 
Sort by date Sort by votes
506 or 506e?

Either way, your best bet you be to configure a VPN on the PIX, so that you can access the entire network from the outside, and not have to open a port to the entire world that doesn't require authentication.

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
that would be cool but I have not a clue how to.
maybe i should look at cisco's website and learn.

Any other tips?

Thanks.

By the way its a 506
 
Upvote 0 Downvote
Does your 506 have PDM on it? The PDM offers a VPN Setup Wizard. Also the Cisco VPN Client does come with the firewalls as well.

In addition, Cisco offers very excellent configuration examples on their site for the PIX.

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
Sorry No it doesnt have PDM installed on it.
I was thinking about installing it but it seemed like a long proces.

Putty has been doing the job for me.

Is it worth installing PDM?

Wow another thing to learn huh?
Forgive my newb comments.

Thank you
 
Upvote 0 Downvote
cool. This still looks very confusing :(
One project at a time. HeeHee

Do you have a link for PDM? That would be great if I could configure my pix through GUI. Kind of like Linksys.

LEt me know...
THanks master :)
 
Upvote 0 Downvote
as far as I know PDM was shipped with the 506

you just need to issue the following commands..


http server enable
http location <inside network> <inside subnet mask>

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
Hmm...Ok I"ll try when I get home.

But don't you need Sun Java Client to be installed as well.

SOrry for all the questions...

 
Upvote 0 Downvote
no, just have JAVA capability.

In fact, the newer versions of Sun Java do not work with PDM.

Computer/Network Technician
CCNA
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
150
intel233
intel233
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
36
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
44
brownmab53
brownmab53
NoCoolHandle
  • Locked
  • Question
TLS 1.0 vrs TLS 1.1 vrs 1.2 connection strategy question
Replies
1
Views
45
ChrisHirst
ChrisHirst
quazimotto
  • Locked
  • Question
Correct Upgrade Path for PIX
Replies
7
Views
94
quazimotto
quazimotto

Part and Inventory Search

Sponsor

Back
Top