PIXCRIPT - a GUI utility for simple PIX configuration 3

[yizhar]

HI!

I am writing a GUI utility for configuring a PIX.
It's main idea is to help us find the commands we're looking for and the correct syntax.

The program is called PIXCRIPT and is freeware.
(runs on any Win32 client, single EXE with no install needed,
does not need the PIX itself for running).
I'm writing it for our company use, and to practice for my CSPFA exam this friday.

The current version (1.0 beta) has now most of the options I planned for
(interfaces, IP, gloabl/nat, static, ACL, logging, AAA)
and in the near future I plan to add VPDN and VPN-IPSEC support.

You are invited to download it for your own use,
and to send me your comments and any feedback.
I would especialy like to know if:
* The program is useful.
* The general design is/isn't comfortable.
* There are syntax mistakes or other faults with the PIX commands created by it.
* The program has this bug when you press that key...
* I should add this and that option which is commonly used...

Also some working configuration scripts with VPDN and VPN-IPSEC may help me add these options faster (I have linkes to CISCO samples, but you're experience can be a good addition).

Here is a direct link to the file
(the program itself is not yet described in the main page of my site):

http://teachers.sivan.co.il/yizhar/files/PIXCRIPT10b.zip

Here is a screen capture:

Your comments are welcome here in the forum, and/or to my email
yizhar@mail.com

Bye
Yizhar
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar

 

[Bluecrack]

yizhar,

Looks good. You might want to include some basic configuration checks. For example, the program let me do several things that are invalid in the pix config, as shown below.
-------------------
ip address outside 199.111.167.16 255.255.255.240
ip address inside 199.111.167.16 255.255.255.333
route outside 0.0.0.0 0.0.0.0 199.111.167.16
-------------------
Here the IP address is the same for both interfaces and the gateway address. Also the subnet mask for the outside address is invalid given the IP address. Also the 2nd subnet mask is not valid at all.

Overall, the layout looks good to me. I really like the syslog tab. Not that it is hard to setup the syslog but I think it is a well designed tab.

One other thing that is really useful is adding static routes.

Keep up the good work and good luck on CSPFA. I hope this helps.

Bluecrack

 

[yizhar]

HI Again, and thanks for the comment.

PIXCRIPT now supports VPDN PPTP configuration.

The current version is 1.1a .
It is available from here:

http://teachers.sivan.co.il/yizhar/files/CISCO/PS11a.zip

I'm working now on the IPSection and will hopefuly post here a new thread when done.

Comments and suggestions are welcome.

Bye
Yizhar
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar

 

[jela]

I don't want to be the guy of the bad news but, have you seen the new PDM (Pix Device Manager) ?
We are using it already for three months with a lot of pleasure ...

 

[yizhar]

HI!

Thanks, I know about PDM from ver 6.0.
Has it improved in newer versions?
Have they added VPN support?

It is not bad news, since I don't plan to make my living from freeware.

Thanks for your comments.

Bye Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar

 

[jela]

I've worked with 6.0.1 and the PDM without any problems and we've got a pretty complex config in our 525. Especially the documentaion options are ver usefull. There's no VPN support, I'am sure implementing this will be very complex.

Just a tip:
I've had big problems with the VPN support to 3.x client and the usage of Xauth. Right now there's a 6.1.1 version available which would have to solve this...

--
Jeroen

 

[Bluecrack]

Jela,

Can you describe the problem you've had with the VPN support for the 3.x client? We've had some intermittent problems with the VPN 3.x client and the PIX 6.01 version.

Thanks,
Bluecrack