Hello I am very new to cisco and pix firewall. I just configured the firewall and I can ping everything in the network though the firewall but I cant though dos or get the web.Heres a copy of my config. Thank you
PIX Version 4.3(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password encrypted
passwd encrypted
hostname badfirewall
fixup protocol ftp 21
fixup protocol http 80
fixup protocol smtp 25
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol sqlnet 1521
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
names
pager lines 24
logging timestamp
no logging console
logging monitor debugging
logging buffered debugging
logging trap debugging
logging facility 7
interface ethernet0 auto
interface ethernet1 auto
ip address outside 65.x.x.x 255.0.0.0
ip address inside 65.x.x.x 255.0.0.0
arp timeout 14400
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
conduit permit icmp any any
outbound 1 permit 0.0.0.0 0.0.0.0 0 tcp
apply (inside) 1 outgoing_dest
rip outside passive
no rip outside default
no rip inside passive
rip inside default
route outside 65.x.x.0 255.255.255.0 65.x.x.x 1
timeout xlate 3:00:00 conn 1:00:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
telnet timeout 5
mtu outside 1500
mtu inside 1500
floodguard 0
fragguard
sysopt security fragguard
PIX Version 4.3(1)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password encrypted
passwd encrypted
hostname badfirewall
fixup protocol ftp 21
fixup protocol http 80
fixup protocol smtp 25
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol sqlnet 1521
no failover
failover timeout 0:00:00
failover ip address outside 0.0.0.0
failover ip address inside 0.0.0.0
names
pager lines 24
logging timestamp
no logging console
logging monitor debugging
logging buffered debugging
logging trap debugging
logging facility 7
interface ethernet0 auto
interface ethernet1 auto
ip address outside 65.x.x.x 255.0.0.0
ip address inside 65.x.x.x 255.0.0.0
arp timeout 14400
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
conduit permit icmp any any
outbound 1 permit 0.0.0.0 0.0.0.0 0 tcp
apply (inside) 1 outgoing_dest
rip outside passive
no rip outside default
no rip inside passive
rip inside default
route outside 65.x.x.0 255.255.255.0 65.x.x.x 1
timeout xlate 3:00:00 conn 1:00:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
telnet timeout 5
mtu outside 1500
mtu inside 1500
floodguard 0
fragguard
sysopt security fragguard